Welcome to the Sentinel Blog!
We are proud to feature a carefully curated collection of articles and other content related to the most important technology topics of today and beyond. Our posts are composed and edited by Sentinel’s ALWAYS ENGAGED team of solutions architects, engineers, project managers and other subject matter experts.
The Anatomy of a Comprehensive Disaster Recovery Plan
by Dr. Mike Strnad, Sentinel Strategic Business Advisor
Cyber-attacks are becoming more frequent, more sophisticated, and can have devastating consequences on businesses. Determined hackers have proven that with enough commitment, planning, and persistence they will inevitably find a way to access your sensitive corporate data. It is not enough for organizations to merely defend themselves against cybersecurity threats. They need to take proactive measures by developing cyber incident response plans or updating existing disaster recovery plans in order to quickly mitigate the effects of a cyber-attack and/or prevent and remediate a data breach. Small businesses tend to be the most vulnerable, as they are often unable to dedicate the necessary resources to protect themselves. Some studies have found that nearly 60% of small businesses close within six months following a cyber-attack. Today, risk management requires that you plan ahead to prepare, protect, and recover from a cyber-attack.
Disaster Recovery Institute International (DRII) and Business Continuity International (BCI), along with ISO 22701 provide guidance and structure when creating Business Continuity Plans. There are three types of recovery plans built into the structure of traditional Business Continuity: Infrastructure Recovery, Application Recovery, and Disaster Recovery. All three have a specific purpose and form a strategic approach as an organization transitions from the Continuity Phase to the Recovery Phase. These plans should be incorporated with a solid infrastructure defense by using such appliances as IDS/IPS, a well-defined Security Operations Center (SOC), and a highly knowledgeable security monitoring staff.
No organization is immune. The world is unpredictable, and disaster could strike at any time. You buy insurance to protect your business financially against losses, but insurance cannot replace valuable data and the key applications that make your business work. To protect these items you must plan ahead, creating a plan to restore your data when it is lost. Here are five dangerous situations that could significantly impact your business:
1. Natural Disasters - Mother Nature can be cruel. Storms, fires, and floods can all do irreparable damage to your business. Without a disaster recovery plan in place, you may find it extremely difficult to resume operations, putting the future of your company in jeopardy. Many studies have shown that over eighty percent of companies that close for more than 5 days never reopen, so getting back on your feet is critical in the event of a natural disaster.
2. Hardware Failures - Whether from a power surge or other cause, if your hardware fails it can take all your data with it. While you can take steps to protect your hardware with cooling systems, power surge protectors and other technology, it is essential to regularly back up your data. Using a cloud-based or off-site storage can add additional protections, as it is unlikely both locations will fail at the same time. Your disaster recovery plan should include these steps to ward off any potential data loss that could occur.
3. Human Errors - No one is perfect, and that includes you and your employees. Forgetting to save changes, accidentally deleting an important document, or flipping the wrong switch could lead to a significant loss for your company. Training programs can help reduce errors, but the only way to keep your business truly safe from a data loss due to human error is to back up your data on a regular basis.
4. Cybercrimes - Unfortunately, cybercrimes are on the rise and most businesses are affected at some point. A virus or ransomware attack could hold your data hostage, grinding your business to a halt and causing massive profit losses. Your disaster recovery plan should include steps to recover from a hacking attempt, keeping your data safe and accessible.
5. Customer Service - Ultimately, you need a disaster recovery plan to provide your customers the service they have come to expect from you. If your business must shut down or has a prolonged service interruption, you could lose valuable customers to a competitor. The faster you can get back on your feet, the happier your clients will be.
Let’s look at how the three primary Business Continuity Plans fit together. Disaster Recovery Plans have a specific focus that provides multiple types of guidance (as shown in the diagram), and can be expanded based on your organization’s strategies. A strong disaster recovery strategy should start at the business level and determine which applications are most important to running the organization. The Recovery Time Objective (RTO) describes the target amount of time a business application can be down, typically measured in hours, minutes, or seconds. The Recovery Point Objective (RPO) describes the previous point in time when an application must be recovered. Recovery strategies detail an organization's steps for responding to an incident, while disaster recovery plans describe how the organization should respond. In determining a recovery strategy, organizations should consider a number of different things, including budget, resources, people and physical facilities, as well as management's position on risks, technology, data, and suppliers. Management approval of recovery strategies is essential. All strategies should align with the goals of the organization. Once disaster recovery strategies have been developed and approved, they can be translated into disaster recovery plans.
