A dozen or so days ago it ended VI Wielkopolski Convention of IT specialists and XXX Club of Local Government IT. Our company once again participated in this event as a Partner and exhibitor.

At the UpGreat stand, we presented our IT security services:

• implementation of network protection solutions based on PaloAlto firewalls and user station protection system using TRAPS software,
• security and GDPR compliance audits,
• NetApp arrays as an efficient platform supporting applications and guaranteeing data availability,
• our proprietary "Plug-In backup" solution built on the basis of Veeam products (data protection in 5 minutes, monthly billing according to the number of virtual machines).

The presentations and information materials shown during the seminar can be downloaded from our website:

• presentation about UpGreat
• presentation about PaloAlto next generation firewalls and TRAPS workstation protection
• presentation about NetApp matrices as a proposal for local governments
• presentation about IT security in the context of GDPR
• a short film showing breaking into a WLAN - WEP network
• a short video showing breaking into a WLAN - WPA

Additional downloads:

• overview of PaloAlto firewall parameters
• PaloAlto Threat Prevention - comprehensive network protection against exploits and malware
• compliance of PaloAlto firewalls with the requirements of the GDPR
• WildFire service - protection against targeted and unknown malware
• TRAPS - advanced protection for workstations
• PaloAlto AUTOFOCUS service - enhancing protection against threats
• NetApp E2800 matrix - specification
• Veeam Backup & Replication - product description
• SOC service provided by UpGreat
• security audits performed by UpGreat

We would like to thank all the people who visited our stand and listened to our presentations. Of course, feel free to contact us!

We are after the technological meeting "Tasty morsels in the HPE menu", which took place on September 19, 2017 at the Concordia Design conference center in Poznań. During the meeting, some interesting HPE technologies were discussed:

• HPE VM Explorer and HPE StoreOnce - an alternative to expensive backup solutions. HPE VM Explorer is an inexpensive software for data protection in virtual environments (the list price of the Professional version for 4 processors with annual support is PLN 3,417.00 net). According to Gartner, HPE StoreOnce is the leader of deduplication solutions next to EMC DataDomain. HPE StoreOnce is a virtual or hardware appliance with a capacity from 5.5TB to 1.7PB - the nominal deduplication ratio is 20: 1.
• HPE StoreVirtual 3200 - enables the construction of multisite stretched cluster (network RAID). The HPE StoreVirtual 3200 array can be used independently as mass storage or as a network RAID in a configuration extended to two nodes.
• HPE Synergy 1200 - a new platform for blade servers enabling the construction of composable platforms for applications. The HPE Synergy 12000 is the successor to the blade computers (c7000 chassis).
• HPE Moonshot - a system enabling the construction of solutions with a large number of servers - high packaging, many hardware platforms and a very low expansion cost. Possible applications of HPE Moonshot are solutions for HDI (hosted desktop infrastructure), virtualization, solutions hadoop, efficient image and sound processing. HPE Moonshot will be perfect for a university or in a development environment.
• HPE Apollo - a very efficient server solution ensuring high density of server modules and mass memory at the same time. With the use of HPE Apollo, we can build efficient clusters for a variety of applications, e.g. in design, simulations, financial risk modeling or scientific modeling.
• HPE 3Par - we discussed the new version of 3Par OS 3.3.1 and favorable changes in the licensing of individual functionalities. HPE 3Par StoreServe is a family of mass storage products dedicated to large enterprises. HPE 3Par StoreServe enables the construction of efficient multi-node storage solutions ensuring redundancy and load balancing.

Our audience.

Below are the presentations and materials from the seminar:

• Piotr Flis - About UpGreat
• Maciej Grabowski - server solutions
• Piotr Nogaś - mass storage solutions

Additional information:

• HPE VM Explorer specification (simple backup software)
• HPE StoreOnce specification (storage with deduplication)
• HPE StoreVirtual 3200 specification (2-node matrix with built-in replication)
• HPE Moonshot specification (blade server system - up to 180 computers in one housing)
• HPE Moonshot presentation
• HPE 3Par StorServe 7000 specification (multi-node enterprise-class array)
• HPE Synergy 480 Gen10 Module specification (the latest module for HPE Synergy 12000)
• HPE Synergy 660 Gen10 Computing Module specification (the latest module for HPE Synergy 12000)
• HPE Apollo system specification (efficient modular servers)

We would like to thank everyone present for their time and invite you to contact our Sales Department!

