Tuesday, November 14, 2017

ALCF and ALCMI: Who They Are and What They Do

We are about halfway through Lung Cancer Awareness Month and I would like to offer some information about a fantastic organization. If you are reading this, you likely know about this group. But, even if you do, I encourage you to sit back with your favorite beverage and take a few minutes to watch the video at the end of this post.

When supporting any cause or charity with a financial gift, prudent questions are “Where does the money go?”“How effective is the organization?”“Is it worthy of my support?”, "What are they doing?", "What have they done?" I ask these questions myself before choosing to financially support any charitable cause.

This video, narrated by their Senior Director of Patient Services and Programs, Danielle Hicks, does an excellent job of answering these questions for The Bonnie J.  Addario Lung Cancer Foundation (ALCF).

I met the Addarios shortly after my mother died in 2007.  I was immediately struck by their sincerity, warmth - and tenacity.  But, I was also impressed by their team and how they were attacking the lung cancer problem with intelligence and professionalism.  In 2010, The Joan Gaeta Lung Cancer Fund proudly became an affiliate of ALCF.  And, since 2012, those of you in Georgia have been able to order Lung Cancer Awareness License Plates - a first in the United States.  85% of the annual tag fee goes to ALCF’s research institute.

You can also donate directly to ALCF via this link.  Please to watch the video and consider a donation during this important month.

Thank you.


Monday, November 13, 2017

Kerio Control for the Yacht and Vessel Industry - The Perfect Fit

There are unique internet connectivity challenges on a yacht:
  • You're moving....on water!
  • Necessity varies by role.
  • Speed and capacity vary.
On a yacht, no physical wiring provides a consistent connection. You are entirely reliant on wireless technologies. Furthermore, internet resources can be scare as your location becomes more remote. In terms of speed and connectivity type, you might be in port with WiFi access, along the coast with 3G/4G/LTE signals, or out on open sea with nothing but VSAT available to you. As you move, these connections may come and go arbitrarily - causing disruption in service. Looking at this another way:  not only to connections coma and go; but, when they do, the speed and bandwidth go with them!

The slower the connection, the more contention there typically is. That is often unacceptable to certain audiences. You typically have a varied audience onboard the ship at any given time. The more important the person or persons, the greater the need for availability and speed. Groups may include emergency equipment onboard, the owner(s), VIPs, officers, crew, guests, etc.

Kerio Control is the perfect solution for this industry.
  • Firewall, Router, IPS/IDS
  • Anti-Virus
  • Web & Content Filtering
  • QoS
  • Usage Reporting
  • Secure VPN
  • Flexible Deployment
  • Simple to use.
Kerio Control excels in:
  • User and Device Groupings
  • Load Balancing and Traffic Rules
    • Three Use-Case Scenarios (VIP on board)
    • Drawbacks
    • Alternatives
    • Rapid Configuration Changes (3rd-Party)
  • Bandwidth and Time Management
  • Reporting

User and Device Groupings
Using a group approach, everyone needs to identify themselves with a userid and password.  An IP Address approach allows you to set up a VLAN, for example, that owners my use at all times.  That way, there is easy identification.

CLICK FOR LARGER IMAGE

Load Balancing and Traffic Rules
"Per Host" is preferable to "Per Connection" when you have multiple internet links.  Otherwise, it can look like you are executing a DoS attack. Destination websites and applications prefer to have client/visitor requests come from the same IP address.  If they see multiples (from all three interfaces), they may falsely assume there is an attack underway.  Maintain communication through a single link throughout the session using "Per Host" balancing.

CLICK FOR LARGER IMAGE

Scenario 1:  In port with a VIP present.
With the initial load balancing scheme in Interfaces, the entire audience has five chances to end up on WiFi while at Port - one chance for 3G and one chance for V-SAT.  Ideally, you provide VIP’s with WiFi any time it’s present (and reliable) and then balance the load of remaining groups using the weighting scheme within Interfaces.