Infrastructure Recovery Plans focus on many types of infrastructure. Plans can be specific to the following areas:
1. Data centers - After the aggressive virtualization of servers and networks in data centers over the past few years, many networks now need to be redesigned to meet today’s business demands.
2. Cloud Strategy - Whether using a public cloud, private cloud or a hybrid mix, every organization needs a workable cloud strategy that can transform service delivery.
3. Mobile-first strategy - More and more businesses have adopted “mobile-first” strategies.
4. Telecommunications – Communications across locations, platforms, and devices have become more essential than ever for a majority of organizations.
5. Wireless - Faster network speeds, more WiFi availability, and increased reliability have created new challenges and opportunities for businesses to evolve.
6. Internal and External Networks – As networks have become increasingly complex, it has become more important than ever to understand the topology and dependencies required for a quick recovery.
Infrastructure Recovery Plans focus on specific areas (shown in the diagram) but are expanded by an organization’s unique strategies. Technology upgrades are essential to enable certain online services, which require an upgraded electronic transport infrastructure that is both safe and fast. In order to take full advantage of the explosive growth in data as well as new service opportunities, there is a desperate need for infrastructure modifications. The trouble is, achieving progress isn’t as simple as just buying new technology. New and innovative software, hardware, networks, tools, databases, monitoring equipment and more are available for purchase, but legacy systems often slow down progress dramatically. Industry experts have long recognized that the right mix of people, process, and technology is needed to integrate new solutions with solid infrastructure plans for recovery.
Application Recovery Plans have become as common as any other Business Continuity Plan. It documents the strategies, personnel, procedures and resources necessary to recover an application following any type of short- or long-term disruption. Maximize the value of contingency planning by establishing recovery plans that consist of the following phases:
1. Notification/Activation: Activate the plan and notify vendors, customers, employees, etc. of the recovery activities.
2. Recovery Phase: Recover and resume temporary IT operations on alternate hardware (equipment) and possibly at an alternate location.
3. Restoration Phase: Restore IT system processing capabilities to normal operations at either the primary location or the new location.
Start by preparing plans for any applications that are mission critical. Define the activities, procedures, and essential resources required during prolonged periods of disruption to help restore normal operations. Allocate responsibilities to designated personnel and provide guidance for recovery. Coordinate with other staff and important external contacts such as vendors and suppliers who will participate in the recovery process. Remember that applications evolve over time with updates and new revisions.
In conclusion, good Business Continuity and Disaster Recovery Plans will keep your company up and running through interruptions of any kind: power failures, IT system crashes, natural disasters, supply chain problems and beyond.
Here are absolute basics your plan should cover:
1. Develop and practice a contingency plan that includes a succession plan for your CEO.
2. Train backup employees to perform emergency tasks. The employees you count on to lead in an emergency will not always be available.
3. Determine offsite crisis meeting places and crisis communication plans for top executives. Practice crisis communication with employees, customers, and the outside world.
4. Invest in an alternate means of communication in case the phone networks go down.
5. Make sure that all employees, as well as executives, are involved in the exercises so that they get practice in responding to an emergency.
6. Make business continuity exercises realistic enough to tap into employees' emotions so that you can see how they will react when the situation gets stressful.
7. Form partnerships with local emergency response groups—firefighters, police and EMTs—to establish a good working relationship. Let them become familiar with your company and site.
8. Evaluate your company's performance during each test, and work toward constant improvement. Continuity exercises should reveal weaknesses.
9. Test your continuity plan regularly to reveal and accommodate changes. Technology, personnel, and facilities are in a constant state of flux at any company.
Sentinel has all of the solutions, advisory services, and training required to help ensure your organization is fully prepared in the event of a disaster or any other sort of emergency that can significantly impact your business. Please contact us if you are interested in learning more about our Business Continuity and Disaster Recovery planning services.
