This Week in Enterprise Tech 6
Guest: Dimitri Ayrapetov
Topic: Enterprise Security, Out of Band, Advanced Firewalls
Recorded: August 20, 2012
Published: August 20, 2012
This Week in Enterprise Tech 6:
Introduces guests and asks Brian about how to deal with Hawaii heat in the Enterprise. Humidity is a huge concern, opening outside doors allows water to enter which needs to be extracted by HVAC.
- How do you secure data, balancing security with convenience.
- If security becomes overbearing it gets turned off.
- Asses your risk model/level.
- When you have a data breach, stay calm instead of overbearing security lock downs.
- 90% of security is policy, 10% Technical. UTMs don't read minds.
- Instead of blocking FaceBook, block farmville (block parts of sites).
Stuff my IT Guy Says
Out of Band Management
- Networking for IT Pros (Production and Management)
- You don't want your users to be able to access your networking devices' management.
- From the Network Operations Center (NOC) we can manage devices on the management VLAN.
- Networking devices use serial console ports to manage. Remotely you can login and reload a device (restart) and configuration.
- Using a remote managed PDU you can power cycle a device's power remotely.
- Networks can span several floors, buildings, cities, countries...
- While costs are a concern, ROI comes from less downtime and money/time spent to go to a device physically.
- OoBM is a must says guest Dimitri.
- Volunteer spots open for InteropNET in NewYork
- Firewall stress tests: 20 VPN Connections (3DES AES 256 TLS)
- How do you assess your firewall capacity needs?
- Aggregate packets through WireShark
- Firewall CPU usage should not be high.
- Asses the types of traffic
- Go2Meeting is popular
- Compartmentalize network to isolate attack threat zones using VLANs
- At home you can separate your work network from your family networ. using VLANs.
- IPS integrated.
- For individuals you can restrict VPN access to only those with Anti-Virus installed on their machine, is using secure wireless.
- Use split tunneling so only traffic destined for the remote network passes through the VPN Tunnel.
- Don't compromise.
- Deep packet inspection
Hardware & Software Mentions
- Dell SonicWALL
- Open Gear Out of Band Serial Console Management Switch.
- Ad Time:
- Book suggestion: Daemon by Daniel Suarez
- GoToMeeting Promo Code: Enterprise
- Ad time:
- Recorded Date: August 20, 2012
- Release Date: August 20, 2012
- Log line:
- Edited by:
|This area is for use by TWiT staff only. Please do not add or edit any content within this section.|