CLICK FOR LARGER IMAGE

Scenario 2:  Coastal with VIP Present
When WiFi drops, the previous traffic rule still tries to push VIP traffic through the enabled WiFi VIP Traffic Rule.  The Weight of one for both 3G and V-SAT then results in a 50/50 distribution of VIP traffic (WiFi is down).  This is because the Traffic Rules are evaluated from top-down and our WiFi rule is a match, so no other rules are evaluated.  To force VIP’s through 3G, you have to disable the VIP WiFi rule in Traffic Rules.

CLICK FOR LARGER IMAGE

Scenario 3:  Open Sea with VIP Present
When both the WiFi and 3G become unavailable, our 3G Traffic Rule is still enabled and tries to force VIP’s through 3G.  Interfaces determines that 3G is down and will automatically push VIP traffic to V-SAT (the only available link).  In other words, it makes no difference if the VIP WiFi or 3G Traffic Rules are enabled as only one Interface (V-SAT) is active.

CLICK FOR LARGER IMAGE

Drawbacks to Scenarios 1 through 3
Because the weighting scheme is still in play for all other traffic (other than VIP’s), you end up with a somewhat undesirable situation where large amounts of Officer & Crew traffic is routed through the most desirable links/interfaces.  It may be desirable to fully reserve the desirable link/interface for the highest priority group (VIP’s for example).
CLICK FOR LARGER IMAGE

Alternative Solution:  Tie Groups to Interfaces
This will push ALL traffic through V-SAT…unless there is a Traffic Rule that specifies otherwise.

CLICK FOR LARGER IMAGE

Here, we’ve used Policy-Based-Routing to override the Interface load balancing scheme that routes all traffic through V-SAT and instructed Kerio Control to push VIP Traffic through WiFi (if available) or 3G (if available).  Officers, Crew, etc. will NEVER go through WiFi or 3G in this case.  Only through V-SAT.  VIP’s will ONLY go through V-SAT if the other links are down.  

CLICK FOR LARGER IMAGE

Example:  Rapid Configuration Changes (3rd Party)
I mentioned that it is desirable to disable some traffic rules occasionally when they are forcing specific traffic through an interface which no longer has a reliable Internet connection.  

KNAVAL is an iPad app that was developed by a 3rd party (Freelands in Italy).  It allows you to rapidly turn interfaces and traffic rules on or off by swiping between up to 4 different modes.  Port, Coastline, Open Sea, and Custom.  You can see the app in action in the bottom right and the results on the Kerio Control server within the browser window on the left.  All configuration changes are initiated from the iPad.

Bandwidth and Time Management
Kerio Control offers other ways to limit or reserve bandwidth on multiple interfaces.  Here’s an example of some QoS rules.  Rules are evaluated top-down and applied if there’s a match.  If no match, the next rule is considered, and so on until the list is exhausted.

To configure this, define the speed of your interfaces, define the type/source of traffic that your rule will apply to, whether you are setting a minimum amount of bandwidth (reserve) or setting a maximum amount of bandwidth (limit) rule, what interfaces does it apply to (all, Wifi, 3G, VSAT, etc.), and during what time (if applicable).

Let’s look at the 2nd rule in detail.

CLICK FOR LARGER IMAGE

If there is no traffic from Owners/VIP’s or Officers AND no VPN or Email traffic from any group – even during the Monday & Friday meeting times.  The Crew would *could* consume the full bandwidth just watching YouTube videos.

The reservation rules are only enforced if there is actually a contention/demand situation.

CLICK FOR LARGER IMAGE

Reporting
This is USER-based reporting rather than device-based.  It doesn’t matter if I use one device or 10 devices.  All of my traffic will be aggregated into my user profile statistics.

CLICK FOR LARGER IMAGE

To learn more, contact me today!

Wednesday, November 1, 2017

Remember November

November is National Lung Cancer Awareness Month in the United States.
Learn more and please consider a donation.

Tuesday, October 10, 2017

GFI Software strengthens email security for SMBs with the launch of GFI MailEssentials v. 21

The new version of GFI MailEssentials improves email security for small and medium-sized businesses.

Austin (TX), USA, October 5, 2017- GFI Software, the leading provider of security and communication solutions unveiled today new antivirus (AV) engines Cyren and Sophos for GFI MailEssentials v. 21, the award-winning email security gateway. The AV engines in the latest release bring improved ability to identify and contain intrusion through email messages, better protecting small and medium-sized businesses.

