The new Firebox® X Edge e-Series security appliances deliver powerful network protection for small businesses and remote/branch offices. Available in both wired and wireless models, the Edge can be used as a stand-alone integrated security appliance or as a VPN endpoint solution. The Firebox X Edge offers stateful firewall, VPN, and URL filtering, plus advanced networking and traffic management capabilities to maximize network configurability. An intuitive, Web-based user interface makes it easy to deploy and manage.
For remote offices/small businesses with up to 30 users. A smart choice for branch office VPN endpoint connectivity to a central office running a Firebox X Core or Peak, allowing centralized management of Edge functionality with WatchGuard System Manager.
Features
* Dynamic stateful packet firewall and VPN capabilities
* Easy setup and configuration with application-specific security policies
* Spoof detection, site blocking, and port blocking
* Advanced networking features including WAN failover, QoS, Traffic Management
* Work/home network separation for telecommuters
* Support for Dynamic Network Address Translation (NAT), 1:1 NAT, and Port Address Translation (PAT)
* Managed desktop antivirus protection
* Six network ports to connect a variety of devices on your network
Orange County Computer Consultant
- Orange County Computer Security Consultant
- Orange County Computer Consultant helps small businesses with networking, installations and small business software.
Wednesday, September 03, 2008
Cisco PIX 535 Firewall
The Cisco PIX 535 Security Appliance delivers enterprise-class security for enterprise and service provider networks in a high performance, purpose-built appliance. Its highly modular three-rack unit design supports up to ten 10/100 Fast Ethernet interfaces or nine Gigabit Ethernet interfaces as well as redundant power supplies, making it an ideal choice for businesses requiring the highest levels of performance, port density, reliability, and investment protection. Part of the world-leading Cisco PIX Security Appliance Series, the Cisco PIX 535 Security Appliance provides a wide range of rich integrated security services, hardware VPN acceleration capabilities, and powerful remote management capabilities in a highly scalable, high-performance solution.
SonicWALL PRO 4060 VPN/Firewall
The SonicWALL PRO 4060, part of SonicWALL's PRO Series, provides complete business continuity for even the most complex networks. Powered by SonicWALL's next-generation SonicOS operating system and powerful deep packet inspection architecture, the PRO 4060 delivers enterprise-class firewall throughput and VPN concentration. Unbeatable price/performance characteristics make the PRO 4060 the ideal solution for companies that need rock solid network protection coupled with fast, secure VPN access for remote employees.
Check Point Safe@Office 500 UTM Appliance
Designed for the small business, Check Point Safe@Office 500 Unified Threat Management appliances deliver proven Internet security. A single Safe@Office appliance can protect a network of up to 100 users (recommended) from a wide array of Internet threats, providing a solid line of defense against threats ranging from hacking attempts and denial of service attacks to phishing and viruses.
Watchguard Firebox X Edge X55e
The new Firebox® X Edge e-Series security appliances deliver powerful network protection for small businesses and remote/branch offices. Available in both wired and wireless models, the Edge can be used as a stand-alone integrated security appliance or as a VPN endpoint solution. The Firebox X Edge offers stateful firewall, VPN, and URL filtering, plus advanced networking and traffic management capabilities to maximize network configurability. An intuitive, Web-based user interface makes it easy to deploy and manage.
For small businesses requiring an affordable, integrated security appliance with unmatched ease of use. Includes best-in-class firewall and VPN capabilities, optional URL filtering, and advanced network traffic management features, such as WAN failover and configurable QoS, to ensure that your business is always secure and connected.
For small businesses requiring an affordable, integrated security appliance with unmatched ease of use. Includes best-in-class firewall and VPN capabilities, optional URL filtering, and advanced network traffic management features, such as WAN failover and configurable QoS, to ensure that your business is always secure and connected.
PROCURVE SWITCH 2524 24PORT MANAGED 10/100
The HP Procurve 2524 switch can perform at 9.6 Gbps. It supports layer two switching and offer VLAN capabilities.
The switch can be locked down on a per port basis and offers TACAS as well. There is also a web interface so that you can manage the switch remotely.
