WHAT IS ITAM AND WHAT IS IT USED FOR?

09/29/2024 |

 

What is ITAM (IT Asset Management)?

 

ITAM is management process the life cycle of IT resources – from purchase, through implementation and use, to disposal. This process includes monitoring:

  • Computer hardware (servers, laptops, network devices, printers),
  • Software (licenses and subscriptions, updates, compliance with laws and regulations e.g. NIS-2, DORA).
  • And also cloud infrastructure (virtual resources, cloud services).

 

Why is ITAM important?

 

  • Cost optimization: Tracking all IT assets allows you to identify unused or unnecessary resources, which allows you to optimize operating costs.
  • Compliance with the provisions of license and subscription agreements, as well as with laws and regulations (NIS-2, DORA): ITAM helps monitor compliance with license agreements and legal regulations, minimizing the risk of financial and reputational penalties.
  • Data security: IT asset management allows you to detect and respond to potential security threats faster, protecting sensitive corporate data.
  • Operational efficiency: Effective management of IT resources streamlines internal processes, which translates into better productivity and customer and employee satisfaction.
 

What are the key elements of effective ITAM?

 
  • Asset inventory: Create an accurate record of all IT assets, including hardware, software and licenses.
  • Asset Lifecycle Management: Monitoring assets from acquisition, through use, to decommissioning.
  • Process automation: Using tools to automate asset management tasks, which increases efficiency and reduces the risk of errors.
  • Data analysis: Regularly analyze asset data to make informed business decisions.

 

How to implement ITAM in an organization?

 

  • Defining goals: Define what you want to achieve with ITAM, e.g. reducing costs or increasing security.
  • Choosing the right tools: Invest in asset management software that meets the needs of your business.
  • Team training: Ensure employees are properly trained and understand the importance of ITAM.
  • Continuous improvement: Regularly monitor and update ITAM processes to adapt to changing business needs.

 

Summary

 

ITAM implementation is a strategic step towards increasing the efficiency and competitiveness of an organization. Through effective management of IT assets, companies and organizations can not only reduce costs, but also minimize risk and improve the quality of services provided.

Are you ready to implement ITAM?

If you would like to learn more, please contact us:

Cisco Umbrella – protection against phishing, malware and ransomware

02/26/2024 |

Cisco Umbrella – secure your network!

 

Cisco Umbrella DNS Security protects users against Internet threats such as malware, phishing, viruses and other unidentified threats known as "Zero day" threats. It protects all users, both those working in the local network and those connected remotely via VPN. Cisco Umbrella is another element of corporate network security, apart from the one we described earlier Cisco DUO.

Cisco Umbrella DNS Security is a solution available from the cloud and does not require any resources on the client's side. It works by preventing threats by blocking access to Internet resources with a low and suspicious reputation. It is based on several dozen URL categories that can be blocked or made available to users or their groups using configurable policies.

Cisco Umbrella DNS Security works by redirecting DNS queries to Cisco cloud servers, which check the reputation of websites visited by users. The whole thing is based on resources created by one of the leading cybersecurity teams - Cisco Talos Intelligence Group. Thanks to this approach, Cisco Umbrella protects against known and identified threats, but also against unknown threats by blocking access to malicious domains, URLs and files.

Cisco Umbrella DNS Security perfectly fits the needs of small and medium-sized enterprises, which have recently been frequent targets of attacks due to the lack of advanced security systems. SMEs have less specialized IT teams and limited budgets, which results in the increased use of simpler Internet gateways that do not protect against most new threats coming from the Internet. Cisco Umbrella protection is additionally extended to remote and mobile users, which can be a good complement to the security system also in larger organizations.

Cisco Umbrella DNS Security is a system configured and managed via a web browser. The management system allows for quick implementation of the basic scope of protection. The solution can be extended by integration with directory services, recognizing users and groups, assigning various policies to them, identifying workstations and their configurations, as well as collecting data and analyzing user traffic and existing threats. The whole thing is monitored using ready-made panels and tools available to the administrator.

Cisco Umbrella DNS Security can work with MDM systems managing mobile devices, ensuring their protection by redirecting DNS queries, with the Cisco DUO system providing two-factor authentication. Cisco Umbrella is an integral part of the Cisco Secure Client (AnyConnect) suite necessary for VPN connections.

 

What does Cisco Umbrella DNS Security do for you?