The software’s veteran AV Avira has also been updated and will become the default antivirus replacing  VIPRE AV. Cyren has been introduced as a new optional AV engine, while Sophos will replace McAfee.
“We are continually reviewing our antivirus and technology within our products, and we are making updates so that we are using best-in-class protection to keep our customer’s emails safeguarded and secure. With the addition of the new antivirus engines we are better able to prevent malicious system attacks,” said Heather Paunet, VP Product Marketing of GFI Software.

Despite the technology advances in GFI MailEssentials v. 21, GFI has managed to remain competitive with pricing; providing the three AV engines: Avira, Cyren and Sophos within the same pricing structure.
In addition to the new more powerful AV engines in the v. 21 launch,  licensing capabilities will be easier to manage by integrating all licensing in one location, including license key updates.

The updated GFI MailEssentials v. 21 will continue to offer a wide spectrum of anti-spam filters and a multi antivirus approach to security at a 99% protection rate with zero false positives; all of which are the key features GFI MailEssentials is known for. The new version of GFI MailEssentials will automatically upgrade antivirus for licenses under active subscription.

For product downloads and more information about the release, visit the GFI MailEssentials page.

###

About GFI Software

GFI Software, part of the ESW Capital group of companies, develops right-sized, smartly engineered IT solutions for businesses of all sizes. Our solutions enable IT administrators to easily and efficiently discover, manage and secure their business networks, systems, applications and communications, regardless of their location. GFI Software is a channel-focused company with a network of thousands of partners worldwide. We have received numerous awards and industry accolades, and are a long-time Microsoft® Gold ISV Partner. For more information about GFI Software, our products, and success stories of our customers from over 120 countries, please visit www.gfi.com.

Wednesday, September 27, 2017

Should I deploy monitoring software on my servers?

by Casper Manes

NOTE:  This article was originally published by Casper Manes on GFI Software's "TechTalk" blog on Sep 21,2017.

How do you monitor what goes on within your infrastructure? Do you gather logs, use SNMP, query WMI, or do you deploy agents that report in? There are almost as many ways to monitor servers as there are things on servers to monitor, but in today’s post we are going to look at two main schools of thought to discuss the pros and cons of each. On the one hand, we’re consider the in-built monitoring capabilities of modern operating systems. On the other hand, we will look at what deploying agents or other third-party software can do for you. In the end, hopefully you will have enough to make a qualified decision on which way you want to go.

Why monitor?

It’s a valid question. Why should we monitor our servers? Won’t we notice when things go badly, before they become a problem? The answer to that is probably “not really, at least, not before it’s too late!” Admins who think they can just react when things fall down and go boom, or who feel they can check all their servers every day the good old fashioned way, by logging onto them, are either crazy, reckless, insomniacs, or they don’t have enough servers to actually be considered sysadmins. You need to monitor your servers for resources, performance, and errors, as well as monitoring the apps they provide. Consider a file server. What happens when it runs out of space? Or an email server that can no longer send emails because there’s a problem with a connector, or DNS? What about any server running at 100% CPU utilization? How responsive do you think it will be to your users? There’s more to monitoring though, as anyone who has had a disk fail can tell you. Most disks start to throw errors long before they go code brown. If only you had a way to notice those errors before it was too late!

What should we monitor?

For any server, running any operating system, I like to start with what I call the “big four.” That’s CPU utilization, available Memory, free Disk space, and Network utilization. C-M-D-N. Any server, providing any services or running any app, and no matter what operating system it is running, will need to have sufficient resources to meet both normal and peak loads, so monitoring those critical resources gives you a good snapshot of overall server health. Then of course, you need to monitor the application logs for whatever it is the server is providing. You also want to keep up with any patching and updates, as well as how antimalware software is doing. Finally, and perhaps most importantly, you want to know how things are going from a security perspective, by keeping an eye on both the logon successes and failures, as well as privilege use. You can get much more granular, depending on the app, so you will want to consult the vendor guidance for whatever app or service you are running. Whether it’s included services like DHCP or IIS on Windows, or the SMB server in Linux, or complex ERP applications from third-parties, each will have recommendations on what to watch and to watch out for.

