Thursday, March 4, 2021

Data and equipment backup

Software management

The server software also requires monitoring and regular maintenance. To do this, you need to have a good understanding of the interdependencies of programs in the server infrastructure, which helps not only to better configure the software, but also to quickly find the reasons for unsatisfactory server performance.

It is also necessary to make regular updates to application software, firmware and operating systems. This improves both the performance of the entire IT system and its security, since poor server performance pulls other parts of the system with it and potentially creates vulnerabilities for cyberattacks to the IT system. It is also good practice to remove old software that is no longer in use.

Security

An important component of server management is security. Security policies can vary depending on the type and needs of the business. Common server security solutions may include: Aruba certified design expert (acdx)

installing and keeping up-to-date anti-virus software;

using firewalls to cut off unauthorized traffic from the external network;

using the installation policy and creating passwords for personnel access to equipment and software;

encryption of sensitive data in the storage system and on external connections for transmission over the network;

using SIEM (Security Information and Event Management) tools to better understand potential threats.

Data and equipment backup

For reliable and stable operation of the server, it is necessary to make regular backups of its data ("backup"). The loss of important data can be disastrous for any business. According to the American operator Verizon , about 70% of data loss occurs due to external factors. And 40% of small and medium enterprises in 2019 were unable to recover their business after losing a large amount of data. It is even more surprising that according to the research organization Ponemon Institute, 39% of small and medium-sized enterprises do not have any plan for recovering critical corporate information in the event of disasters and data loss.

Fortunately, there are many effective backup solutions available, including software backup for both physical and virtual servers.

The power supply to the servers must also be redundant so that data is not lost in the event of a sudden external power outage. For this purpose, autonomous power sources (diesel generators and batteries) are installed in data centers, and in data centers they also use the input of external lines from two electrical substations located in different "trees" of the power supply network topology.

Server management systems have special software tools that automatically back up and restore data, and monitor the status of server power elements to avoid potential data loss during power outages and power failures.

However, while there are many backup options available on a single server or corporate network, not all of them will work on large scale networks. In this case, you need special techniques and tools that cloud providers use.

Manage servers yourself or outsource?

Each business or organization must find an answer to the question: to manage their servers themselves or to use external management, or a combination of both. And decide what is more profitable in a particular case, taking into account many factors: economic, information security, reliability, etc.

If an enterprise has enough skilled staff, managing its own servers can give the advantage of being in complete control of its own computing environment. There are many tools for this purpose, such as automated regular reports and proactive alerts, that keep the server environment running efficiently and without fail. The functionality of these tools can vary significantly, from simple performance monitoring to proactive server management.

Choosing a server management system

It is quite difficult to provide a comprehensive guide to choosing a server management system. This task is akin to choosing the right car. No one has yet undertaken such work as writing a detailed guide to choosing a personal car. The same situation is with the choice of the server management system. There are too many different factors to consider.

Therefore, the best advice may be to use the services of a qualified expert who would understand the situation and needs of an enterprise or organization where a server management system is needed and recommend one or another system.

Wednesday, March 3, 2021

How fiber optic cables work

A fiber optic cable consists of one or more strands of glass, each only slightly thicker than human hair. The center of each wire is called the core, which provides the way for light to travel. The core is surrounded by a layer of glass called plating that reflects light inward to avoid signal loss and allow light to pass through the bends in the cable.

The two main types of fiber optic cables are single mode and multi-mode . Single-mode fiber uses extremely thin strands of glass and a laser to generate light, while multimode fiber optic cables use LEDs. 

Single-mode fiber optic networks often use Wave Division multiplexing techniques to increase the amount of data traffic that the cable can carry. WDM allows the combination of light at several different wavelengths (multiplexed) and subsequently separated (de-multiplexed), efficiently transmitting multiple communication streams through a single light pulse.


The advantages of fiber optic cables

Fiber cables offer more advantages over long-distance copper cables.

Fiber optics support higher capacity . The amount of network bandwidth that a fiber cable can carry easily exceeds that of a copper cable of similar thickness. 10 Gbps , 40 Gbps and 100 Gbps fiber cables are standard.

Because light can travel much longer distances on a fiber cable without losing its strength, the need for signal pulses is reduced.

A fiber optic cable is less sensitive to interference. A copper network cable requires shielding to protect it from electromagnetic interference. While this protection helps, it is not enough to prevent interference when many cables are tied together. The physical properties of fiber optic cables avoid most of these problems.

Fiber to the home, other implementations and fiber networks

While most fiber optics are installed to support long-distance connections between cities and countries, some residential ISPs have invested in expanding their fiber facilities in suburban neighborhoods for direct access by households. Suppliers and industry professionals use these state- of -the - art facilities .

