How to Monitor ISP Bandwidth With PRTG Then Tweet about It!

 

Are you getting the speed that you are paying your ISP for?

A step by step guide on how to use PRTG to monitor the bandwidth you are getting, and how to let your ISP know via a Tweet once it drops below a threshold!

Please enter your email below to get instant access to the full guide.

 

Sanjay

By: Sanjay Kanesamoorthy
Senior Trainer/Consultant at Red Education

 

Securing my home network, #DoIEvenBother

 

When I get back home after a long day at work, it’s dark, and my mind often wanders into thoughts of how secure (physically) my home actually is. As I unlock the front gate, then the flyscreen door, then the actual front-door (3 locks), I grin as I consider how easy it is for someone to simply break a window to get in, or jimmy the flimsy sliding door locks on the side of the house. I suppose it’s more of a deterrent than anything else. Why do I concern myself with these things? Well, I’ve had my prized possessions stolen before.  My mountain bikes mean the world to me, and the scum of the earth bike thieves took them. Absolute scum.

As I opeDoorLockn my door, it’s nice to see that my TV is still hanging on the wall, and everything is as I left it. I suspect this is a thought that goes through the minds of a lot of people. Did I remember to lock the front door? Who REALLY cares if you didn’t? (Well to start off with, without any signs of forced entry, it’s unlikely your insurance company will replace that TV!). If you were confident you left it unlocked, chances are you’d turn around, even if it meant being late to that important meeting, and lock up. Why do we give so much credence to physical security, yet the majority of us don’t even bat an eyelid in regards to our meta-physical security, our data… (which I know technically isn’t meta-physical, It just sounds so cool I had to say it…)

 “Home network security is something that we tend to overlook, and I suspect the primary reason is that we don’t value its contents to the same extent as our physical world.”

Let’s take the worst-case scenario. Assuming your home network gets 100% pwned. What will you lose? Let’s follow Doctor Angela Ziegler as an example. Doctor Ziegler is a medical scientist conducting some ground-breaking research at the state-of-the-art facilities at work. She works long hours and tends to bring work home with her on her work issue laptop. At home, she enjoys watching live gaming streams of overwatch on twitch, and the occasional episode of the (legitimately downloaded) TV-Show “Where Are My Pants?”.

At home, she has a NAS drive she purchased from her local target, containing precious photos of her colleagues (some who have passed away, others suffered a worse fate), as well as some auxiliary research papers. Connected appliances such as her cloud controlled Air-conditioner, and her Lucky-Goldstar (LG) Internet Connected refrigerator also form part of her network, along with all the latest generation gaming consoles.
Back at the office, we trust that all her research is secured by the security team, but what about back home?
Who setup the network at home? Were there any thoughts towards security during its design? Was it even designed, or did she just use the default Huawei Modem/Router supplied by her ISP?

Securing home network

What are the risks here? What does Dr. Ziegler have to lose? If your thoughts jumped to the NAS drive, with the photos and research, you would be partially correct. This is indeed the most obvious concern, if this data were to be lost, would it be replaceable? A TV at home is easy to replace, in fact, you would probably upgrade, but the photos, they are gone. What dollar value would Dr. Ziegler place on these? If you could buy your own photos that were previously lost, how much would you pay? Especially if it contains photos of friends and family who are no longer with us… Think ransomware. Apart from the personal effects, what about the auxiliary research documents? What value do they have for Dr. Ziegler, and the organisation funding her research? What if these got into the hands of a competitor? (Talon)

If you are thinking that those documents should be stored on the servers back at the office… yeah, that’s fair… in best practice. However, as humans, we are often the weakest part of any network. We are lazy, and take shortcuts when available. It’s far quicker for Dr. Ziegler to have these files locally when she works from home, rather than VPN in to the office, using that annoying 2-factor authentication the security team back at the office implemented… Where did she leave that key-fob anyway?

On that note, she doesn’t only use her work issue laptop for research either. She sometimes uses her personal desktop (gaming rig) to crunch some numbers. After all, it’s far more powerful. This is the same machine she uses to watch twitch.tv streams and browse the Internet. What security does she have on this machine? Surprisingly, the common answer here is “none”.

We have barely scraped the surface though. Remember those connected appliances? It wasn’t long ago that a vulnerability in Miele dishwashers was discovered (Article Here), allowing an attacker root access to them. So what? I hear you cry. What’s the attacker going to do? Clean my dishes?

Fair response I suppose. I guess it would be possible to control different aspects of the machine itself, but that’s not the likely goal for an attacker (although I can think of a few funny pranks to do). They could use your machine as part of a botnet, to be used for an attack on an external party (such as DDOS’ing Blizzards servers), or they could use it to move laterally through your network. I.e. once they have control of your dishwasher, they can attack your NAS drive. This same concept applies to all devices on your network.