What’s there in the O/S?

Most operating systems have pretty solid built-in monitoring. Windows has it’s Event Logs, Performance Monitor, and Resource Monitor, and can take actions when certain triggers are hit. Windows also includes the ability to centralize data from the Event Logs using subscriptions, so that you can gather logs from multiple systems in one place. That way, you don’t actually have to log onto each of your servers. Rounding out Windows Event Logs is Log Parser which, while over a decade old, is still a pretty good tool for ripping through lots of logs in a hurry. Of course, Windows also offers a variety of APIs and ways to query the operating system and services including Windows Remote Management, WMI, and remote PowerShell. Whether you want to roll your own, or search online for scripts others have created, if you have some time and are willing to work through some debugging and tweaking, you can do a ton of monitoring without buying anything extra, or installing anything extra on your servers.

Linux has several CLI tools for monitoring, and the syslog facility for reporting/gathering logs from multiple systems. You can configure your Linux boxes to send syslog messages to a central Linux server running syslogd, and of course you can start up syslogd on a Linux box to receive those feeds, as well as syslog messages from routers, switches, firewalls, and more. It’s helpful to use some application to automate the review of all those logs, but even manually parsing them is an option. With them all in one place, it’s easier than connecting to each system one at a time.

And of course, both Windows and Linux support SNMP. While you will need some SNMP monitoring system to query systems and receive traps, all you have to do on both Linux and Windows to use SNMP is start it up and configure it. It’s an optional feature of both operating systems.

The biggest benefits to using what is already in the operating system is that, for the most part, it’s already there. You might have to configure it, but you don’t have to install it, nor will you need to patch it separate from patching the operating system itself.

Of course, you get what you pay for, and while the operating systems are great values, the bells and whistles in what is included for monitoring are not as much. They provide the basics, but will do little on their own to alert you to problems, forecast things for you before they become problems, and reporting? Forget about it. Unless your management likes to read text files, you will spend a lot of time taking all that great information and putting into formats the boss can understand.

What about agents?

There are lots of third-party tools out there that can install agents on both Windows and Linux systems and use a central system to query those agents to keep an eye on things. They can monitor the big four, check the status of running services, review logs, and check the health and performance of other software running on these systems. These agents typically are bundled with monitoring software…it’s not the agents you are paying for, but rather that automation in alerting and reporting that simply relies upon the agents. Those agents, in addition to needing to be installed, may need to be granted additional privileges or permissions to function fully on a system, and they will also need to be patched/updated as appropriate. With a good third-party patching solution like GFI LanGuard you can patch a lot of third-party apps, but those agents monitoring solutions require are typically not on that list. And as a general rule, those agents require more CPU cycles and more RAM, making their resource costs a factor.

Finally, while there are lots of applications that use agents for Windows systems, the same cannot be said for Linux. If you’re a Windows shop that may not be a consideration, but if you run a mix of Windows and Linux, you may need to consider this, and either narrow your choices, or have to monitor different systems in different ways.

Which way should we go?

Ultimately, you need to determine what will work best for you, and provide you with what you need. If you like to write or alter others’ scripts, and have the time to do that, what’s in-built to both Windows and Linux may be all that you need. Between remote PowerShell or WRM for Windows, and SSH into Linux, you can probably automate most of the queries you need, and then by tailing a log file, have a process that takes action like sending you an email alert if things look bad. Or, you may already have a SIEM or other monitoring application that, rather than relying upon agents, works with what is already in the operating system. To me, that’s the best possible approach. But if you are looking for more automation and reporting with less work required to set it up, and you need a complete solution running right now, purchasing a turn-key solution that relies upon agents may make sense to you. There’s only so many hours in a day, and work-life balance quickly disappears if you have to stay up all night trying to cobble together code. A solution that provides forecasting, reporting, alerting, and pretty reports for management may be well worth the extra RAM and CPU cycles, as well as the money, it will cost to get going.

Ultimately, you need to determine what, for you, is required, and from that you can start to look at options that meet those requirements. Evaluate them on their costs, resource requirements, ease of implementation and upkeep for you and your team, and pick what makes sense for you. Hopefully the above gives you more to consider and will help you with making the right decision for you.