Some of the best-known home-based fiber services include Verizon FIOS and Google Fiber . These services can provide households with gigabit internet speeds. However, it usually also offers customers smaller capacity packages. Different packages for home consumers are often abbreviated with obscure acronyms: Dark fiber network

FTTP (Fiber to Premise) : Fiber that is laid down to the building.

FTTB (Building / Block Fibers) : Same as FTTP.

FTTC / N (Fiber at the edge of the knot) : Fiber that is put on the knot but then copper wires complete the connection inside the building.

Direct fiber : Fiber that leaves the central office and is attached directly to a customer. It offers the highest bandwidth, but direct fiber is expensive.

Common fiber : similar to direct fiber, except that as the fiber approaches the premises of nearby customers, it splits into other optical fibers for those users.

Tuesday, March 2, 2021

Patch Now: F5 Vulnerability with CVSS 10 Severity Score

F5 Networks, a provider of networking devices and services, urges users to patch their BIG-IP networking systems as soon as possible, after the provider disclosed two vulnerabilities. First of these is CVE-2020-5902, a critical remote code execution (RCE) vulnerability found in BIG-IP device’s Traffic Management User Interface (TMUI).  

CVE-2020-5902 received a 10 out of 10 score on the Common Vulnerability Scoring System (CVSS) v3.0 vulnerability severity scale. After this vulnerability was made public, threat actors were quick to take advantage of it by launching attacks on the impacted devices, as spotted by NCC Group security researcher Rich Warren.

Another less critical vulnerability, CVE-2020-5903, involves cross-site scripting (XSS). F5 has now released patches for both in the vulnerabilities’ respective security advisories (one advisory for CVE-2020-5902 and another for CVE-2020-5903). Both vulnerabilities were revealed to the company by Mikhail Klyuchnikov, a security researcher from Positive Technologies.

The severe vulnerability: CVE-2020-5902

CVE-2020-5902 is an RCE vulnerability found in BIG-IP’s TMUI, also known as the Configuration utility. In a properly configured network environment, this configuration portal should not be accessible to an attacker – unless he already has access to the network from inside. The vulnerability is reported to be easily exploited and automated, as it could be used over the internet and does not require advanced coding skills to abuse.

To exploit this vulnerability, an attacker has to send a specifically crafted HTTP request to the server that houses BIG-IP’s TMUI. By abusing CVE-2020-5902, unauthenticated users can perform the following actions even without valid credentials: F5 networks careers

Execute arbitrary commands and code

Create or delete files

Disable services

Klyuchnikov stresses in Positive Technoligies’ report that “RCE in this case results from security flaws in multiple components, such as one that allows directory traversal exploitation. This is particularly dangerous for companies whose F5 BIG-IP web interface is listed on search engines such as Shodan. Fortunately, most companies using the product do not enable access to the interface from the internet." As stated in ZDNet's article, there are approximately 8,400 BIG-IP devices connected to the internet according to a Shodan search.

F5 warned users that this vulnerability might result in a complete system compromise. The full list of affected devices, their patches, and mitigations (in case upgrades are not possible) are available in F5’s security advisory for CVE-2020-5902.

The United States Cybersecurity & Infrastructure Security Agency also released a statement that encourages users and administrators to patch their devices.

CVE-2020-5903 cross-site scripting vulnerability

Similarly, the less critical XSS vulnerability CVE-2020-5903, discovered by F5 in another security advisory, also affects the TMUI. It allows running malicious JavaScript code as an authenticated logged-in user. The list of affected devices, recommendations, and mitigations can be found in the same advisory.

Affected companies

ZDNet's report states that BIG-IP devices are utilized on the networks of 48 companies included in the Fortune 50 list, as F5 divulged on their official website. The products are also used in networks and cloud data centers of enterprises, government organizations, and internet providers, among other industries.

A surge in demand for F5 solutions has been witnessed recently, a major reason for which is the abrupt transition to work-from-home arrangements by many companies as necessitated by the global coronavirus pandemic.

Protecting vulnerabilities from attackers

As threat actors are on the constant lookout for vulnerabilities to exploit, it is highly advised that security teams and users follow security measures to ensure that their systems remain protected. Some of these basic recommendations are the following:

Periodically patch and update operating systems, firmware, programs, applications, and other software.

Keep abreast of the latest reports on vulnerabilities affecting devices and software from different providers.

Deploy security solutions to detect threats before they can compromise the systems.