The good news is, it’s not that hard to follow some security best practices at home. Simple things like changing the default passwords on your devices and NAS go a surprisingly long way, Setting up Wifi with a strong password and appropriate encryption, segregating work from play by not using the same machines, and ensuring that a sufficient endpoint solution (anti-virus, anti-malware etc) is present on ALL your machines.  Above all, backup your important documents! Not just on a NAS locally, but offsite too. There are many cloud-based backup solutions that could be used for Photos and Private material… BUT NOT FOR SENSITIVE WORK CONTENT!

I will address Doctor Zieglers not so unique situation in a later post, detailing a potential solution. The first step however, is identifying the risk. So the next time you return home, and follow your own unlocking routine, maybe have a think about what it is that you’re securing, and more importantly, what you’re not!

 

Ronen

Written by Ronen Meshel
You can read more about Ronen on his website: ronen.it/

End Of Financial Year Promotions – Training Credits and F5 v12

TRAINING CREDITS PROMOTION

Purchase your Training Credits for prior to June 30, 2016 and receive an additional 15% off the value of your purchase. With end of financial year looming for many organisations it marks the end of the budget cycle. Take advantage of Red Education’s Training Credits offer and maximise your training budget – with 12 months to use your Training Credits from the date of purchase, and with 10 leading vendors in the catalogue to book training for, you’ll be able to extend the skill sets of your teams to deliver the innovation you need. Training Credits from Red Education – talk to your Account Manager today to take advantage of this offer.

Check out the detail on Training Credits here.

F5 v12 PROMOTION

F5 has released v12 of its BIG-IP platform to incredible adoption rates all over the planet. There are major revisions to all products and there are new training courses across the following:

F5 Administering BIG-IP & Configuring BIG-IP Local Traffic Manager (LTM) v12
F5 BIG-IP Application Security Manager (ASM) v12
F5 Configuring BIG-IP DNS (Formerly GTM) v12
F5 Troubleshooting BIG-IP Local Traffic Manager (LTM) v12
F5 Configuring BIG-IP Access Policy Manager (APM) v12
F5 Configuring BIG-IP Advanced Firewall Manager (AFM) v12
F5 Configuring BIG-IP Application Acceleration Manager (AAM) v12
F5 Configuring BIG-IP v12 on Viprion
F5 Developing iApps for BIG-IP v11.x
F5 Developing iRules for BIG-IP v12

Red Education is ready to deliver all of the new courses across Asia Pacific and has already started! You can sign up to get access to deep dive information on any of our public courses, or arrange a customised course – perhaps for a migration from a legacy version to v12.

To help previous attendees on Red Education’s F5 courses get up to speed with the latest version, we are offering a 20% discount to any previous attendee prior to Dec 31, 2014 that registers on a v12 course between now and June 30. So sign up today and take advantage of this special offer! The discount isn’t available in conjunction with any other offer.

5 Tips for Certification Preparation

This week I wish to outline 5 things to do during your exam preparation. Last week we discussed certifications and exams – this can be found here.

To start off, make sure you are looking in the right places, as there are lots of “wrong” places out there. Beware of websites making themselves look like a source for legitimate study guides. I don’t think I have come across any legitimate sites for this purpose, so I just stick to the info from course-ware, labs, and instructor from AEPs.

With that said, here are 5 tips on being successful in your next computer based multi-choice certification exam:

1) Look at the requirements for the exam before you book it. There may be additional items you need to look at on top of course-ware and other preparations you have done. These include bugs, updates, white papers, or knowledge base articles specific to the version of the product you are dealing with.

2) Understand rather than memorize. For example, where does NAT take place in the flow logic? Think like a packet!

3) If the exam you do doesn’t permit you to go back once a question is completed, make sure you read and re-read the question and answers before moving on. Most exams I’ve sat allowed me to go back and review at the end of the exam. In this case, go through all the questions, answer all the ones you know for sure. Note you can flag questions to review for later.

4) Then do a second pass, this time paying attention to the ones you think you know. Finally, do a third pass, completing all questions, and by now you very likely have remembered the little things you needed to answer most, if not all questions.

5) Time management. Skills, physical and mental state comes in to play as well. But for longer exams, give yourself at least 6 months of preparation before attempting this. If you are preparing for a lab exam, knowledge and skill aren’t the only thing that you need to work on.

For candidates facing the preparation process for the Check Point CCSA or CCSE, or Palo Alto Networks the PCNSE in Australia or New Zealand, if you choose to sit in an instructor let course through Red Education, I look forward to perhaps training you, and sharing my experience with you all.

I wish you all the best in your future endeavours, and look forward to hearing your thoughts on your experience.

Importance of Authorized Training Centres

Would you buy an unproven or unbranded home appliance, entertainment system, vehicle or any important equipment? Why not? Irrespective of your busy schedule, have you ever waited in a decent well known restaurant? Why? Would you place your bet/wealth on any new venture/banking system? What are the chances? Take a couple of minutes and think it over before reading further.