Friday, September 15, 2017

GFI MailEssentials Overview and Latest Release - Live Webinar Tuesday, September 26th.

Join GFI's upcoming webinar on GFI MailEssentials.  

Tuesday, September 26th, 2017
1:00 pm to 2:00 pm Eastern

At the end of the webinar, there will be a Q&A session.
We look forward to having you!

Register HERE.  


Thursday, August 31, 2017

Kerio Control Overview - Live Webinar October 24th

Join GFI's upcoming 60-minute webinar on an overview of Kerio Control.  

Tuesday, October 24th, 2017
1:00 pm to 2:00 pm Eastern

At the end of the webinar, there will be a Q&A session.
We look forward to having you!

Register HERE.

Unified Threat Management Without Complexity. Protect your network from viruses, malware and malicious activity with Kerio Control, the easy-to-administer yet powerful all-in-one security solution. Kerio Control brings together next-generation firewall capabilities -- including a network firewall and router, intrusion detection and prevention (IPS), gateway anti-virus, VPN, and web content and application filtering. These comprehensive capabilities and unmatched deployment flexibility make Kerio Control the ideal choice for small and mid-sized businesses.


Tuesday, August 22, 2017

Kerio Control 9.2.3 Now Available

The latest version of Kerio Control version 9.2.3 is now available for download.

This new version of Kerio Control brings fixes for customer reported issues including a Security Settings error and a possible loop that resulted in the CPU locking.

Our focus for this release was on product quality to ensure customer satisfaction and to prepare the product for future improvements.

For more information and to upgrade Kerio Control, visit the Kerio Control Downloads page.
If you have additional questions about these changes, please do not hesitate to contact me or an authorized GFI Partner directly.

Monday, August 14, 2017

A new way to donate....

The Joan Gaeta Lung Cancer Fund
​​Lung cancer matters, too. Nobody deserves it. And, you do not have to smoke to get it. Lung cancer kills more people than breast, prostate, colon, liver, kidney, and melanoma cancers combined. Yet, it receives a mere fraction of the ​attention and research funding. We are fighting to change this. 

Please help us in our continuing effort..... Donate today.

Friday, August 4, 2017

Try GFI Archiver today! 30-Day Free Trial.

GFI Archiver: Email and file archiving in the same solution
Your business email and files contain key communications, confidential financial records and a host of other valuable business intelligence. If this data is deleted, lost or stolen, the consequences can be costly: Fines, legal troubles and a loss of customer trust are possibilities.

GFI Archiver enables you to automatically store all company emails and files in a central, secure environment that can be accessed quickly and searched easily.
With GFI Archiver, you can:
•Archive emails, files and calendar entries in one central, secure location without relying on third-party storage providers.
•Share files and folders, and automatically synchronize files between machines by using the File Archive Assistant (FAA)
•Improve productivity and reduce storage costs by eliminating the need for PST files and keeping just one central copy of an email and its attachments.
•Help with compliance and reduce legal risk with a complete, tamper-proof archive of all company email.
•Improve server performance and offer virtually unlimited mailbox size by maintaining your email history in a separate database.
•Identify business issues from the data in your email archive with the built-in MailInsights® reports.
•Grant “anytime, anywhere” access to business-critical emails instantly via laptop, smartphone or tablet.
Take advantage of these benefits by registering for a free 30-day trial. You can also contact us at sales@gfi.com. to speak with a product specialist about how GFI Archiver can meet your company’s specific needs.
Try GFI Archiver FREE for 30-days
Get my FREE trial

Friday, July 7, 2017

Check out GFI's TechTalk blog today...

TechTalk powered by GFI Software an information hub with the latest research and security news, informative videos, checklists and other articles covering IT topics for sysadmins and IT enthusiasts.

Here’s what you’ll find in each category:

GFI PatchCentral: Get all the Microsoft Patch Tuesday updates, third-party patch updates and any other patch news from IT expert, Deb Shinder.

Tech Zone: If you’re a sysadmin – this is your treasure throve! In this zone you’ll find cheat sheets, how-to articles, guides on free tools, tech updates and posts from tech experts!