  • redirects and analyzes the correctness of DNS queries based on the Cisco Talos database,
  • protects users working on and off the network,
  • works against threats that the local antivirus system does not protect against, such as phishing, malware or unidentified threats,
  • available from the cloud with tools and panels for administration and management,
  • licensed per user with a subscription for one year or more,
  • attractive price - monthly subscription for one user - USD 4.5 (Cisco Umbrella DNS Security Essentials).

 

More information on the dedicated page Cisco Umbrella. Please also contact us:

Penetration testing workshops at the client's premises

12/12/2023 |

Do penetration testing independently !

 

Penetration testing competencies for your IT team? Periodically checking the security of your IT infrastructure on your own?

We offer you 3-day, intensive practical classes in the field of IT security, which we can also organize at your company.
The program includes practical implementation of the following topics:

  • Module 1 – Preparation of the test environment (45 min.),
  • Module 2 – Information reconnaissance (90 min.),
  • Module 3 – Scanning and enumeration of systems (90 min.),
  • Module 4 – Vulnerability search and analysis (120 min.),
  • Module 5 – Using vulnerabilities to break security (120 min.),
  • Module 7 – Social engineering and backdoors (120 min.),
  • Module 8 – Penetration testing of web applications (120 min.).

 

Additional benefits?

  • Workshops can be held at the client's premises, so they do not require delegating employees or leaving the IT environment unattended. The workshop formula allows for flexible time management and, if necessary, handling of sudden failures or incidents requiring the participation of IT staff.
  • There are no rigid and predefined deadlines, we will adapt to the client's needs.
  • All tools presented at the workshops will be made available to participants along with training materials. In our workshops, we do not use tools that require any additional costs or licenses.
  • Each participant will receive a WLAN card used for penetration testing.
    Each participant will receive training materials and databases for testing password strength on a pendrive.

 

More details in the workshop agenda -> Penetration testing – workshops for clients

 

Contact persons:

Cisco DUO – universal multi-factor authentication

11/27/2023 |

Cisco DUO – security in subscription

 

Multi-factor authentication, also known as MFA (Multi Factor Authentication), is currently an essential element of securing access at the edge of the network, and in environments requiring an increased level of security, also internal access to networks and applications. As part of multi-factor authentication, in addition to standard data such as user and password, an additional factor generated by the system is introduced. Only by providing three correct elements, the user can be authenticated and granted access to network resources.

Upgreat Systemy Komputerowe Sp. z o. o. is an experienced Premier Partner of Cisco Systems. We will implement two-factor authentication with Cisco DUO and secure your network.


Below are the most important features of the Cisco DUO system:

  • Cisco DUO is a cloud solution, and its implementation does not require additional resources in the customer's infrastructure. It's quick and relatively easy.
  • Cisco DUO offers the following additional authentication factor options: confirmation from a mobile application, a short SMS text message, a phone call, and a hardware token.
  • Cisco DUO provides an API compliant with the SAML 2.0 standard, allowing for easy integration with any application. This allows you to authenticate access to many applications, such as: Office 365, Salesforce, Dropbox, Zoom and others.
  • Built-in integration with directory services: Active Directory and Azure AD.
  • Integration with a wide range of remote access termination solutions. Among others: Cisco FirePower, Fortinet, Sonicwall, Paloalto.
  • The list of ready-made integration platforms can be found at https://duo.com/docs
  • In Premier and Advantage versions, monitoring the security status of customer devices, operating systems and applications and verifying their compliance with policies.
  • The infrastructure for European entities is located in the AWS environment in Europe.
  • The list price is 3$ per user per month for Cisco DUO Essentials, 6$ for Advantage, and 9$ for Premier.
  • Subscription licensing.

 

Contact persons:

LunaNet – network services on the Moon

11/16/2023 |

Despite skeptical voices about space exploration -> https://www.scientificamerican.com/article/why-well-never-live-in-space/ The Artemis program is a fact.

 

The official goals of the Artemis program are:

  • Astronaut landing on the moon,
  • Construction of a permanent lunar base, which will act as a starting point for future space missions, including those aimed at Mars,
  • Conducting scientific research and astronomical observations in conditions of reduced gravity and in the absence of an atmosphere,
  • Although you will not find such information on NASA's website, you cannot forget about military, geostrategic and raw material issues.