In this article, whenever I mention “I”, consider it as yourself. Sometimes I drive long distances covering hundreds of miles. Sometimes, my car gives me trouble and when in trouble, if I could not find an authorized service centre nearby, I have had to rely on a local garage. The regular un-authorized mechanics have trained themselves to identify the cause for the issue and use a trial and error approach as the technology used in every vehicle is different and they do not have an officially transferred skillset. The technicians would resolve the issue but it would re-appear again as they do not know the real reason behind the issue. This leads to a loss of time and money. Sometimes, due to lack of money, I would try new service stations too even when the authorized service station is reachable. This has, most of the time, increased trouble rather than giving a permanent solution. The chance of failure is often increasing expenditure instead of saving money.

Similarly, what we have observed in the past and to date is that, most organizations are consistently taking cost-reduction exercises. Due to this, they try to reduce their expenses and one of the key areas of expenditure for almost any organization is enablement of personnel with knowledge to manage technology. In fact, technology is here to help us however, it is the personnel who implement, configure and manage the technology being key ingredients in utilizing the features of that technology. When an organization tries to reduce expenditure by getting their most responsible team trained by a so called “Grey Market” based trainer who has learnt by reading books and using trial and error methods, He/She (the Trainer) might be highly talented but lacks the key ingredients such as direct knowledge transfer from Vendors, including all their resources and support. This approach may set the initial expenditure lower than an organization’s budget. However, when there is a problem down the track, the loss incurred by the organization is not only in potential downtime, but also the reputation of the organization before the market and clients.

When knowledge is transferred with organized, professional and a strategic consulting approach, the student who gains not only a kick start but also a better and deeper understanding of the technology which in turn helps him provide not only solution to current situation/problem but also ensures that, the problem never appears in future. These type of trainings are delivered by experts who ensure all parameters of key stakeholders’ business expectations are met via Authorized training. They also ensure digging deeper into root causes for problems to offer appropriate near to permanent solutions. Such a training gained from Authorized Training Centre would ensure organizations with an overall greater Return On Investment.

One last example to summarise my article, I have always observed my mom cook. She uses a lot of ingredients yet she cooks a delicious meal in a short time. When I was young I did not learn from her but saw her cooking and then, when it was my turn to cook as a bachelor, I tried using multiple ingredients by guessing, looking at youtube or other recipe sources. I could never prepare a meal as delicious as my mom. One day, I decided to learn from her. After her teaching, I realized there was lot to understand and started cooking using my styles. Guess what, it has always been 99% appreciation from those who eat. In short, her training had given me not only a kick start but also a deeper understanding of Why, What, How and When?

Nanda Kumar – Trainer / Consultant

Red Education receives certification as an “Elite ATC” Palo Alto Networks.

Palo Alto Networks has named Red Education as an Elite ATC. In addition to clear quantitative criteria and adhering to strict quality standards as an Authorised Training Centre, Red Education has technically and educationally well-trained and certified trainers and program managers who ensure that participants meet the required training objectives and completion rates, not only, but to exceed them regularly. The difference is made by our trainers who are security professional with several years experience in designing, implementing and supporting Palo Alto Networks solutions and it is this vast experience and best practices which they bring along into the classroom.

The Elite ATC criteria is based on past the longstanding performance of Red Education, in terms of instructor compliance, student volume based on quota, administrative compliance, top 20% performers in each theatre, based on Student Evaluation Results (stack rank) and with consideration of ATCs who have exceeded student volume expectations and ATCs with unusually high growth rates over previous years.

The announcement coincides with Red Education expanding its territory to all of Asia Pacific with Palo Alto Networks. We offer courses in multiple languages in every major region across Asia Pacific.

Benefits to Red Education for being “Elite ATC” of Palo Alto include differentiation on Palo Alto Networks website, seat on the ATC Advisory Council, participation in Beta and TTT for new courses, and exclusive access to new or select courses.

All this adds up to a superior learning experience when training with Red Education.

“It’s a great thrill to be awarded Elite ATC status by Palo Alto Networks” Said Rob Howard, Managing Director at Red Education. “Our commitment to the highest quality training in every major location across the region enables our customers to derive the greatest benefit from their security infrastructure with Palo Alto Networks”.

Red Education offers training on

  1. Palo Alto Networks Essentials 1 – 201
  2. Palo Alto Networks Essentials 2 – 205
  3. Palo Alto Networks Panorama Essentials – 221
  4. Palo Alto Networks Advanced Threat Management – 231
  5. Palo Alto Networks Advanced Troubleshooting – 311

For further information on these courses, please click on this web link:   https://www.rededucation.com/course-outlines/palo-alto-networks-course-outlines/ or drop an email to info@rededucation.com for your query.
Chetan Gajjar | Operations Manager – India & SAARC / ASIA