The HPE offer includes several new products and opportunities that we decided to present to you at a technology meeting that we organize together with HPE Polska.

Below we present our subjective choice:

• An alternative backup solution at a very good price: HPE VM Explorer + deduplication from HPE StoreOnce (alternative to veeam).
• Inexpensive multisite stretched cluster (network RAID) using the HPE StoreVirtual 3200 array.
• The successor of blade servers - HPE Synergy 12000 (especially interesting for owners of blade computers, a lot of news).
• Cosmic possibilities with HPE Moonshot and HPE Apollo servers (highly scalable modular computers with high density).
• News in the HPE 3PAR world - additional functionalities, favorable licensing changes.

Our free seminar will be held on Tuesday, September 19 at the Concordia Design conference center in Poznań at 3 Zwierzyniecka Street. Apart from interesting topics and gifts that we will distribute among the participants of the meeting, the proximity of the newly opened "Bałtyk" Business Center will be an additional attraction: o)

Information on the meeting agenda can be found here here. Please register using form on our websitej.

We finished in early July series of workshops introducing our clients to IT security issues. There were four meetings devoted to the following topics:

• Penetration tests (reconnaissance, scanning, enumeration, metasploit, password cracking, wifi analysis),
• Social engineering tests (backdoors, delivering malware, avoiding detection by antiviruses),
• Web application tests (password cracking, SQL injecting, BurpSuite scanning),
• Risk analysis and protection of personal data in the context of GDPR.

In total, about 40 people visited us during the workshops. More people were interested, but due to the capacity of our conference room, we could not register all of them

Our experience gained so far during security audits and system tests shows that the security solutions used in enterprises do not correspond to rapidly changing threats, and one of the most effective and, at the same time, the most neglected security measures for IT systems is training and a continuous process of improving employee competences. It should be noted that training should be periodic and be oriented towards updating knowledge in line with emerging threats.

I am pleased to inform you that our autumn safety workshop proposals for you are very interesting. You will of course be informed about the dates. The topics presented include new generation firewalls operating on the application layer, protection of workstations with the use of behavioral analysis, issues of backup as a service and outsourcing of services related to security.

Using the links below, you can read the materials from our workshops:

• Ethical hacker workshop,
• GDPR workshops - risk analysis,
• assets - risk analysis.

We would like to thank all participants for their time and feel free to contact us.

In recent days, some companies have experienced a ransomware attack WannaCry. More than 200,000 computers in over 100 countries have been infected. Antivirus protection and user training are not always effective with this type of software. For this reason, an efficient solution for managing data backups (backup) is an effective supplement to data protection methods.

We invite you to a workshop on EMC Avamar - the best workstation and server backup solution on the market, which will take place on June 8 this year at our company's headquarters in Poznań at 22 Ostrobramska Street.

The distinctive features of EMC Avamar are:
- backup of physical and virtual environments,
- backup of servers, workstations and databases (MS-SQL, Oracle, DB2),
- the best data deduplication ratio on the market (many times better than in the case of veeam Backup & Replication),
- efficient deduplication "on the source side",
- efficient work in a wide area network - effective use of the available band,
- data recovery also available to users,
- reconstruction of single and whole machines (also "bare metal"),
- intuitive user interface,
- very favorable licensing.

EMC Avamar is available as a complete hardware appliance containing the necessary disk resources and as a virtual appliance. EMC Avamar can be complemented by EMC DataDomain - an efficient, hardware data deduplicator.

During our workshops, we will discuss in detail the technical aspects of EMC Avamar's operation and show the solution in action. After the workshop is over, you will have the option of renting the device and testing your environment.

The workshop is free of charge.

To register your participation in the meeting, please use form on our website.

We cordially invite you and see you!

Ladies and gentlemen,

IT system security issues are of interest not only to institutions such as banks, energy companies and government administration. The problem affects all companies, regardless of their size, on a daily basis, including many of our clients. According to the report entitled "Business protection in digital transformation or 4 steps to a safer company" recently published by PwC Polska, as many as 96% companies experienced over 50 security incidents in the last year. Due to the growing integration of production systems with IT systems, threats also apply to the continuity of production.

According to our experience, the most common (realized) manifestation of cybercriminals' activity among our clients are the effects of ransomware in order to obtain a ransom. We wrote about the spectacular amounts of ransom in an article on our blog. In this context, it is also worth considering attacks on production systems (OT) such as production lines, industrial automation, and warehouses. In this case, you can also expect interest from cybercriminals - they can count on a large ransom for withdrawing from the attack, since in some companies known to us the costs of stopping and restarting production are counted in millions of zlotys.

