Don't Leave Your Disaster Recovery to Chance: The Importance of a Service Catalogue

Don't Leave Your Disaster Recovery to Chance: The Importance of a Service Catalogue

Having an effective, documented and tested disaster recovery plan is one of the most important tools for any IT professional who manages server workloads for their organisation.

Read More

Updates to the Cyber Essentials Scheme - January 2022

Updates to the Cyber Essentials Scheme - January 2022

The Cyber Essentials (CE) scheme has a number of major updates being introduced into the scope in January 2022. This blog post will give you a summary of the changes so that you know what to expect if you commence the self-assessment after January 24th.

Read More

13 Email Threat Types and How to Defend Against Them

13 Email Threat Types and How to Defend Against Them

During the Barracuda Summit Virtual event last week, I attended a session about email security and how the threat that faces businesses and users through email attacks has advanced over the years and how Barracuda are helping businesses enhance their email security.

Read More

Bitdefender at Cloud & Cyber Security Expo

Bitdefender at Cloud & Cyber Security Expo

In this video, Megan Warren interviews Liam Puleo of Bitdefender to discuss what trends he had seen at the Cloud & Cyber Security expo, including Network Traffic Security Analytics.

Read More

Cyber Security, IoT devices and Network Traffic with Bitdefender

Cyber Security, IoT devices and Network Traffic with Bitdefender

In this video, Barry Coombs is joined by Ross Laing of Bitdefender to discuss the consistent rise of cyber security threats, including user error and threat hunting.

Read More

IoT thoughts and reflections from VMworld 2018 in Barcelona

One of my main focuses from VMworld 2018 in Barcelona was IoT, specifically I was looking to better understand use cases that are going into production, architectures for the ‘things’, gateways, edge computing, data storage and analytics and how to manage, maintain and secure the IoT environment.

In this short video Barry Coombs of ComputerWorld talks about the lessons learnt regarding IoT at VMworld 2018 in Barcelona.

You can see some of my thoughts from the sessions I attended in the Doodle below.

Use Cases

IoT use cases are driven by a business or a personal need to analyse data for insight or to monitor something. There were fantastic examples given during VMworld specifically around how IoT was being used in healthcare to help give patients freedom whilst the healthcare workers are still able to ensure their safety and well being.

Uploaded by None on 2018-11-08.

Infrastructure

The infrastructure for IoT is different depending on the specific use cases, the infrastructure starts with the ‘things’ or the senors. The specific requirement will dictate which sensors and the quantity however usually the sensors will interact with some form of a gateway due to the sensors either being propriety wired or using wireless using WiFi or more commonly a low energy form of wireless connectivity such as bluetooth low energy (BLE) or ZigBee. The gateway is able to aggregate the sensors from the differing forms of connectivity and forward on to the data storage and analytics location.

Depending on the use case you may also require edge computing to provide an element of analytics and decision making at the edge. These edge computing infrastructures will differ depending on the task but VMware are currently working on delivering ESXi on ARM based platforms to allow smaller, affordable but highly available virtual environments for these use cases. >> https://www.theregister.co.uk/2018/08/27/vmware_esxi_ar64/

Security

If you manage to figure out your use case, collect the data with the correct sensors and infrastructure and you are able to get the answers you require with the correct analytics your work still isn’t done. We all know that security in end user computing and IT in general is a major concern, however if you look at the nature of IoT being disparate, involving many connected components and also not being directly monitored (Used) by humans the attack vector for IoT is massive. This is where VMware Pulse comes into play, VMware Pulse aims to be your management plane for your IoT infrastructure, on each of yours sensors or gateways an SDK Python based agent is deployed allowing the Pulse infrastructure to monitor and maintain your ‘things’. Pulse is able to ensure the ‘Things’ are communicating, working within normal parameters and are up to date, think of Workspace UEM (AirWatch) but for IoT.

VMware Pulse IoT Center is a secure, enterprise grade, IoT device management and monitoring solution that helps both Information Technology (IT) and Operational Technology (OT) organizations to onboard, manage, monitor and secure their IoT use cases from the edge to the cloud.

This is the very beginning of the IoT journey for myself, I would like to further understand the gateway and sensor technology as well as the management of the IoT infrastructure with Pulse. Watch this space as I learn more.

Megan's Day two VLOG at VMworld

Megan's Day two VLOG at VMworld

So yesterday was the second day of VMworld 2018 and once again was packed with extremely good session, announcements and content. Watch my video to find out what I got up to and learnt on day 2 of VMworld!

Read More

The great 'Spy' chip scandal

The great 'Spy' chip scandal

In the news currently is a potentially far-reaching scandal centred around the addition of a tiny surveillance chip into certain Supermicro server motherboards. Bloomberg Businessweek has broken a story blowing the whistle on a ‘secret’ FBI investigation that’s been running for a couple of years and implications that similar discoveries made but not publicised by both Apple and Amazon in 2015 led both companies to cease trading with SuperMicro and allegedly remove SuperMicro hardware from their datacentres.

Read More

NSX Basics – Creating Security Groups

NSX Basics – Creating Security Groups

In this video I will walk through creating 3 type of security groups that can be used alongside the distributed firewall (DFW) to protect virtual machines.  

Read More

Are you setting yourself up to fail?

Are you setting yourself up to fail?

In today’s industry, an IT disaster recovery plan is essential.  It is not only essential to protect a business from catastrophic failure, but it is expected by customers, necessary against our competition and required by data protection regulations. 

Read More

Speculative Execution and Side Channels Attacks

Speculative Execution and Side Channels Attacks

A few weeks back Intel have disclosed details of new vulnerabilities that effect their current and past CPU ranges from at least 2009 up to their latest – so, it would seem, most Intel CPUs in living memory!

Read More

[VIDEO] Barracuda's Sentinel Demo

[VIDEO] Barracuda's Sentinel Demo

In this video, Barry Coombs and Steve Peake discuss and demonstrate the Barracuda platform of Sentinels. Sentinels is an additional layer to your email security platform that uses AI and machine learning of your emails to understand when an email could be a threat, even without a malicious link or attachment. This video shows the simple platform and demonstrates the clear message your user will receive when Sentinels detects a possibly suspicious email.

Read More

[VIDEO] Defence against your doppelganger

[VIDEO] Defence against your doppelganger

With cyber attacks becoming more targeted and intelligent than before, your email security may not be able to detect the underlying threat within an email. In this video, Barry Coombs and Steven Peake discuss how Barracuda's Sentinel and Phishline products can help your business be more secure and help your users detect potential threats.

Read More

GravityZone Basic End-point protection mechanisms

GravityZone Basic End-point protection mechanisms

Following on from my previous blog post I wanted to explore in a little more detail precisely how GravityZone protects the end-points it is installed upon.

Read More

Ivanti Patch for Windows Servers Tips

Ivanti Patch for Windows Servers Tips

I am currently using Ivanti Patch for Windows Servers to patch our virtual demonstration and test environment and thought I would share a short blog post around some of the common misconfigurations that can be made when setting up the automated patching

Read More

Manual install of NSX VIBs to ESXi Hosts

Manual install of NSX VIBs to ESXi Hosts

I’ve had a few problems (predominantly in labs) where the NSX host preparation stage has failed.  There can be a few reasons for this but I have found the most consistent way around this is to deploy the vibs manually.

Read More