Contact
Contact
All Posts By

Sprint Networks

Nov 13
Hari End Point Security

How to Stay Protected while Working Remotely?

By Network Security No Comments

The last year has seen a fundamental shift in the way many companies operate, with staff rapidly moving out of the office and into their homes to continue working remotely. This shift to perimeter-less working has forced IT departments and Security teams to focus on how they manage the devices those staff are using, since they’re no longer connected directly to the office network.

The principle of perimeter-less working focuses on protecting the resource, rather than the network or infrastructure of a company. This comes in many forms, such as encrypting data both in transit and at rest, using multifactor authentication to prove user identities, and restricting which users and devices can access company resources.

Throughout this, Endpoint Protection remains a key tool in the Security Team’s arsenal; hackers may be using phishing as the initial attack vector, but placing malware, ransomware or other malicious code onto the user’s device is still a popular means to gain access to a company’s crown jewels.

While there are many endpoint protection products available on the market, we’re going to focus on two general approaches and explore how they can help protect your users.

DNS Filtering

DNS is the cornerstone of modern Internet communications and is used by both genuine websites and the malicious parts of an attacker’s infrastructure. The basics of DNS have remained largely unchanged for decades now – a user simply types a friendly name such as google.com into their browser, and DNS looks up the underlying server IP address for you.

The danger is that public DNS servers are usually unaware of the content or nature of the site they’re looking up. Many lookups also occur behind the scenes of your computer and users aren’t aware they’re even happening. This allows attackers to build sites on the Internet that can be used as part of an attack, for example running a phishing site or hosting malicious code that can be called from a victim’s machine.

Cloud-based DNS filtering by services such as Cisco Umbrella enable you to identify, categorise and filter traffic based on those DNS lookups, stopping attackers in their tracks and blocking access to unwanted or malicious websites.

Umbrella HIW

Cisco Umbrella DNS Protection

Anti-Virus Protection Applications

A more traditional approach to endpoint protection comes in the form of anti malware applications. These have grown up substantially since the early days of anti-virus, and now come with a wide array of capabilities beyond simple signature-based detection.

These tools still include the traditional approach of blocking executables, macros and scripts, but also reach into advanced behavioural analysis using centrally managed Machine Learning to monitor what is happening across the system and intercept suspicious activities.

Tools such as the Fortigate FortiClient include automatic sandboxing, exploit prevention and memory protection, and monitor the machine for vulnerabilities and configuration control to ensure compliance.

When used in conjunction with a DNS-based service, these tools can provide a “best of both worlds” approach to security, blocking access to malicious sites and detecting and protecting against anything malicious that sneaks through. This will protect your endpoint as well as your company network while working remotely.

Oct 27
network 1

Leverage SD-WAN to reduce OPEX costs and achieve 99% network uptime in PNG

By PNG, Cisco Meraki, Versa Networks No Comments

On average you could be losing PGK 44K per branch annually when using 1Mbps circuit. You could be losing approximately PGK 650K annually if you have 15 branches or more on dual ISP links using 1Mbps

A Software-defined Wide Area Network (SD-WAN) is a virtual WAN architecture that allows enterprises to leverage any combination of transport services – including Multi-Protocol Label Switching (MPLS), LTE and broadband internet services – to securely connect users to applications.

SD-WAN uses a centralised control function to securely and intelligently direct traffic across the WAN. This increases application performance, resulting in enhanced user experience, increased business productivity, Security and reduced costs for IT. As businesses race to adopt the use of SaaS/IaaS applications in multiple clouds, IT is realising that the user application experience is poor. That is because WAN networks designed for a different era are not ready for the unprecedented explosion of WAN traffic that cloud adoption brings. We believe SD-WAN is the most optimal WAN solution for PNG and the Pacific.

Why you should care about SD-WAN in PNG?

1. SD-WAN can reduce your OPEX costs

More than 50% of IT budgets are spent on service providers, hoping it will improve branch up-time and overall link performances. But this is not often the case.

Enterprises in PNG use two service providers, Telikom and Digicel. These enterprises never get to use both service provider links simultaneously due to the lack in technology within their networks, resulting in loss of money (no ROI). This is no longer the case, thanks to the power of SD-WAN!