IN interview for Politico NASA chief Bill Nelson said: "It's a fact: we are in a space race." And about the Chinese: “And it is true that it is better to be careful that they do not reach an [important] place on the Moon under the guise of scientific research. And it is not impossible that they will say: "Stay away, we are here, this is our territory."

It is also true that a large-scale conflict on Earth will begin with the destruction of satellites in low Earth orbits (LEO) in order to limit the enemy's military capabilities, and whoever controls the Moon will have an easier time controlling the space around the Earth. The US Department of Defense declares: "Operating in space is an integral part of the way the U.S. military fights."

An important part of plans to implement geostrategic goals and the Artemis program itself is network communication, i.e. "LunaNet: A Flexible and Extensible Lunar Exploration Communication and Navigation Infrastructure". Since, as one might assume, LunaNet is also intended to have military applications, it means that a network on the Moon will be created.

 

LUNANET

 

The requirements for communication within the LunaNet network are as follows:

  • Interoperability thanks to the use of standard communication solutions,
  • Support for multiple government and private users and vendors,
  • Service delivery orientation,
  • Scalability,
  • Openness thanks to the use of widely recognized technologies,
  • Resistance to damage,
  • Security and resistance to cyber threats,
  • Possibility of using LuneNet technology on other celestial bodies.

 

LunaNet will provide communication between objects on the Moon itself and communication with Earth. The network infrastructure will be built based on nodal points that will be placed on the surface of the Moon, in lunar orbits and on or around the Earth.

  • The network layer topology will consist of store-and-forward nodes, which is to guarantee resistance to delays and interruptions in transmission.
  • Data will be exchanged in a multi-hop infrastructure.
  • Access to the network will be through connections to relays on the lunar surface, to relays in lunar orbits, or directly to relays on Earth.
  • The network bandwidth is to ensure the possibility of multiple simultaneous video and voice streams in HD quality.

 

SERVICES OFFERED BY THE LUNANET NETWORK

 

LunaNet will provide 3 basic types of services:

  • Network Services (Net) – data transfer services enabling data transfer between nodes over a single link or an end-to-end path spanning multiple nodes.
  • Positioning, Navigation and Timing (PNT) Services – position and speed determination, synchronization and time determination services. PNT also provides location services in the field of search and rescue.
  • Services for Scientific Applications (Sci) – services providing situational alerts and scientific measurements, and working for the safety and protection of people and property. Data from scientific instruments will enable further research and technology development on the Moon.

Network Services (Net)

 

Data transmission services will be able to be provided at various levels:

  • At the lowest layer, communication will take place using network services based on the DTN Bundle Protocol (Delay Tolerant Networking),
  • Communication in some parts of the LunaNet network may be routed via IP packets, provided that the IP protocol does not guarantee end-to-end delivery of data to all nodes in the larger network,
  • Some intermediate nodes may switch or forward data on the link or at a lower layer to ensure speed or interoperability.
 
Interoperability between directly adjacent nodes and with the standard network layer will enable the construction of the LunaNet architecture within many types of infrastructure elements, regardless of the frequency band, spacecraft type or service provider.
The entire LunaNet network will meet security requirements such as confidentiality, integrity and availability.
Currently, the basic requirement for Earth/Moon communication is 110Mbps. In 2035, it will be 950Mbps, thanks to complementing radio communication with optical communication from 2029.
 

Positioning and Navigation Services (PNT)

 
Service features:
  •  Navigation on the lunar surface,
  •  Location tracking, including search and rescue (SAR) operations
  • Time synchronization,
  • relative navigation,
  • Autonomy,
  • Time keeping and dissemination (GPS time tracking possible).

 

Services for scientific applications (Sci)

 

Service features:

  • The distributed infrastructure will enable the construction of an efficient network and transmission of scientific data from many sources, such as sensors and scientific instruments ("geodesy", radio astronomy),
  • Measurements of the Sun's behavior will enable early response to events that may threaten human safety. It is necessary to use soft X-ray and solar energy particle (SEP) monitoring in a heterogeneous configuration:
    • X-rays arrive from the Sun within 8 minutes of the event starting,
    • The arrival of solar energy particles (SEPs) occurs 200 minutes after the event begins.