SMB Zone: Not everyone is as tech savvy as a sys admin but there are many enthusiasts and business owners who have a keen interest in technology. If you’re one of them then this section is for you – from the latest trends and technologies for businesses, to surveys and more.

Team GFI: Get to know us a bit better in this section with news on the latest team activities and events, voluntary work and other behind-the-scenes updates at GFI.

Don’t forget to subscribe to our RSS feed and be the first to receive our updates!
Disclaimer:  All product and company names herein may be trademarks of their respective owners. To the best of our knowledge, all details were correct at the time of publishing; this information is subject to change without notice.

Wednesday, May 31, 2017

Red Devils Battle Opponents and Weather Early


The 12U Red Devils began their Road to Cooperstown the weekend of May 26-29 playing in two Atlanta-area All-Star tournaments, the Southeastern All-Star Championship in Douglasville and the Hobgood Memorial Day Warmup in Woodstock.  The team did just about everything asked of them, going 6-0 in pool play and gaining the #1 seed in both tournaments heading into bracket play.  Unfortunately, Mother Nature hasn't cooperated, with both Sundays cancelled due to heavy rain.
 
In Douglasville, the team delivered on its goal of making Every Moment Count.  The team didn't trail all weekend, and outscored their 3 opponents from Carroll County, Winston, and Acworth by a combined score of 35-2.  The Devils brought their bats with them, totaling 37 hits led by 6 from Cullen Riel and 5 from Alexandru Grama, while Noah McMahon delivered timely hitting, leading the team with 6 RBIs.
 
The pitchers were as dominant as the batters.  McMahon, Riel, Creighton DunbarJackson Cheek and Paul Gaeta combined to give up a single earned run all weekend, while tallying 16 strikeouts against only 3 walks.  Minimizing defensive miscues is a primary focus of the team this summer, and the team got off to an adequate start, committing only 3 errors all weekend.
 
In Woodstock, the team picked up right where they left off the week before, steamrolling the Sandy Plains Cougars 10-0 in the opener.  Santos Miranda led the hit parade with 2 hits and 3 RBIs, including his first home run of the summer.  Riel, Aaron DeCarlo, and Gaeta were a lone hit short of throwing a perfect game on the mound, baffling opposing hitters for 9 Ks, including 5 from DeCarlo.
 
The Devils entered Saturday facing a step-up in competition, with games against the best of Alpharetta and Hobgood.  Despite its coaches warning against getting too comfortable in its 4-0 shoes, the team got off to a slow start facing the high-quality play of the Raiders, and found themselves down 6-0 after 3.5 innings.  Wake-up call received, the team responded to tie the game with 6 runs in the bottom of the 4th, led by a timely 2-run double by Donovan Parker. After Dunbar recorded a 1-2-3 top of the 5th on the mound, the Devils took control with a clutch two-out RBI single by DeCarlo, followed by a 2-run homer by Grama.  Gaeta continued to emerge as a reliable closer for the team, and shut the door for a 9-7 final.
 
In the second game of the day, the Devils faced a fired-up host, the Hobgood Heat.  Despite Grama leading off with his second homer of the day on the game's first pitch, good pitching and defense was expected, and delivered, as the teams were tied 1-1 after 3 innings.  However, the Devils took control in the top of the 4th, plating 7 runs. Following RBI singles by McMahon and Parker, the Devils loaded the bases.  They then surprised the Heat with two steals of home by Gus Molnar and Miranda in exciting fashion to break the Heat's spirit, and rolled from there to an 8-4 win. 
 
For the tournament, the boys pounded out 25 hits, and 8 pitchers combined for a 2.62 team ERA with 18Ks against 5 walks.  Despite only recording 2 errors in the field, defense will be a primary work area for the team in the coming weeks, as the competition only gets harder from here.  And fast.
 
With the team off to a 6-0 start, the Road gets much more difficult with the Devils entering its first Travel Tournament next weekend, the Cooperstown Send-Off.  This is a 12U-only tournament in Marietta, and the Devils will get an early taste of what to expect when the Road ends in Cooperstown in mid-July.
 
Follow the Red Devils' Road to Cooperstown on GameChanger here!