This Week in Enterprise Tech 6

This Week in Enterprise Tech Episode 6

"Behind the Firewall"Hosts: Fr. Robert Ballecer and Brian Chee Guest: Dimitri Ayrapetov Topic: Enterprise Security, Out of Band, Advanced Firewalls Recorded: August 20, 2012 Published: August 20, 2012 Duration: 1:43:59 Transcript Previous episode – Next episode

Contents 1 This Week in Enterprise Tech 6: 1.1 Technology Byte 1.2 Stuff my IT Guy Says 1.3 Interop 1.4 Firewalls 1.5 VPNs 1.6 SOHO Security 1.7 Hardware & Software Mentions 2 Sponsors 2.1 Audible 2.2 GoToMeeting 3 Production Information

This Week in Enterprise Tech 6:

Introduces guests and asks Brian about how to deal with Hawaii heat in the Enterprise. Humidity is a huge concern, opening outside doors allows water to enter which needs to be extracted by HVAC.

Technology Byte

Securing Data

• How do you secure data, balancing security with convenience.
• If security becomes overbearing it gets turned off.
• Asses your risk model/level.
• When you have a data breach, stay calm instead of overbearing security lock downs.
• 90% of security is policy, 10% Technical. UTMs don't read minds.
• Instead of blocking FaceBook, block farmville (block parts of sites).

Stuff my IT Guy Says

Out of Band Management

• Networking for IT Pros (Production and Management)
• You don't want your users to be able to access your networking devices' management.
• From the Network Operations Center (NOC) we can manage devices on the management VLAN.
• Networking devices use serial console ports to manage. Remotely you can login and reload a device (restart) and configuration.
• Using a remote managed PDU you can power cycle a device's power remotely.
• Networks can span several floors, buildings, cities, countries...
• While costs are a concern, ROI comes from less downtime and money/time spent to go to a device physically.
• OoBM is a must says guest Dimitri.

Interop

• Volunteer spots open for InteropNET in NewYork

Firewalls

• Firewall stress tests: 20 VPN Connections (3DES AES 256 TLS)
• How do you assess your firewall capacity needs?
  • Aggregate packets through WireShark
  • Firewall CPU usage should not be high.
  • Asses the types of traffic

VPNs

• Go2Meeting is popular
• Compartmentalize network to isolate attack threat zones using VLANs
• At home you can separate your work network from your family networ. using VLANs.
• IPS integrated.
• For individuals you can restrict VPN access to only those with Anti-Virus installed on their machine, is using secure wireless.
• Use split tunneling so only traffic destined for the remote network passes through the VPN Tunnel.

SOHO Security

• Don't compromise.
• http://livedemo.sonicwall.com/
• Deep packet inspection

Hardware & Software Mentions

• Dell SonicWALL
• Open Gear Out of Band Serial Console Management Switch.

Sponsors

Audible

• Audible
• Ad Time:
• Book suggestion: Daemon by Daniel Suarez

GoToMeeting

• GoToMeeting Promo Code: Enterprise
• Ad time:

Production Information

• Recorded Date: August 20, 2012
• Release Date: August 20, 2012
• Duration:
• Log line:
• Edited by:
• Notes:

This area is for use by TWiT staff only. Please do not add or edit any content within this section.