SUMMARY

 

  • Implementation of the Artemis program and mission requires the use of high-quality communication infrastructure, which should be reliable, flexible and scalable. The LunaNet architecture is open and is being developed not only by NASA, but also other government agencies, international organizations, commercial partners and universities.
  • Users, both humans and robots (!), will be able to use network functionality similar to that available on Earth.
  • The DTN architecture allows infrastructure to be built in stages that do not require continuous end-to-end connectivity for all users. Moreover, the DTN-based network architecture will be fully suitable for use on Mars and other places where the speed of light delays to Earth is much faster than between the Moon and Earth.
  • Position, Navigation and Timing (PNT) services and scientific applications, space weather observation (SpWx), are critical to users of space and the lunar surface, as well as astronaut safety.
  • This architecture directly supports the Artemis program, which aims to ensure a presence on the Moon by 2028.
  • LunaNet's network architecture enables commercial, interagency (U.S. government) and international partnerships and capabilities seen on the terrestrial Internet.
  • Work on LunaNet is well advanced, both at the conceptual level and in detailed technical solutions.
  • There is close cooperation on the development of LunaNet standards between NASA and ESA (European Space Agency).

SOURCES

 

The study was prepared based on NASA materials:

Brocade FCS Fabric - a new generation of Data Center solutions

04/13/2022 |

Brocade Communications Systems as the undisputed leader in the Fiber Channel switch market has introduced solutions from the world of mass storage to a new generation of network switches designed to support Data Centers and private clouds by implementing the VCS Ethernet Fabric technology.   

When designing the VCS technology, the needs of customers were taken into account, such as:

  • elimination of network barriers in the context of application performance,
  • guarantee of service availability in the face of network disruptions and bottlenecks, the need for flexible network scaling with traffic growth and changes in architecture,
  • the need to quickly adapt network services to the needs of applications in a private cloud environment,
  • simplicity - "is supposed to work" with minimal interference from the administrator,
  • support for cloud environments, including renting infrastructure to multiple entities, adjusting policies and automating processes in the cloud.

Compared to the classic hierarchical Ethernet structure, VCS technology provides higher performance, better link utilization, higher reliability and simplicity of architecture.
VCS technology is nothing more than clustering many physical switches to one logical one with all the consequences related to data transmission in the L2 layer inside the cluster. Clustering of switches is possible at distances of up to 200m. However, the specification also provides for clustering over long distances, up to 30km, with some limitations related to the number and type of ports and the availability of technology, in particular FCoE and iSCSI. A VCS cluster is one logical switch from a management point of view.

Brocade 1

Multiple active data paths are allowed within a cluster. All paths transmit data, and traffic balancing is done for the entire structure at the level of individual packets. This guarantees optimal use of the infrastructure, fast switching in the event of failure of any element of the cluster, and easy scaling. Just add an extra connection and it works. The FCoE protocol is also available inside the entire cluster.

Standard switches and hosts can be connected to the cluster switches by means of multiple aggregated LAG connections without the risk of data loops, without the need to use the STP protocol, with all connections being transmissively active.

Brocade 2

VCS clusters can be combined with each other treating each cluster as a single switch, obtaining a fully reliable, easy to manage, efficient architecture.

Brocade 3

The VCS Fabric solution works with the VMWare environment to offer port profiling. The port profile includes FCoE, VLAN, QoS and security parameters. When migrating a virtual machine between physical hosts, the port profile migrates automatically between cluster switches along with the virtual machine.

Brocade 4

Finally, an important point. VCS Fabric technology is available in the entire family of Brocade VDX Data Center Switches at the price of the switch, without additional licenses, and the entire cluster configures itself automatically when data links are connected.

Emphasis on security - AirTight Networks

04/13/2022 |

As we wrote on our blog (Chasing EPS. Is it profitable to be innovative?) wireless networks and mobile devices are very interesting solutions for enterprises and individual customers. It is estimated that by 2019, sales of wireless devices will increase by 40% compared to now.

What are the challenges of the universality of wireless solutions? In addition to the performance and stability of operation, this is for sure security. For this reason, our company has included AirTight Networks technologies and products in its offer. The question arises, of course, what distinguishes AirTight Networks from other manufacturers. There are two reasons for our choice: these are products designed with the highest level of security in mind and the uniqueness of AirTight, consisting in the possibility of cooperation with already existing networks of other manufacturers.