Monday, March 1, 2021

DevOps Engineer / Linux System Administrator

What we will trust you: linux administrator

Deployment of company projects on servers;

Administration of the existing infrastructure;

Investigation of problems and support of Linux-based servers, including work to support software developed in the company;

Localization and analysis of the causes of bottlenecks in the performance of applications and servers;

Participation in projects to increase infrastructure, increase bandwidth, integrate new systems and software products, build test systems;

Support for internal services (DNS, Gmail, Confluence, JIRA, Gitlab, company website, etc.) required for the team's work;

Deployment and support of continuous integration systems (gitlab, jenkins, servers for building projects)

What are we waiting for:

Work experience as a Linux (Ubuntu) system administrator at least 3 years;

Deep knowledge of Linux (Ubuntu) OS, remote server administration, experience in shell scripting;

Experience in finding / diagnosing faults;

Administration of the Nginx web server;

Experience in setting up monitoring;

Knowledge of network protocols;

Teamwork experience;

Experience in DBMS administration (MySQL, PostgreSQL, MongoDB, Redis, Clickhouse);

It will be an additional plus:

Experience in server administration with Node.js applications;

Experience in building monitoring of distributed systems;

Experience in administering / supporting a high-load service operating in 24x7 mode;

Experience with configuration management systems;

Experience with Docker, Nagios / Icinga, Fluentd, Elastic Stack, RabbitMQ;

Experience with Amazon services;

Experience with orchestration systems;

Using an infrastructure-as-code approach

Saturday, February 27, 2021

Network Attack: Network Intelligence

Network intelligence is the gathering of information about a network using publicly available data and applications. When preparing an attack against a network, a hacker usually tries to obtain as much information about it as possible. Network reconnaissance is done in the form of DNS queries, ping sweeps, and port scans. 

DNS queries help you understand who owns a particular domain and what addresses are assigned to that domain. A ping sweep of DNS-exposed addresses allows you to see which hosts are actually running in a given environment. After obtaining a list of hosts, a hacker uses port scanning tools to compile a complete list of services supported by those hosts. Finally, the hacker analyzes the characteristics of the applications running on the hosts. As a result, information is obtained that can be used for hacking.

It is impossible to completely get rid of network intelligence. If, for example, you disable ICMP echo and echo reply on peripheral routers, you will get rid of the pings, but you will lose the data needed to diagnose network failures. In addition, you can scan ports without pinging first. It just will take longer, since you will have to scan non-existent IP addresses as well ccna wireless salary

IDS systems at the network and host level usually do a good job of notifying the administrator about ongoing network intelligence, which allows you to better prepare for an impending attack and alert the ISP on whose network the system is showing excessive curiosity.

Thursday, February 25, 2021

Fiber optic closed-circuit TV surveillance systems

The first part of this article examined the benefits of using fiber optics and discussed the principles of signal transmission in such systems. In this part, we will look at how to practically design and install a fiber optic system for use in a closed-circuit TV or similar system.

The development process usually includes two components: How do fiber optics work

Selection of suitable active components of the transmission path based on the required function (s), the type and number of fibers available or offered, and the maximum transmission distance.

Passive fiber infrastructure designs, including trunk cable types and specifications, junction boxes, fiber patch panels.

Components of the transmission path

First of all, what components are actually required to meet the system specifications?

Fixed camera systems - These systems are extremely simple and usually consist of a miniature fiber optic transmitter and either a modular or rack-mountable receiver. The transmitter is often small enough to be mounted directly in the camera body and is equipped with a coaxial bayonet connector, a 'ST' optical connector, and terminals for connecting a low-voltage power supply (typically 12V DC or AC). Many surveillance systems consist of several of these cameras, signals from which are transmitted to a central control room, in which case the receivers are rack mounted on a standard 19 ”3U card with a common power supply.

Systems on controlled cameras with PTZ devices- such systems are more complex, since an additional channel is required to transmit camera control signals. Generally speaking, there are two types of remote control systems for such cameras - requiring unidirectional transmission of remote control signals (from the central station to the cameras) and requiring bi-directional transmission. Bidirectional transmission systems are becoming more and more popular, as they allow each camera to receive confirmation of the receipt of each control signal, and therefore provide greater accuracy and reliability of control. Within each of these groups, there is a wide range of interface requirements, including TTL, RS232, RS422, and RS485. Other systems do not use a digital interface, but transmit data as a sequence of audio signals over an analog channel, similar to two-frequency tone dialing signals in telephony. There are also systems that do not require a separate remote control channel at all, but transmit control signals via a coaxial video cable - either during a blanking interval or by modulating a high-frequency carrier.

All of these systems can work with fiber optic cables using the appropriate equipment from Fiber Optic. Fortunately, the customer is not required to delve into the intricacies of PTZ remote control in order to determine their requirements; it is simply required to indicate the preferred camera control system and estimate the maximum communication length so that the appropriate equipment, fiber and operating wavelength can be recommended.

There is, however, one question that the customer usually has to answer himself - should the remote control signals for cameras mounted on a PTZ device be transmitted over the same optical fiber as the video signal, or over a second fiber.

Under normal circumstances, simultaneous transmission of optical signals along the same fiber in opposite directions is undesirable, since mutual interference occurs due to diffuse reflections in the fiber. In closed-circuit TV systems, this effect creates noise in the image whenever the camera controls are activated.

