The Problem Here’s the situation – you have a group of users who work a hybrid schedule. One of the users, while working at home, gets malware from a compromised website. That malware-infected PC gets taken back to the office and put on the corporate network, whereupon the malware now can try and spread to other devices. How do we protect against this kind of situation? Historically, tools to manage remote device security on the endpoint itself were limited in their security capabilities or had undesirable effects on user experience. Alternately, remote users would be required to VPN into the corporate office at time of boot, where all traffic would be sent over the VPN for processing by the on-premises security stack. The first issue is that with a lot of remote users, the corporate firewall and the internet connections would be put under considerable load, perhaps enough to demand
Supporting Work-From-Home Users with ThousandEyes A powerful network monitoring solution that takes your troubleshooting up a notch. The Problem If you’re supporting a large remote workforce, you’ve had an executive call on Monday morning to say: “I joined a meeting over the weekend and audio quality was terrible. Can you make sure it doesn’t happen again?” Pre-pandemic, it may have been acceptable for IT to dismiss work-from-home problems without much digging. Troubleshooting was a crapshoot because of so many variables with little visibility into the traffic path. What device was the user logged in on? Do they have reasonable wireless coverage? Who is their ISP? Better yet, is their ISP having problems, or is the service they’re trying to connect to even up? This was less a can of worms, and more like Pandora’s Box made into a Rubik’s Cube. So, like most difficult problems with limited tools to work
Scripting with Ansible and Python How to Find Rogue, Unmanaged Devices Client Issue A client came to us with a complicated global network environment of engineers, developers, and executives. They were facing the same issues that many larger companies with multiple IT departments and variable infrastructure face – non-uniformity, rogue devices, poor historical reporting, security flaws, etc. Problem: Shadow IT issues caused by developers creating their own virtual machines without going through the appropriate channels and having the appropriate security tools correctly installed on the hosts. Our DevOps department has created a library of customized scripts to tackle this device management issue (and all the problems that come with it) both moving forward and retrospectively. Scripts and Constraints The networking team was hard at work locking down access lists at the same time we were looking for a way to query the devices that were out on their network. Our
Zero Trust in the Campus Controlling Network Access Securing Infrastructure Access When looking at what the major risks are to the security and functionality of IT infrastructure, near the top is access to that infrastructure. Being able to ensure that only authorized devices and users can connect to the network is one of the most effective ways of protecting your infrastructure and data. Users who pick up malware from outside the corporate network can easily bring it in via their machines, or bad actors can attempt to place a device within the network to easily launch attacks on the infrastructure from the inside. And it’s not just a security thing – one of the most aggravating components of ‘shadow IT’ is the random devices users bring in and attach to the network. Printers are probably the most common, but other things like networked music players are a notable hassle. And
Solving a persistent problem between two meeting clients The Problem A client recently came to us with an issue they were having with their suite of various models of Cisco Cloud registered Room Kit systems. Zoom and WebEx are both utilized for their meeting clients. They were able to use the one button to join feature to join WebEx meetings, but the Zoom meetings were prompting for a meeting ID and a passcode. The issue was relayed to our team who began to investigate What is One Button to Push? (OBTP) The client has been utilizing a feature in the Room Kit software called One Button to Push (OBTP). It allows users to integrate their calendars with the Room systems and join SIP enabled meetings with a single button. This feature parses the calendar entries looking for meeting information and populates the system with as much of the provided information
Zero Trust in the Datacenter Machine to Machine Security How Machine to Machine security differs from User to Machine Now that we’ve looked at user to machine security in the datacenter, it’s time to look at machine to machine security (also known as east-west security). The goals of machine to machine security are going to be quite different than user to machine security, and those goals will also depend on what types of applications and uses your data center will have. For most datacenter environments, the primary goal of machine to machine security is to provide a last line of defense in case an intruder has managed to gain a foothold in your organization’s infrastructure. This is not a reason to ignore machine to machine security! Remember: One of the core parts of the zero trust philosophy is to expect that intrusions will happen or may even be happening right