Technical Details
General Information
Manufacturer: Hewlett-Packard
Manufacturer Part Number: J4813A#ABA
Product Name: ProCurve 2524 Ethernet Switch
Brand Name: HP
Manufacturer Website Address: www.hp.com
Product Line: ProCurve
Product Type: Ethernet Switch
Interfaces/Ports
Number of Ports: 24
Interfaces/Ports: 24 x RJ-45 10/100Base-TX LAN
1 x DB-9 Console Management
Fast Ethernet Port: Yes
Media & Performance
Connectivity Media: Twisted Pair 10/100Base-TX
Performance: 9.6Gbps Switching Fabric
6.6Mpps Throughput for 64-byte Packet
I/O Expansions
Number of Expansion Slots: 2
Expansion Slots: (2 Total) Expansion Slot
Network & Communication
Flow Control: IEEE 802.3x (Full-duplex)
Address Table: 4K MAC Addresses
The switch can be locked down on a per port basis and offers TACAS as well. There is also a web interface so that you can manage the switch remotely.
Technical Details
General Information
Manufacturer: Hewlett-Packard
Manufacturer Part Number: J4813A#ABA
Product Name: ProCurve 2524 Ethernet Switch
Brand Name: HP
Manufacturer Website Address: www.hp.com
Product Line: ProCurve
Product Type: Ethernet Switch
Interfaces/Ports
Number of Ports: 24
Interfaces/Ports: 24 x RJ-45 10/100Base-TX LAN
1 x DB-9 Console Management
Fast Ethernet Port: Yes
Media & Performance
Connectivity Media: Twisted Pair 10/100Base-TX
Performance: 9.6Gbps Switching Fabric
6.6Mpps Throughput for 64-byte Packet
I/O Expansions
Number of Expansion Slots: 2
Expansion Slots: (2 Total) Expansion Slot
Network & Communication
Flow Control: IEEE 802.3x (Full-duplex)
Address Table: 4K MAC Addresses
Cisco ASA 5505
The Cisco ASA series provides best of class security protection for networks. Security features include firewall, VPN with IPsec, intrusion prevention. The Cisco ASA series has replaced the PIX line of products. There are five different modules that can be integrated.
Friday, June 13, 2008
Information Security Consultation Costs Call 714-786-5878
Phuture Networks provides information security services starting at $30 an hour. We will provide a security assessment of your home network or business network. Phuture Networks will provide you with a full report of security vulnerabilities. Remediation of these threats can be provided at additional costs.
Phuture Networks can test your network remotely. If needed a security consultant can come on-site for a physical analysis. Travel costs will be incurred. Phuture Networks serves the Orange County, CA area.
Phuture Network Services offered Call 714-786-5878
Phuture Networks offers the following services in the Orange County Area:
- Information Security
- Process Security
- Internet Technology Security
- Communications Security
- Wireless Security
- Systems integration and configuration
- Procurement Services.
Please email today for a free consultation.
Tuesday, June 10, 2008
Linkedin Profile
I decided to post my Linkedin profile. Please feel free to view it. Potential clients can email me at benjamin.hargis@gmail.com.
Asus EEE and Backtrack 3 Beta
Thursday, May 08, 2008
Need a Router Password?
If you ever need to look up your default router password check out this website. It allows you to search by manufacture as well.
Redhat Linux Videos Online
I learn allot from watching videos online regarding Linux, computer science and security from websites like You Tube and Google Tech Videos. These are great tools to use and learn for free.
Relaunch of Phuture Networks website
I temporarily brought down Phuture Networks for upgrades. Phuture Networks new website will have a more user friendly feel to it. Client's will receive their own login username and passwords so you can check on project status, billable hours and post any questions, comments or suggestions regarding Phuture Networks or your security project.
Tuesday, October 02, 2007
Phuture Networks
This is shameless self promotion. I'm really trying to get my consulting business going. It is allot of work. I work 8 hours daily doing solutions selling in IT. I tell clients to think of me as a consultant for free.
I want to be on my own in three years. With my own clients. I want to provide security consulting on a contractual basis. I will handle all aspects of security. This includes updating servers. Patching software. Keeping virus signatures up to date. Managing firewall rule sets.
I spend my nights and evening eating breathing and sleeping IT security. Anyone need a security consultant?
I want to be on my own in three years. With my own clients. I want to provide security consulting on a contractual basis. I will handle all aspects of security. This includes updating servers. Patching software. Keeping virus signatures up to date. Managing firewall rule sets.
I spend my nights and evening eating breathing and sleeping IT security. Anyone need a security consultant?
Monday, September 24, 2007
CA Arcserve
There are reports from Secunia that CA Arc Server has multiple vulnerabilities. The exploits can used to bypass security restrictions.
Secunia has a very good list of up to date alerts.
Secunia has a very good list of up to date alerts.