How much are you spending on your WAN circuits? Examples here are based on two service provider links for a typical PNG branch office

* The average monthly costs based on rates as of June 2019

Bandwidth not Used
0 %

Do you know you are using only 50% of the available bandwidth?

Loss in Revenue/Branch​
0 K

On avg you could be losing  PGK 44K per branch annually when using 1Mbps circuit

Revenue Loss for 15 Branches
0 K

On avg you could be losing approximately PGK 650K annually if you have 15 branches or more on dual ISP links using 1Mbps

160384742627994051

High-level Network Diagram

2. Improve Uptime and Network Security

traditonal vs sdwan

1. Make the Internet your New WAN and save

SD-WAN will help you to make the Internet your new WAN - securely. Replace expensive WAN circuits easily with ADSL or 4G/LTE. This is gradually now becoming a reality in the Pacific. Which is great news for enterprises who are looking to run dual and redundant WAN circuits for backup, while keeping OPEX costs to a minimum. SD-WAN provides a secure overlay fabric on any type of transport - which means your data is secure end-to-end. This is also a brilliant opportunity for organisations whereby, any Internet bound traffic can now exit directly out of the branch and no need to backhaul WAN traffic to the head-office.

2

2. Double your Bandwidth Automatically

Load-share across available links to maximise throughput by utilising all your WAN circuits over Digicel, Telikom, SpeedCast, BMobile, Biz Internet, ect.

3

3. Secure your WAN Traffic over Telikom, Digicel, etc.

All your WAN traffic is securely encrypted using enterprise grade security tunnels. Peace-of-mind from MIM (Man-In-The-Middle) attacks.

4

4. Prioritise your important traffic

Optimise business critical traffic from branch to head-end. You can now Prioritise business critical applications such as Office365 based on pre-defined traffic classes.

PNG Map

5. Total Control of your WAN

Control, manage and provision your WAN network from a single pane of glass. Troubleshoot network related issues with a few clicks. Automatic alerting of your WAN link's SLA breaches.

6

6. Eyes in to your WAN

See your network performance and analytics based on applications. Do you know how your business critical apps such as Office365 traffic is performing? Do you trust your telco to provide you the bandwidth you pay for? Now you can see your realtime bandwidth allocations and what applications are using most of your bandwidth. Don't leave to chance, you can learn firsthand how and who is utlising the most bandwidth.

Creating history in PNG

Sprint Networks was the first IT company back in 2018 to introduce SD-WAN to the Pacific region, and PNG was the first to deploy it. It was a champagne popping – cake cutting event. Sprint Networks increased the WAN link utilisation by 50% and optimised the WAN to dramatically increase the end user experience. The project was extremely successful, running for over 2 years with no disruptions. 

IMG 1441
IMG 1474
IMG E1497 e1603772038793

Sign up for a Free SD-WAN Trial

Try out the amazing power of SD-WAN. Completely free, no strings attached Sign up here: https://www.sprintnetworks.com.au/contact-us/

If you have questions, please drop us an e-mail – info@sprintnetworks.com

Sep 02
Network Design

Must Read: Best Practices For SMB Cyber Security

By Featured, Superfast IT Networks No Comments

One single vulnerability is all an attacker needs to crumble your business reputation you built for years within minutes.

With 99.8% of business in Australia being small-to-medium businesses, employing 7.3 million people, small businesses are a large contributor to Australia’s prosperity. It is important that Australia’s small and medium businesses understand their cyber security risks, and what they can do to protect themselves, their customers and their suppliers. A single hack can cost a small business everything. Securing all network elements within your organization is vital to all SMB IT admins. 

The Australian Cyber Security Centre (ACSC) announced the key areas of cyber threats, Malware, Scam Emails, Ransomware and etc. To avoid all possible hacking, it recommends SMB’s to apply continuous cyber security measures at every level.  But not all SMB can afford the whole package of solutions. Which areas should SMB focus and invest most? Here are some aspects to consider to enhance the cyber security of your business.