Frequently Asked Questions: Webex Calling
by Ron Boscaccy, Sentinel VP of Solution Engineering and Product Demonstration
Webex Calling takes the complex infrastructure and management required to maintain a traditional phone system and simplifies it through the cloud. Users can access the system across all types of devices and locations, making it easier to communicate and collaborate with co-workers, partners, and customers. To help give you a better idea of what Webex Calling is all about, Ron Boscaccy, Sentinel’s VP of Solution Engineering and Product Demonstration, provided answers to a few commonly asked questions.
What is Webex Calling?
Webex Calling is a Unified Communications as a Service (UCaaS) solution from Cisco. It’s a cloud-based service that functions as your phone system, so you don’t need any on premise hardware other than the phones themselves. Everything else sits up in the cloud. This is the latest evolution in voice technology.
What are some features of Webex Calling?
The nice thing about Webex Calling is that it’s tied into the whole Webex platform. It’s a very feature-rich system that’s similar to a traditional Private Branch Exchange (PBX) most businesses have today, but it also incorporates Webex Meetings so you can create shared meetings and bridges, as well as Cisco Teams, which gives you a portal for collaboration and sharing documents or other important information. There are mobile capabilities built into the system too, so you don’t have to worry about location. I can use a laptop, a standard landline phone, or even my cell phone to access the system and it’s all tied back to my corporate network.
Does Webex Calling work with different types of non-Cisco environments and solutions?
Yes, absolutely. The nice thing about Webex Calling is that not only is it compatible with Teams and other Cisco products, it also will work with a platform like Office 365. So even if you have a Microsoft platform and their suites, we can still connect and drive your calling while maintaining the communication and management of your applications.
What types of organizations could benefit most from Webex Calling?
There are two primary benefits to Webex Calling. The first is that companies with branch offices or multiple locations can consolidate and bring their phone systems together if they haven’t done so already. The second is that it enables companies to move from a CapEx to an OpEx pricing model. This can be done all at once, or shifted slowly to include any current hardware. A hybrid solution would allow you to move the branch offices at first before eventually expanding to include the corporate headquarters as well. This helps you save money over time while also unifying under a single system.
Are there any other noteworthy benefits to Webex Calling?
One of the biggest pluses about Webex Calling is that it utilizes Broadsoft technology. Broadsoft played a major role in the Public Switched Telephone Network (PSTN) and a number of other high profile phone projects for some very large carriers. They have been around for a long time and know how to create a powerful UCaaS solution. Most people have used Broadsoft technology without even knowing it. Now that Cisco bought them, they’re creating this tie-in with Webex and Webex Teams to bring it all into one platform. So it’s consolidating different applications and giving you a single pane of glass to manage it all.
If you are interested in learning more, Sentinel will be hosting a special Webex Calling event next Wednesday, May 29th at our headquarters in Downers Grove. There is a morning session and an afternoon session, so please register for one of them today if you are able to attend! If you are unable to attend the Webex Calling event but would still like some additional information about the solution, please contact us.
Five Major Announcements from Dell Technologies World 2019
The annual Dell Technologies World conference took place in Las Vegas last week, and a few employees and managers from Sentinel were among the 14,000 attendees at the four-day event. It was one of Dell Technologies’ biggest and most action-packed conferences to date, as the company laid out their roadmap for the future that included new products/services, greater integration with VMware, and a fresh strategy for growth. While there were many important announcements made during the event, here are five that we feel are particularly noteworthy.
VMware Cloud Integrates with Dell EMC
Dell Technologies introduced a powerful new consumption-based on premise Cloud Data Center-as-a-Service that integrates multiple VMware Cloud solutions into a Dell EMC infrastructure. This includes VMware Cloud Foundation, the VMware Cloud Stack, and the hyperconverged solution VxRail. When utilized properly, it will significantly improve public cloud power and agility for organizations while making it easier to manage on premise workloads. It’s also compatible across multi-cloud environments, creating a seamless infrastructure where minor day-to-day tasks are handled by VMware and Dell EMC so IT departments can focus more on innovation and growth. The Cloud Data Center-as-a-Service is expected to be available as a subscription-based service in the second half of this year.