 The basic features of AirTight Networks solutions are:

  • security - unique patented WIPS protocol ensuring, among others, protection against Client Mis-association attacks, Ad hoc Networks, Rogue AP (WIPS will recognize the difference between "Rogue" AP and external, e.g. neighbor), Mis-configured AP, MAC-Spoofing, unauthorized access, Honeypot / Evil Twin Attack, Denial of Service (DoS) Attack, Man in the Middle Attack.
  • monitoring of wireless networks - additional protection of existing wireless networks thanks to WIPS functionalities (1 AP AirTight for 4 existing ones).
  • openness - the possibility of network cooperation with AirTight on-premise controllers (hardware and virtual) as well as with controllers of other companies such as Cisco, Aruba, Motorola.
  • work in the cloud - the possibility of using a wireless network controller available in the cloud - functionality especially useful for distributed retail networks (shops, restaurants, pharmacies and others).
  • work in various external conditions - AirTight offers inside and Outside access points at very attractive prices.
  • data analysis - AirTight management software provides the ability to analyze incidents related to security and customer traffic. Integration with social media allows for flexible customer service by analyzing their preferences and habits (Social Engagement).
  • compliance with standards - in addition to compliance with the required regulations wireless networks AirTight Networks systems enable periodic audits and reports of compliance with electronic payment regulations PCI DSS 3.1 (Payment Card Industry Data Security Standard).

UpGreat Systemy Komputerowe Sp. z o. o. has the status of an Authorized Partner of AirTight Networks in Poland and provides exclusive customer service in western Poland (Wielkopolskie, Zachodniopomorskie, Lubuskie, Pomorskie, Opolskie and Dolnośląskie provinces).

To learn more about the AirTight product portfolio, please see leaflet. Please also contact us to organize a presentation of solutions, demonstration implementation along with a demonstration of functionalities related to data security and analysis, and possibly to organize site-survey. We also invite you to visit the company's website AirTight Networks.

AirTight Networks is an American company headquartered in Mountain View, California, specializing exclusively in the production and implementation of solutions for building secure wireless networks. Thanks to the use of the proprietary WIPS protocol, networks based on this solution are characterized by the highest level of security available on the market, as evidenced by implementations in the military and banking sectors. Secure wireless networks based on the Airtight Networks architecture are used in the world by over a thousand large companies from every sector of the economy.

KRI audits

04/13/2022 |

Security audits have been included in our offer for a long time. The service is addressed to both private enterprises and public institutions. In every organization, an increasingly extensive sphere of internal activities and those related to contacts with clients takes place with the use of IT systems.

For public institutions, many services are available to provide services to citizens through electronic media. Applications, certificates, extracts from registers, tax declarations can be submitted via internet applications without visiting offices. These possibilities are a great help, but at the same time they endanger the systems available on the Internet and the data stored in them.

We would like to draw your attention to the audits of compliance with the National Interoperability Framework (KRI) performed by our company, i.e. information security management audits in public entities.

KPRM

In May 2012, the Regulation of the Council of Ministers of April 12, 2012 on the National Interoperability Framework entered into force, concerning the minimum requirements for public registers and the exchange of information in electronic form, as well as minimum requirements for ICT systems.

The Regulation in question is an implementing act to The Act of February 17, 2005 on computerization of the activities of entities performing public tasks.

It imposes requirements on public administration units as to the annual IT infrastructure security audit. It concerns in particular:

Art. 2. 1. Subject to sec. 2-4, the provisions of the Act shall apply to those performing public tasks specified by the Acts: 1) government administration bodies, state control and law protection bodies, courts, organizational units of the prosecutor's office, as well as local government units and their bodies, 2) budgetary and local government units budgetary establishments, 3) earmarked funds, 4) independent public health care establishments and companies performing medical activities within the meaning of the provisions on medical activity, 5) the Social Insurance Institution, the Agricultural Social Insurance Fund, 6) the National Health Fund, 7) state or local government persons legal entities created on the basis of separate acts in order to perform public tasks - hereinafter referred to as "public entities". 2. The provision of Art. 13 sec. 2 point 1 shall also apply to the entity to which the public entity has entrusted or commissioned the performance of a public task, if due to the © Kancelaria Sejmu s. 3/28 2015-05-12 implementation of this task there is an obligation to provide information to or from non-administrative entities governmental.

Source: Journal of Laws 2005 No.64 item. 565 ACT of February 17, 2005 on computerization of activities of entities performing public tasks.