Email Security

Attackers are now shifting to target individual users instead of enterprise email infrastructure. Malware and fraudulent are mostly spread through your email infrastructure, which you would like to trust. The links, files, or even pictures might help attackers to spread malicious code, which might eventually help attackers to gain access to confidential company data.

Strengthen your security defenses with better control over all aspects of inbound and outbound emails. You need advanced email protection to provide both cloud and on-premise email security solution continually filters and archives malicious mail before it even hit your network.

DNS Server

Domain Name System can boost your network, also could be the honeypot of your infrastructure. Gartner estimated that 25% of corporate data traffic will bypass perimeter security (Firewall). DNS is an open protocol used by almost all applications over Internet. The open nature has made DNS become a leading pathway for ransomwares and other security risks.

Choosing right platform to defend the cyber threats before it even happens. All applications are using DNS as the pathway for services, so does cyber threats. Before even triggering the cyber threats over the Internet, you would be able to block and inspect it, or proxy suspicious request.

It will help the IT admin to stop the attack before it even begins.

Perimeter Security - Firewall

As the heart of the whole security package in most SMB network, firewall plays a critical role and would be the most cost-effective investment to all SMBs. Industry reports indicate that more than half of SMBs suffer data breaches, yet less than 30% have effective protection against cyberattacks. 

Start investing on your perimeter which could be the easiest option to help your IT admin to protect against a variety of malicious data and users and can also offer peripheral security services to your business. Below is an image of an industry leading firewall by Fortinet that could be a great option for your SMB.

firew
ng

Vulnerability Scan

Vulnerability management involves implementing a tailored solution to ensure the overall risk across your network environment is reduced. A vulnerability management program is to ensure that you stay ahead of any attacks defend all aspects of the network. Scanning and reporting should be based on the needs specific to your organization. This also ensures that you can allocate resources on other essential aspects of the business while we ensure that your network’s vulnerability levels are kept to a minimum.

Sep 02
Cisco

Free Cisco Bug Search Tool By Sprint Networks

By Featured, Superfast IT Networks No Comments

We rely on network devices and the network itself to protect company sensitive data. Due to the complexity and reliance of modern day networks and devices, keeping your network border protected is more importent than ever before. Even for a highly reputed OEM such as Cisco, bugs tend to be a common topic of discussion.  A successful exploit of a bug in your Cisco device could allow an attacker to gain privileges beyond what would normally be authorised for their configured user authorisation level. The attacker may be able to access sensitive information, modify the system configuration, or impact the availability of the affected system. As a system admin/manager it is your responsibility to identify and have an understanding of the bugs in the company system.

We are excited to introduce our new Cisco Bug Search Tool developed right here at Sprint Networks. This tool is currently in Beta, and being worked on to improve user experience around navigation, personalisation and to further add functionality. We also encourage you to provide us feedback on this new tool, as we continue to improve it behind the scene. This article provides a step by step guide on how to get started with the tool.

  • Click on the link below to download the tool. Click on “Cisco Bug Tool” tab and enter in your details, an email will be sent to you with the download link.
Download
bug1
  • Once you download the tool, extract the Zip file.
bug2
  • Open the extracted exe file and choose either option 1 – Find bugs of one device, or option 2 – Find bugs of multiple devices.
bug4
  • We will choose option 1 to keep things simple. Once you enter in “1”, choose your Cisco device software platform. Option 1 – IOS and option 2 – IOSXE.
bug5
  • We will choose option 1 – IOS as shown below. The version of your Cisco device can be found by entering “Show Version” in privileged mode in the Cisco CLI. Enter in your Cisco device software version.
bug6
  • After you enter in the software version, an excel sheet will be generated in the same path as the tool itself. The excel sheet will highlight the severity of the bug and give a Cisco URL to find out more about the bug in depth.
bug7

Please note that this is only a trial version and will not store any of your information.  Sprint Networks do not take any responsibility of any information provided using this tool. Any  information provided will be sent directly  to Cisco Cloud to retrieve the relevant bugs from Cisco PSIRT.