New, More Powerful Switches
As enterprise organizations continue to generate and consume massive amounts of data, it’s more essential than ever to have switches able to handle the traffic coming from the cloud, on premise, and endpoints. With that in mind, Dell EMC announced a new line of open networking portfolio switches called PowerSwitch. The first model set for release is the PowerSwitch S5200-ON, which is 2.5x more powerful than previous Dell EMC switches and was designed with hyperconverged infrastructure (HCI) environments in mind. Its low density connectivity helps with automation and transitional changes across all different types of deployments or upgrades.
Dell EMC have bundled their hardware with VMware’s SD-WAN by Velocloud to create a powerful new software-defined networking solution that’s available in one-year or multi-year subscription. SD-WAN Edge is a network optimized server designed to run virtualized network functions. The goal is to provide a more cost-effective and flexible solution to make it easier for organizations to solve their problems at the edge. SD-WAN Edge is expected to be available this July.
The Dell EMC storage platform Unity gets a next-generation upgrade with the Unity XT. This new version was designed with NVMe drives in mind, and is both twice as fast as the original Unity and 67 percent faster than any other storage solution currently on the market. It’s optimized for up to 5:1 data reduction and perfect for smoothly shifting data to public cloud or multi-cloud environments.
Dell EMC Cloud Storage Services
Extend your data center into the public cloud with the new Dell EMC Cloud Storage Services. This high-speed, low-latency connection uses managed services to establish a seamless combination with Dell EMC’s Unity, PowerMax, and Isilon ata center storage lines. The initial Cloud Storage offerings will include Disaster Recovery as a Service (DRaaS) as well as multi-cloud access to perform workload analytics and testing/development.
Sentinel is proud to be a Dell EMC Platinum Partner, and we’re looking forward to sharing these new solutions and innovations with you as they become available. If you would like any additional information about these Dell Technologies World 2019 announcements and how they can benefit your organization, please don’t hesitate to contact us.
A Guide to Modern Password Security
by Jason Olmstead, Sentinel SOC Senior Exploitation Analyst
As of the latest draft version of the Security Configuration Baseline document for Windows 10 and Windows Server (versions 1903), Microsoft has dropped their recommendation for a password expiration policy for both operating systems. Previously, Microsoft’s baseline recommendation for password expiration policy would force users to change their passwords every 60 days. Prior to the 60-day recommendation, Microsoft’s recommendation was a forced change every 90 days. The theory behind having users change their passwords more often, and on a regular basis was that passwords would always be “fresh” and would be harder to compromise. Additionally, compromised passwords would be usable for a shorter period of time. A moving target is much harder to hit than a fixed target, right?
To answer that question, let’s first think about the most common ways that user credentials are compromised. There are three very common attack vectors that an attacker would use to target user credentials - social attacks, technical attacks, and reconnaissance attacks.
Social attacks are very common and are primarily composed of several types of phishing attacks. There are a few specific subtypes of phishing attacks, but in general the primary goal of a phishing attack is for an attacker to convince a user to hand over access credentials. A common way to achieve this is to provide the user with a fake login screen, typically on a webpage or other form, which looks authentic so that the user provides their credentials. Credentials are then captured by the attacker, and sometimes those valid credentials are passed to an authentic login mechanism so the user isn’t ever suspicious. Tools that automate this type of attack are freely available and not difficult to use. In order for social attacks to be successful, the attacker has to convince the user to perform an action which will result in compromised credentials.
Having to convince users means having to interact with them, and that opens the door for exposure to an attack attempt. If a user is wary of phishing and other social attacks, they could might alert their IT or security department. Although social attacks are still very common, most cyber criminals are looking for the path of least resistance. Technical or reconnaissance attacks tend to be a safer option.
Technical attacks rely on a hacker’s ability to compromise and exploit systems or networks in order to gain access to user credentials. These attacks do not rely on any communication with users directly, and often go undetected by IT staff. A common way of exploiting a Windows network in order to obtain user credentials is to use a tool like Responder, which exploits a flaw in the way Microsoft Link Local Multicast Name Resolution (LLMNR) works.