We will now focus on the provision concerning the minimum requirements for ICT systems. It includes 13 checkpoints:

  1. Provision of updating internal regulations with regard to the changing environment;
  2. Keeping the inventory of hardware and software used for information processing up-to-date, including their type and configuration;
  3. Conducting periodic analyzes of the risk of losing the integrity, availability or confidentiality of information and taking actions to minimize this risk, according to the results of the analysis;
  4. Taking actions to ensure that people involved in the information processing process have appropriate rights and participate in this process to an extent adequate to their tasks and obligations aimed at ensuring information security;
  5. Immediate change of powers in the event of a change in the tasks of the persons referred to in point 4;
  6. Providing training for people involved in the information processing process, with particular emphasis on such issues as:
    a) information security threats,
    b) consequences of breach of information security rules, including legal liability,
    c) application of measures ensuring information security, including devices and software minimizing the risk of human error;
  7. Ensuring protection of processed information against theft, unauthorized access, damage or
    disturbances, by:
    a) monitoring access to information,
    b) activities aimed at detecting unauthorized activities related to information processing,
    c) providing measures to prevent unauthorized access at the level of operating systems, network services and applications;
  8. Establishing basic rules to guarantee safe work in mobile computing and working remotely;
  9. Securing information in a way that prevents its disclosure, modification, deletion or by an unauthorized person
    destruction;
  10. Including in service contracts signed with third parties provisions that guarantee the appropriate level
    information security;
  11. Establishing information handling rules ensuring minimization of the risk of information theft
    and information processing means, including mobile devices;
  12. Ensuring an appropriate level of security in ICT systems, consisting in particular in:
    a) care for software updates,
    b) minimizing the risk of information loss as a result of a failure,
    c) protection against errors, loss, unauthorized modification,
    d) using cryptographic mechanisms in a manner adequate to the threats or requirements of a legal provision,
    e) ensuring the security of system files,
    f) reduction of risks resulting from the use of published technical vulnerabilities of ICT systems,
    g) immediately taking actions after noticing undisclosed vulnerabilities of ICT systems to
    the possibility of a security breach,
    h) control of compliance of ICT systems with the relevant ones
    security standards and policies;
  13. Immediate reporting of information security breach incidents in a predetermined and predetermined manner, enabling quick corrective action.

Meeting the above requirements does not guarantee full safety. Remember that security is not a state, it is a process. The level of threats is constantly growing and we are not able to fully take care of every detail of our infrastructure or the carelessness of our employees. The solution is periodic security audits, preferably external, carried out by high-class specialists who are certified by industry organizations in the field of security.

Our company is a member of ISSA Polska - Association for the Security of Information Systems. Our specialists have conducted several dozen security audits also in local government units. We have a certificate Certified Ethical Hacker (CEH) awarded by the International Council of Electronic Commerce Consultants (EC-Council).

Implementation of wireless networks

04/13/2022 |

WLAN networks are an indispensable element of the IT infrastructure in enterprises for which mobility and high availability of services are the basis for achieving business goals. Many years of experience in designing and implementing wireless networks has allowed us to develop a comprehensive offer for the delivery of secure solutions based on proven standards and practices used in wifi networks. The practice is also supported by knowledge and certificates - specializations Cisco Premier Partner - Cisco Wireless LANHP Preferred Partner - HP Networking Professional and for auditing purposes EC-Council Certified Ethical Hacker. We guarantee reliability and high-quality services.

1. Implementation methodology.

We make sure that our solutions provide maximum satisfaction to our clients. Therefore, the methodology of our implementations includes the following services:

  • site survey - WLAN network measurements, allowing to determine the location and number of access points that will guarantee the required speed when accessing the WLAN. Performing measurements guarantees full WiFi coverage while maintaining the highest transmission speeds for a given technology, ensures signal continuity and optimization of the number of access points.
  • design and optimization of the concept - when implementing wireless networks, we use technologies that increase efficiency, stability and guarantee full monitoring of the network's operation. Networks based on redundant controllers, a management server, tools for advanced analysis of mobile services and reporting are the most common design scenarios in enterprise environments.
  • ensuring the safety of - WLANs can be vulnerable to attacks and unethical user behavior. To secure your network, complex passwords and WPA2 encryption are no longer sufficient. The security we use is the authentication of the user in the network using domain passwords, dedicated RADIUS servers or one-time password servers. Additionally, the authentication process can be strengthened by means of digital certificates issued individually for each device. A necessary element of a safe WLAN network is a correctly made contact with the corporate network. Traffic should be passed through the fire gate and filtered down to TCP ports only for those services that are to be accessed by mobile users. An additional security of the wireless network is WLAN IPS, which, while listening to the environment in the free time from data transmission, is able to detect and neutralize attacks on the wireless network.