To achieve bi-directional, interference-free transmission over a single fiber, it is necessary that the transmitters at different ends of the fiber operate at different wavelengths, for example, 850 nm and 1300 nm, respectively (Figure 2.2). A wavelength division multiplexer (WDM) coupler is connected to each end of the fiber to ensure that each receiver receives only the correct wavelength (e.g. 850 nm) light from the transmitter at the opposite end of the fiber. Unwanted reflections from the near-end transmitter are in the “wrong” range (ie 1300 nm) and are rejected accordingly.

Bi-directional single-fiber transmission incurs additional costs comparable to the cost of a dual-fiber system. This, however, can be offset by savings in the reduced fiber count.

Additional features - although the choice of a fixed camera or a PTZ camera satisfies the requirements of most closed-circuit TV surveillance systems, there are a number of systems that require additional features, for example, audio transmission for general announcements, auxiliary messages to the consumer, or intercom communication with a remote post ... On the other hand, contacts of sensors that are triggered in the event of a fire or the appearance of strangers can be part of an integrated security system. All of these signals can be transmitted over optical fiber - either over the same one used by the network, or over another.

Video Multiplexing - Up to 64 video and 128 audio or digital data signals can be multiplexed on a single single-mode fiber, or slightly less on multi-mode. In this context, multiplexing refers to the simultaneous transmission of full-screen video signals in real time, rather than the low-frame or split-screen display, which is often referred to as the term.

The ability to carry many signals and additional information over multiple optical fibers is very valuable, especially for long distance CCTV surveillance systems, such as highways or railways, where minimizing the number of fiber optic cables is often vital. For other applications, with shorter distances and highly scattered cameras, the benefits are not so obvious, and here the first thing to consider is using a separate fiber line for each video signal. The choice of whether to multiplex or not is quite complex and should only be made after considering all the considerations, including system topology, overall costs, and last but not least, network fault tolerance.

Wednesday, February 24, 2021

CISCO AND CITRIX DELIVER COMPREHENSIVE DESKTOP VIRTUALIZATION SOLUTIONS

Cisco and Citrix Systems have announced that they are collaborating on a new combined desktop virtualization solution that will make it easier and cheaper for companies to deploy comfortable high-definition virtual desktops and applications for all their users.

New Cisco Desktop Virtualization Solution with Citrix Xen Desktop Combines Cisco Unified Computing Technologies with Citrix Desktop Virtualization Technologies, including FlexCast ™ and HDX ™, to offer the most efficient, scalable, and high-performance solution for hosting, securing, and optimizing virtual desktop delivery and applications. The Cisco Desktop Virtualization Solution with Citrix XenDesktop is now available through a shared network of business partners.

Desktop virtualization is rapidly gaining popularity as a more secure and flexible way to deliver Windows desktops and applications to all business users, anywhere cisco one data center,

and through any compatible device. It turns out that companies of all sizes are looking for a simpler and more scalable solution that integrates software, hardware, and support as they move to desktop virtualization. The new desktop virtualization solution from Cisco and Citrix is ​​the first combined solution on the market that responds to these needs and offers IT organizations an easy way to accelerate the deployment of desktop virtualization with the best performance, user comfort and cost savings.

Key facts and features:

Cisco and Citrix desktop virtualization solutions combine Cisco Unified Computing System (UCS) with Citrix XenDesktop technologies to offer customers the following benefits:

Accelerate mass deployment of desktop virtualization

Service profiles to speed installation - Preconfigured service profiles for hosted shared desktops and hosted virtual desktop infrastructure (VDI) desktops greatly simplify their deployment by reducing the time required to install and configure XenDesktop with Cisco UCS.

Preconfigured kits for easy deployment - Kits tailored to different XenDesktop usage scenarios greatly simplify work and speed deployment. The starter kit makes it easy for customers to get started with the first 300 virtual desktops. The expansion kit allows expansion in a simple modular way to thousands of other desktops and users.

Cisco Proven Design for Basic Interoperability - To further simplify

and accelerate user deployments, a reference architecture design is now available, built on extensive testing conducted jointly by Cisco, Citrix, and NetApp. The reference design also includes NetApp as a proven storage platform. This architecture design is a continuation of the open ecosystem strategy to support customer decision-making shared by Cisco and Citrix.

Combined Support Services - For this solution, customers are offered combined services through a single shared technical support number. Cisco and Citrix service teams work together and train each other to provide customers with a unique level of service.

Open architecture for easy integration - This solution is also designed to be open so customers can easily leverage their existing storage

and hypervisor investments . It is now validated for Citrix XenServer® and VMware vSphere ™, and support for Microsoft Hyper-V ™ is planned in the near future.