When a client attempts to access a trusted network resource, an LLMNR broadcast request gets sent in an attempt to locate the resource. Since the request is IP broadcast traffic, all other clients on the network segment are able to see that request. A tool like Responder will automatically respond to the client’s request and assume the role of the intended resource. Responder will respond to the request and ask for login credentials, which the client’s Windows machine is more than happy to provide. Responder captures the client’s username, NTLM/v2 password hash, domain/workgroup info, and IP address, then stops communicating with the client. After a certain period the session times out, and the client makes the request again. Responder knows that it has already captured information for that client (based on IP address), so Responder ignores subsequent requests and allows the appropriate network resource to respond. At this point the attacker can take the password hash offline to crack or use it in a pass-the-hash attack against other resources.
The third type of password attack has traditionally not been very common, but is gaining steam very quickly. Reconnaissance attacks involve collecting, indexing, and making searchable large databases of known usernames and passwords from questionable parts of the Internet (typically “deep web” and “dark web” sites). These databases contain usernames and passwords from users that have been involved in high-profile password breaches over the past several years. These password databases contain tens of billions of usernames and passwords from various system breaches ranging from the mid-2000s up to and including weeks before today’s date. Although these databases typically don’t contain password dumps from end-user systems (for example, an organization’s Active Directory database), they are still very valuable to attackers.
It’s pretty standard for users to sign up for services like Dropbox, Adobe, LinkedIn, Twitter, OneDrive, and other online services using their corporate email address as a username. It’s no secret that a very common practice among users is to reuse passwords across many sites, as doing so makes passwords easy to remember. Users also typically choose passwords that are only long enough to meet password requirements for any given system, so most passwords tend to be between 8 and 12 characters long and contain dictionary words or names. An attacker can use this information to derive a fairly powerful list of potential passwords for a corporate user based on their password history as exposed in breach databases. This list can be used against Internet-facing corporate systems in an attempt to brute-force a user’s login information, or it can be used in conjunction with a technical attack as described above to more easily crack a user’s stolen password hash.
Qualifying Microsoft’s Password Recommendation
Now that we understand the three most common vectors to obtain a user’s credentials, does Microsoft’s latest recommendation make sense?
There are several reasons why reconnaissance attacks are becoming so popular with attackers, and they’re closely tied the weaknesses we’ve all known about passwords for years. Users tend to select short, weak passwords that are easy to remember. Users tend to reuse these short, weak passwords across many sites and services. When forced to change a password at a regular interval, users tend to simply modify their existing password, typically by incrementing a number within the password or something similar. If systems prevent users from using dictionary words in their passwords, users tend to replace letters of a dictionary word with numbers or special characters that look like those letters (4 for A, ! for i, 0 for O, etc.) Modern password cracking tools have automated rules that exploit all of these weaknesses via automated guessing to the tune of literally billions of guesses per second using a modern GPU.
Knowing user habits in regard to the creation of weak passwords, and knowing how users typically only increment passwords when forced to change them on a regular basis, Microsoft understands that forcing a user to change a weak password every 3 months isn’t nearly as important as forcing the user to create a “long and strong” password once and allow them to use it for a much longer period of time. If a user increments a number at the end of weak, 8 character password, the password is still weak and can still be cracked in a matter of hours or days. If an attacker knows this password and the user changes it, the attacker can simply make logical guesses to figure out the “new” variant with ease. If a user isn’t forced to change a strong 24-character password for a year or two that’s fine, because the length of that password alone would take 20+ years to crack with modern technology.
So to answer the original question, yes, Microsoft’s recommendation of eliminating password expiration policies does make sense, however, the shortcomings of the initial password requirements should also be remedied. Microsoft acknowledges that password expiration policies don’t make systems any more secure. From the latest Microsoft Security Baseline document:
“Periodic password expiration is a defense only against the probability that a password (or hash) will be stolen during its validity interval and will be used by an unauthorized entity. If a password is never stolen, there’s no need to expire it. And if you have evidence that a password has been stolen, you would presumably act immediately rather than wait for expiration to fix the problem. … And if it’s not a given that passwords will be stolen, you acquire those problems for no benefit. Further, if your users are the kind who are willing to answer surveys in the parking lot that exchange a candy bar for their passwords, no password expiration policy will help you.”