In order to meet the expectations of our clients and to make them aware of the scale of the threats, we decided to organize a series of 4 workshops during which we will show how and how easy it is to threaten our IT and OT systems. Below you will find the dates and agendas of individual meetings. The meetings will be held at our company's headquarters in Poznań at 22 Ostrobramska Street. The duration of each workshop is 4 hours, and participation is free of charge.

During meetings 1, 2 and 3, please have a computer with a virtual machine with the KALI Linux distribution with you, the installation version of which can be downloaded using of this link.

Workshop 1 - Introduction to Penetration Testing - April 25, 2017

Topics:
- information reconnaissance,
- scanning and enumeration,
- brute force and dictionary attacks on passwords,
- attacks on WLAN networks.

To register for the workshop on April 25, 2017, please use registration form.

Workshop 2 - Penetration Testing and Social Engineering - May 16, 2017

Topics:
- metasploit,
- social engineering toolkit,
- generating backdoors,
- C&C servers.

To register for the workshop on May 16, 2017 please use registration form.

Workshop 3 - Web Application Penetration Testing - May 30, 2017

Topics:
- structure of web applications (languages, frameworks, web servers),
- introduction to SQL,
- vulnerability scanning,
- sql-injection and CSS attacks.

To register for the workshop on May 30, 2017, please use registration form.

Workshop 4 - General Data Protection Regulation (May 4, 2016, Official Journal of the European Union) - moved to July 4, 2017

Topics:
- uniform rules throughout the European Union,
- new obligations of the Data Protection Officer,
- risk analysis - methodologies and examples,
- severe penalties.

To register for the workshop on June 20, 2017 please use registration form.

You're welcome!

On April 6-7, 2017, at the Molo Hotel in Smardzewo on the Sulejowski Reservoir, the event will take place VI Convention of Informatics employed in public administration. The conference is aimed at representatives of public institutions responsible for computerization of their units. During the meeting, there will be a series of presentations devoted to, inter alia, e-services in public administration, medical records management and cloud services.

Our company is a partner of the convention alongside such companies as Microsoft, Samsung, Ever, Kyocera.

On the second day of the convention, Jakub Staśkiewicz, a security consultant in our company, will lead presentation entitled "Data leakage - how not to manage security incidents". During the demonstration, we will discuss in detail one of the cases of vulnerability to cyber threats detected by us in an organization providing services on the Internet.

During the entire convention, we also invite you to our stand, where you will be able to talk and consult related to the broadly understood information security. In addition to services like security audits, KRI audits, security policies and training, we also offer SOC (Security Operations Center) services, i.e. outsourcing of security management services.

Therefore, we invite all our customers and friends to the convention, to our presentation and to our stand. See you later!

Serious data leaks and security incidents do not necessarily have to be the result of deliberate actions by intruders aimed at a specific target. They are not always noticed immediately by the victims of the attack. Often a serious breach of security occurs as a result of a combination of several events and its detection may be the result of the inquisitiveness of a random person. The following is a transcript of an interesting investigation, as a result of which we discovered a very serious threat to customer data of a large hosting company.

WARNING:
The description below includes links to websites that have been attacked or maintained by reputable organizations. Opening them may be dangerous.

Case study

On one of the websites maintained at AZ.pl (a hosting company belonging to Home.pl that supports the largest number of domains in Poland according to http://top100.wht.pl/) I noticed suspicious behavior: typing the website address in the browser caused redirection to the address http://semanticore.com.pl/admin/dropbox/proposal/which opened a page pretending to be Dropbox and asking you to log in - a classic phishing. The first thing that occurred to me was that I missed my domain renewal and someone took over. But no, domain is paid for. So I log in to the hosting panel and check the website files. Several of them have today's modification date, although I have not made any changes today. The website has therefore been modified in an unauthorized manner. Quick analysis of possible attack vectors: Continue ...

The health service must immediately implement professional IT security solutions.

According to the current legal status, from August 1, 2017 (i.e. for a little more than a year), medical documentation will have to be kept only in an electronic company.

Although the date of entry into force of the provisions on electronic medical data of the "Act of April 28, 2011 on the information system in health care" has been postponed many times, and this may also be the case this time, we must take into account that this moment will inevitably is coming and will eventually come.