Tool Demonstration

Jul 30
Ransom

Twenty Things For Ransomware Protection

By Network Security No Comments

We are at an especially vulnerable moment in our transition to a digital economy. As mentioned in the last blog, Australia government has an announcement on cybersecurity issues recently happened. It points out an interesting point that the biggest problem is the human factor, especially when it comes to ransomware. It becomes very critical that each organization needs to take steps to protect the network or network attached elements.

While each corporation has its own network environment, without talking about too much details, here are 20 things from Fortinet experts that any organisation can begin to implement today to reduce their risk from ransomware and other advanced threats.

1.   Wherever possible, patch and update operating systems, devices, and software. Make this a priority for your remote workers – especially those using personal devices to connect to the corporate network.
2.   For devices that can’t be patched, ensure that appropriate proximity controls and alerts are in place.
3.   Make sure that all endpoint devices have advanced security installed, such as anti-exploit and EDR solutions.
Update
Access
4.   Also make sure that access controls, such as multifactor authentication and even Network Access Control solutions are in place
5.   Use NAC to inspect and block bring-your-own-devices that do not meet security policy
6.   Segment your network into security zones to prevent the spread of infection and tie access controls to dynamic segmentation.

7.   Use inventory tools and IOC lists to prioritize which of your assets are at the most risk.

8.   Update your network IPS signatures, as well as device antivirus and anti-malware tools.
9.   Back-up systems and then store those backups offline – along with any devices and software you may need in the event of a network recovery.
10.   Make sure that ransomware recovery is part of your BCDR, Identify your recovery team, run drills, and pre-assign responsibilities so systems can be restored quickly in the event of a successful breach.
11.   Update your email and web security gateways to check and filter out email attachments, websites, and files for malware.
Ransomeware
virus
12.   Make sure that CDR (content disarm and recovery) solutions are in place to deactivate malicious attachments.
13.   Use a sandbox to discover, execute, and analyze new or unrecognized files, documents, or programs in a safe environment.
14.   Block advertisements and social media sites that have no business relevance
15.   Use zero-trust network access that includes virus assessments so users can’t infect business-critical applications, data, or services
16.   Use application whitelisting to prevent unauthorized applications from being downloaded or run.
17.   Prevent unauthorized SaaS applications with a CASB solution.
18.   Use forensic analysis tools to identify where an infection came from, how long it has been in your environment, ensure you have removed all of it from every device, and ensure it doesn’t come back
19.   Plan around the weakest link in your security system – the people who use your devices and applications. Training is essential but limited. Proper tools, such as secure email gateways, for example, can eliminate most if not all phishing emails and malicious attachments.
20.   Leverage people, technology, and processes to quickly gather threat intelligence about active attacks on your networks and act on it, using automation where possible. This is crucial to stopping an advanced attack in its tracks.
security

Make your network intelligent against threats with Sprint Networks. We aim to secure Australian businesses and institutions from all malicious activities that can take advantage of network vulnerabilities.

Contact Us now for an industry-leading security solution.

Contact Us

If you have questions, please drop us an e-mail at info@sprintnetworks.com

Jul 23
access 1

Implementation Of Network Access Control

By Network Security No Comments

The current perimeter solution could bring a lot of value to your organisation by defending threats and attacks at the perimeter. However, with todays sophistication of attackers, systems tend to be cracked from the internal network. Hence, a Network Access Control (NAC) tool can be useful inorder to connect the end users with the right authentication. It can be tempting to purchase a off the shelf NAC product and install it on your hardware. This could be catastropic to your network security as the solution is not catered to your network as well as its intended use. Implementing an appropriate NAC will save the organisation the trouble of spending valuable time and money in recovering and detection of threats by taking the steps necessary to plug any vaunarabilities in the network. This article aims to give a step by step guideline to any network security professional to design and plan an entire NAC solution.

Steps to Implement a NAC Solution

1. Survey your network

It is recommended to perform a survey of all the endpoints within your network. That should include, but not limited to, all your server, network devices, user PCs, and piece of equipment that has a leg into your network and is able to access your digital resources. Without this kind of information, NAC would struggle to protect the entire organization, and the system admins will need to spend lots of their time and energy to implement and troubleshoot. 