Microsoft goes on to explain that they are not proposing that organizations weaken requirements for minimum password length, history, or complexity, as all of those factors combined are much more important than forced password expiration.
Ways to Improve Your Password Security
Ideally, we would do away with passwords altogether and use a better form of authentication. This is the dream, but the reality today is that many systems will still only allow authentication via passwords. Since our reality includes a system whereby users are expected to create and manage secure passwords themselves, the following steps should be taken to make the most of a less than optimal situation.
+Use multi-factor authentication (MFA) wherever possible. This is especially important on Internet-facing services like VPN and Outlook Web Access / Office 365. Often, organizations neglect the importance of securing email with MFA. If an attacker can access a user’s inbox via Outlook Web Access, s/he can dump the Global Address Book and easily harvest usernames for everyone inside the organization. If that email account can be used as a second factor avenue for something like a VPN login, the VPN would then be compromised as well.
+Enforce banned password lists in Active Directory. Microsoft provides a service through Azure AD that can be implemented with on premise Active Directory. This service automatically checks user passwords against a large database of known weak and compromised passwords, and if whatever password the user attempts to use matches a password in that database, the system will not allow the password to be used.
+Perform regular password audits against the Active Directory SAM database. As an administrator, it’s rather trivial to export a dump of the password hashes within the Active Directory database. This dump can then be provided to a trusted partner such as Sentinel, where a skilled penetration tester can use common password databases, breach password databases, and heuristic brute force attacks against hashes within the database to expose weak passwords. This will measure the effectiveness of an organization’s password policy, as well as the effectiveness of its users to choose secure passwords.
+Ensure that all Microsoft best practices are followed in regard to how passwords are handled from a technical perspective. Disable the use of LLMNR on the network via Group Policy. Require Server Message Block (SMB) signing to mitigate against SMB man-in-the-middle attacks, which can be used to expose password hashes. Add a DNS entry in Active Directory to mitigate the ability for attackers to exploit Web Proxy Auto-Discovery Protocol (WPAD) to obtain cleartext credentials from users.
+Educate users on the dangers of social engineering attacks. Sentinel’s Advisory Services team offers training to teach users how to identify many types of attacks, including obfuscated links in email, dangerous attachment types, forged emails that appear to come from a trusted source, and many others. Education like this helps users stay safe at work as well as at home.
+Encourage users to create passwords that are “long and strong.” A long and strong password should contain more than just lowercase letters, but doesn’t have to look like alphabet soup to be effective. A password like “S&&4$2j0*jf!!3Nmf)3=@+2&5” might take a long time to crack, but it’s impossible to remember, frustrating to type, and will get written down. Something like “&WeWentToTheZooLastWeek&” is easy to remember, is 24 characters long, contains characters from 3 attack sets (upper, lower, special) and should take a prohibitively long time to crack. Using “pass phrases” like this instead of “passwords” is quickly becoming popular to create long and strong passwords. To encourage the use of pass phrases, high minimum password length policies can be implemented, but only after users are educated on how to create easy to remember long and strong passwords.
Personally, I think Microsoft’s recommendation is a sound one, as long as the above information is followed. It serves to start a conversation about how we think of and formulate passwords today, and helps us to understand that they are typically the weakest link to an organization’s security. Taking steps to mitigate weak password creation and use, discouraging password reuse, and implementing multi-factor authentication wherever possible are solid steps in enhancing the security stigma that surrounds passwords.
If you are interested in learning more about password security and ways that Sentinel can help your organization stay safe from all types of threats, please contact us for additional information.
Frequently Asked Questions: Cisco DNA
by Robert Keblusek, Sentinel Chief Technology Officer
Cisco Digital Network Architecture (DNA) has exploded in popularity recently as an advanced software-defined networking platform that contains a number of different features and innovations designed to enhance business growth, agility, and security. There are a multitude of benefits worth exploring if your organization is interested in building or enhancing a software-defined network, and Sentinel is proud to offer DNA in a variety of formats and bundles to help our customers find the right solution for their specific environment. To help give you a better idea of what Cisco DNA is all about, Sentinel CTO Robert Keblusek provided answers to a few commonly asked questions:
What is Cisco DNA?