Undoubtedly, the implementation of the provisions of the Act and the ordinances of successive Health Ministers regarding electronic medical documentation imposes a gigantic and very responsible implementation task on the entire healthcare system. I really hope that the whole project will be successful. The consequence of launching electronic medical information systems will be increased requirements for the security of information systems in hospitals, clinics and other health care facilities.

There are several important places in medical information systems that can be vulnerable and vulnerable to cyber threats:

• Databases of personal data,
• Patient health databases,
• Life support systems and patient condition monitoring,
• HIS (Health Information Systems) in the medical and administrative part,
• Medical equipment,
• Other systems that may affect the implementation of key processes.

In January 2016, a spokesman for the Hospital in Ottawa reported that 4 of the nearly 10,000 computers in the hospital were attacked with software ransomware. This type of malware, after clicking on an attachment in an email, a link in an email or on a website, blocks files on the infected computer. After paying the ransom, the attack victim receives a key that enables the reopening of encrypted files. In the case of this attack, the hospital did not pay the ransom, and IT services wiped the contents of the disks and restored the data using backups. The hospital said the patient's data was not at risk.

Continue ...

On Monday, April 4 Brocade Communications Systems announced its intention to acquire the company for $ 1.5 billion Ruckus Wireless. It seems that another strong player on the network solutions market is emerging before our eyes, able to compete with such powers as HPE and Cisco.

It is clear that the takeover of Aruba by HP, about what we wrote in March 2015, resulted in a change of the market leader in network technologies. This is indicated by the Gartner report published in September 2015, which we commented recently on our blog. In addition to the leading position, HPE draws attention strong weakening of Cisco's position and the grouping of many companies in the middle of the chart for the completeness of the solution vision. Brocade and Ruckus are also in the main group.

At this point, however, it should be noted that for some time Gartner has been treating the offer of solutions in the field of wired and wireless networks as a whole. This approach enables an objective evaluation of the comprehensive network offer and at the same time weakens the position of manufacturers with only LAN solutions or only WLAN solutions. In this context, the Brocade-Ruckus offer should be strongly shifted to the right in the near future. This is all the more likely as both companies have the flexibility and adaptability that are not appropriate for very large corporations such as HPE or Cisco.

About Brocade Communications
Brocade was founded in 1995 by Seth Neiman - former manager at Sun Microsystems and professional racing driver (!), Kumar Malavia - co-author of the Fiber Channel protocol specification, and Paul R. Bonderson, manager from Intel and Sun Microsystems.

Currently, Brocade Communications Systems in IT environments is associated primarily with high-quality, efficient solutions for SAN networks. As a leader in the implementation of the Fiber Channel protocol, the company sells its products both through its own network of partners, as well as under OEM agreements with major suppliers of IT solutions such as HPE, Dell, EMC, NetApp, Fujitsu, Hitachi, Huawei, IBM, Lenovo or Oracle .
Beginning in 2008, after purchasing Foundry Networks, Brocade also offers a wide range of LAN and WAN devices. Such products include ultra-fast switches for data centers, enterprise-class switches and routers, load balancers. It should be mentioned that Brocade actively supports network virtualization solutions as well SDN (Software Defined Networking) by offering own products and participating in Open Networking Foundation and contribution to the work on the protocol OpenFlow.

We also invite you to read the article on our website dedicated to the product family Brocade FCS Fabric dedicated to data centers.

About Ruckus Wireless

Ruckus is an innovative company founded in 2004 by William Kish and Victor Shtrom. Since its inception, it has focused on providing indoor and outdoor wireless products from the "Smart WiFi" family for Internet providers and enterprises.

As the owner of many patents in the field of wireless voice, image and data transmission, Ruckus has made a significant contribution to the development of WLAN technology. Thanks to the use of adaptive matrix antennas, it was possible to increase the range and speed of data transmission, reduce interference effects and thus enable the transmission of delay-sensitive data and multimedia services using the standard 802.11 protocol.
It was Ruckus who invented and designed the technology of matrix antennas BeamFlexand then sold licenses to other producers to use beam forming technology. Beam forming technologies are now available on access points from many vendors such as Aruba, Cisco, Meru, and others.

In 2015, Ruckus was the first manufacturer to implement the 802.11ac Wave 2 standard in its access point long before others - it was the Ruckus ZoneFlex R710. According to data from Ruckus Wireless, this device provides transmission speed of 800Mbps at 2.4GHz and 1733Mbps at 5GHz.

Oh, it will be happening !!!