2. User Identities

It is a must to have a solid plan about how you will manage user credentials and identities within the organisation. You internal directory system should be able to verify user identities. All users should be manageable and have their account information details. After setting up all the account details and understanding the role of each user, then, you can move to the next step to determine how the permission or roles be allocated.

User Identity

3. Designing policies

Creating permission policies by using Principle of Least Privilage (PoLP) rules. It means you should only grant access at the mandatory level required for the individual users to perform their daily duties. This is one of the most critical steps as you do not want to open your systems up to attack through small security gaps that you are not even aware of. Having all teams together and making a concrete structure in which everyone would be able to access the network securely.

4. Apply Permissions

Once the permissions determined, you can have the permission policies ready by integrating your existing directory system or importing your permission policies directly. All valid users will be registered to the NAC system, and all activities can be recorded and tracked. Illegitimate access will be blocked at the edge of your network.

Permission

5. Maintaining policies

Managing network access controls is not a one-off activity. As there would be staff and network changes constantly, network admin must constantly monitor security operations and adjust policies based on business requirements and network evolvement.

How to choose a Network Access Control solution

As discussed earlier, today’s NAC products aim to cover a wide range of use cases to boost the overall security of your enterprise. That can make it challenging to find the right solution for your company, especially if you don’t know what your internal security weaknesses are.

control System

Make your network intelligent against threats with Sprint Networks. We aim to secure Australian businesses and institutions from all malicious activities that can take advantage of network vulnerabilities.

Contact Us now for a industry-leading NAC solution.

Contact Us

If you have questions, please drop us an e-mail at info@sprintnetworks.com

Jul 21
denied

Network Access Control

By Network Security No Comments

What is NAC?

Given the current businesses reliance on tech on a daily basis, many organisations feel the need like to tackle the cyber issue from various angles. Traditional ways are to procure a simple antivirus solution, perimeter firewalls, and use a separate system for managing access permissions. However, with the heavily use of Wi-Fi and mobile devices, the trend has shifted to embrace the NAC, Network Access Control.

What is Network Access Control, NAC?

Network Access Control is the act of keeping unauthorized users and devices out of a private network. Organisations that give certain devices or users from outside of the organization occasional access to the network can use network access control to ensure that these devices meet corporate security compliance regulations.

NAC solutions are designed to help network admin to boost the overall security level for internal users. That would guarantee the right person would get the right permissions with right authentication methods.

What are common use cases for network access control?

If an organization is under any of the following circumstances, they need to think cautiously about network access control to secure the enterprise network:

  • Bring Your Own Device (BYOD):

    • Any organization that allows employees to use their own devices to connect to the corporate network or take the corporate devices home should think about when those devices connect back to the company sensitive network. Each device could be or create a vulnerability that which will encourage the cyber criminal to bypass the traditional security controls.

  • Network access for non-employees:

    • Some organizations need to grant access to people or devices that are outside of the organization with many reasons, like conferences, contractors or visitors. But, those access with different purposes should not be subject to the same security controls. Especially for contractors, they might need the access to the corporate network from time to time, and you will not want to grant the same level of access which you employees have for a short time project. That should be under the monitor and with proper level of authentication.

  • Network access without Port Security:

    • Traditional network access will require the end users to connect to the floor switched to gain the access to the network. But, some of the access are not under port security policies. That means anyone can access the network when they plug into the same port without necessary authentication to fake the employee permissions. For those ports which are exposed and hard to manage as constant changes happened, it is necessary to use NAC to grant the right authorization to the person no matter where they connect.

  • IoT devices:

    • The Internet of Things, as known as IoT, has given rise to a proliferation of devices that may fly under the radar of traditional security controls. They could locate outside of your physical buildings, but they still be able to connect to your network through some forms of transmission media. As a non-standardized industry, Cyber criminals can easily exploit these overlooked devices to find their own ways into your network without getting any kinds of permissions. Network access controls plays a important role in your edge security.
    Network Access Control 3

    Make your network intelligent against threats with Sprint Networks. We aim to secure Australian businesses and institutions from all malicious activities that can take advantage of network vulnerabilities.

    If you think you are at risk!

    Contact Us

    If you have questions, please drop us an e-mail at info@sprintnetworks.com

    ×