2. Security audits.

The final stage of implementation is the performance of a security audit, which allows you to verify the network security methods used and their susceptibility to threats. We subject existing networks to ethical attacks and penetration tests - in this way we check the operation of security systems and attack detection. In the event of any irregularities - we develop a security policy implementation plan, taking into account the current state of knowledge on the security measures applied.

3. References.

We have carried out many implementations of wireless networks in production, warehouse and office environments. The projects covered networks prepared for operation from several to several hundred access points. The applied solutions allow for full reporting of the wireless network status, security level and are able to provide users with a full range of mobile services. At the request of our clients, we are ready to present examples of implementations with appropriate references.

Backup and monitoring of virtual environments based on Veeam Software solutions

04/13/2022 |

About Veeam Software
Veeam Software, Elite partner in the VMware Technology Alliance program, Microsoft partner and participant in the VMware Ready Management program, provides innovative software for VMware vSphere and VMware Infrastructure environments. For more information about Veeam Software, please visit www.veeam.com/pl.

Veeam Backup & Replication v7, v8 (New)

Number 1 for backing up virtual machines

Veeam® Backup & Replication ™ makes it possible efficient, easy-to-use and affordable recovery virtualized applications and data. This comprehensive solution combines the functions of data backup and replication, increases the usefulness of backups and offers an innovative method of data protection in VMware vSphere and Microsoft Hyper-V environments. With a single license, you can use the integrated console to operate the entire virtual infrastructure, using industry-leading features such as instant file recovery and improved virtual machine recovery, scalability, combined ("2-in-1") backup and replication mechanisms , built-in duplication, centralized management, and more. There are no fees for individual applications and VMs, or agents for licensing, deployment, and maintenance.

Veeam ONE

Efficient, easy-to-use and affordable monitoring and reporting

Veeam ONE ™ is a comprehensive solution that offers efficient and easy-to-use monitoring and reporting functions for VMware and Hyper-V environments. Veeam ONE provides full visibility into the entire virtual infrastructure, more efficient operation and better availability of the virtual environment, as well as more optimal configuration and use of virtual resources.

Veeam ONE combines the capabilities of Veeam Monitor ™, Reporter ™ and Business View ™ to provide the features that virtualization administrators need most:

  • Real-time monitoring: Detailed, maintenance-free, 24/7 monitoring of your entire virtual infrastructure provides quick access to information on performance and availability problems, and an extensive knowledge base helps you quickly identify and fix the causes.
  • Change Tracking: Log details of changes to your virtual infrastructure (who, what, where, when and how) to help you refine your change routines and analyze unexpected downtime due to certain changes.
  • Documentation and Reporting: Automated and on-demand documentation and reporting of virtual infrastructure provide stakeholders with accurate and timely information.
  • Capacity planning: Advanced analytical tools enable precise planning of computing capacity. Veeam ONE studies trends, identifies resource surpluses, and provides flexible what-if models. This creates reliable forecast forecasts and resource allocation recommendations to help you make informed decisions about your virtual infrastructure development.

Now an increasingly complex and business-critical VMware environment can be managed with Veeam, a recognized leader in virtualization management and data protection.

Veeam Management Pack ™ for VMware (SCOM)

Monitor VMware environments with Microsoft System Center Secure your investments with Microsoft System Center (SCOM) and manage your physical and virtual environments from a single console with Veeam MP. Nworks Management provides detailed, scalable, agentless monitoring and management of your VMware infrastructure directly from Microsoft System Center, eliminating the need for a separate monitoring platform.

Find out more about VMware management and monitoring with Microsoft SCOM / MOM tools

Veeam Smart Plug-in ™ (SPI) for VMware

Leverage your existing investments in HP Operations Manager and provide operational staff with the ability to monitor your VMware environment 24/7 without the need for specialized training or virtualization experience. Veeam SPI enables distributed, agentless monitoring and management of VMware infrastructure in full cooperation with HP Operations Manager. VMware performance, event, configuration, status, and topology data is fed directly to HP Operations Manager, providing a collective view of the physical and virtual infrastructure from a single console.

Find out more about monitor and manage your VMware environment with HP Operations Manager.