Thursday, September 20, 2007
Hacker Methods
So how do hackers and crackers go about attacking networks and hosts? The best ones do research first. They want to know about your company, workers names, hobbies. The more information the better.
The first step would be to scan your target to determine which ports are open on your network. This can be done with many tools on the Internet. I will not list the tools as this is not a hacker tutorial but more of a heads up. Once they find what ports are open they can determine what services are running. A simple scan on Google or other websites can tell you which vulnerabilities are known for this application or service.
The next step would be to search for exploit code for that open port/service. At this point the attacker could craft a packet with a payload with the exploit code. The exploit code can tell the remote host to send back a shell or any other numerous things. Most attackers want access to the system to look for things. Others are malicious.
Attackers will often install a sniffer to grab more passwords on the network. Then cover their tracks and come back at a later time to grab the information or use your host as a jump off point for more attacks. Some hackers use mulitple systems to do Denial of service attacks. DDos is used with multiple systems.
The lesson here is patch and patch often, install IDS systems and have a firewall that will drop any suspicious traffic. Monitor your logs and encrypt your data!
The first step would be to scan your target to determine which ports are open on your network. This can be done with many tools on the Internet. I will not list the tools as this is not a hacker tutorial but more of a heads up. Once they find what ports are open they can determine what services are running. A simple scan on Google or other websites can tell you which vulnerabilities are known for this application or service.
The next step would be to search for exploit code for that open port/service. At this point the attacker could craft a packet with a payload with the exploit code. The exploit code can tell the remote host to send back a shell or any other numerous things. Most attackers want access to the system to look for things. Others are malicious.
Attackers will often install a sniffer to grab more passwords on the network. Then cover their tracks and come back at a later time to grab the information or use your host as a jump off point for more attacks. Some hackers use mulitple systems to do Denial of service attacks. DDos is used with multiple systems.
The lesson here is patch and patch often, install IDS systems and have a firewall that will drop any suspicious traffic. Monitor your logs and encrypt your data!
Layered Technologies Hacked
It appears that hackers have managed to get into Layered Technologies databases. There are reports that over 6,000 user id's and passwords were compromised. This just shows why encryption should be used more vigilantly.
It looks like the hacker got in over HTTP. He then accessed the database and copied the information. Passwords for SSH, MySQL, Cpanel and other applications were taken. I would suggest to anyone using this company to switch their passwords or think about another hosting company.
It looks like the hacker got in over HTTP. He then accessed the database and copied the information. Passwords for SSH, MySQL, Cpanel and other applications were taken. I would suggest to anyone using this company to switch their passwords or think about another hosting company.
Intrusion Detection Systems
In my previous post I talked about a IDS. IDS is a system that is used to monitor your network or hosts for behaviour that is out of the norm. They look for known attacks and alert you. You can usually have a back end database to store this information.
IDS systems can protect against zero day exploits, directory traversal, SQL injection attacks, buffer overflows, worms and othe Mal ware.
A good IDS should be able to do the following:
SNORT is a great and free IDS. It can do network analysis and logging.
There are plenty of books availiable to learn and configure SNORT.
Cisco also has a IDS, they call it IPS or Intrusion Prevention System.
IDS systems can protect against zero day exploits, directory traversal, SQL injection attacks, buffer overflows, worms and othe Mal ware.
A good IDS should be able to do the following:
- Deep Packet Inspection
- Behaviour analysis
- Logging
SNORT is a great and free IDS. It can do network analysis and logging.
There are plenty of books availiable to learn and configure SNORT.
Cisco also has a IDS, they call it IPS or Intrusion Prevention System.
McAffee Intrushield
McAffee Intrushield is a IPS. Intrusion protection system. The Intrushield can scan data at up to 10Gbps. Their are different models. I was told by a security enginerr by McAffee security engineer that it is effective because it uses FPGA's and ASIC's to transfer data. I noticied a bullet point that stated that the device could even scan for encrypted threats. I asked how can the IPS device determine if it is legit traffic or Malware? He stated that the device decrypts the packets and then scans the contents.
This device also supports QOS. Which will allow you to prioritize data. For instance VoiP would need more bandwith than P2p. They also have a technology called Vitual IPS to protect VLAN's.
The Intrushield is compatabile with McAffe Orchestra and and Mcaffee NAC.
This device also supports QOS. Which will allow you to prioritize data. For instance VoiP would need more bandwith than P2p. They also have a technology called Vitual IPS to protect VLAN's.
The Intrushield is compatabile with McAffe Orchestra and and Mcaffee NAC.