Cisco DNA is software-defined networking designed to support digitization efforts. This includes mobility, cloud, and Storage as a Service (SaaS) consumption, along with Internet of Things (IoT) services.
Software-defined networking eliminates the need to update firmware, software, and configurations on tens or hundreds of devices over many months. Studies show that 43% of network administrators’ time is spent troubleshooting, while 95% of overall IT tasks are done manually. Updating networks with security patches alone is a daunting task for most organizations, and can even require a team effort that includes CCIEs or a managed service provider. DNA makes these updates simple and fast through automation. Organizations then benefit from a more secure network with strong policy and governance while shifting their most skilled IT resources to focus on more impactful business needs.
How does DNA help with cloud and SaaS consumption?
DNA extends into the wide area network where SD-WAN services allow for a smart edge. This edge has security natively embedded and has the ability to think and route packets appropriately. Gartner estimates over 20% of Office 365 deployments struggle due to networking issues or latency. Software-defined networking such as DNA can be a solution to these issues. With Office 365 and content collaboration at the center of digitization efforts for many organizations, this is a big deal.
In the past, maybe 80% of your traffic went from the end user to your data centers. With cloud and SaaS, that traffic now goes to the cloud. This changes things and you need an agile, software-driven network to continually adapt to these needs.
How does DNA help with security?
DNA was also designed with security embedded instead of it being an afterthought. Security features such as deep inspection of encrypted traffic, rapid threat containment, profiling, posturing, and identity access settings are all easily deployed and maintained across your entire network.
What is a good way to get started?
DNA Assurance provides in-depth visibility to the transactions on the network and can minimize troubleshooting. In addition, users can resolve issues faster because Assurance empowers the help desk. Highly skilled staff no longer need to speculate on what might have occurred because they have real analytics showing detailed information. Assurance works with most existing Cisco networks and is a great start for organizations to build toward the full DNA software-defined experience.
Sentinel has some great FastPath bundles for DNA Assurance to help your organization see the value very quickly and economically. Please contact us for further details or if you have any additional questions about Cisco DNA.
Technology at the Movies: The Hummingbird Project
At Sentinel, we love movies. We’ve even been known to host a movie premiere or two for our customers. While superhero films and other blockbusters understandably attract a lot of attention, we also get excited about smaller movies, especially when the plots focus on technology and innovation. It can be a real kick to see a fictionalized version of an IT department or hackers launch a “cyber attack,” even if it bears little resemblance to actual reality.
One of the more recently released technology-focused films is the financial drama/thriller The Hummingbird Project. It received a limited U.S. theatrical release in mid-March and can still be seen in certain markets depending on where you live. The plot centers on Vincent and Anton (Jesse Eisenberg and Alexander Skarsgard), who are cousins and work together at a high-frequency trading brokerage firm in New York. Vincent is the hustler and big idea man, while Anton is the brains focused on developing new ways to help the firm gain a little extra edge over the competition.
Both Vincent and Anton are frustrated with their jobs and feel under-appreciated, so they hatch a plan to forge their own path in the world of high-frequency trading: Create a 4-inch wide, 1,000-mile long fiber optic cable that will go in a straight line from a stock exchange in Kansas City to a data center in New Jersey. Any Wall Street brokerage firm with access to that cable would receive a one millisecond (or one flap of a hummingbird’s wing) advantage on all trades, and in turn net hundreds of millions of dollars in profits.
The primary challenges they face are twofold: First, they need to find a way to forge a completely straight fiber optic cable path between their destinations that includes securing permissions and digging through privately-owned land, government-owned land, and the Appalachian Mountains. Second, the quality of the cable and straightness of the path don’t automatically provide that single millisecond boost in speed, so they need to develop a new mathematical algorithm to help them reach that point. Thankfully they have a multi-billionaire backing their project, so funding to pay landowners and drill teams and for specialty equipment is one of the least of their worries.
That’s the basic setup of The Hummingbird Project, but as the film moves forward things become increasingly complicated as Vincent and Anton face off against their ruthless former boss (Salma Hayek), stubborn landowners and environmental concerns, plus moments that threaten their physical and mental health. Of course if it were easy, that would make for a pretty boring and uneventful movie. As it stands, there’s a whole lot of plot to take in over the film’s two-hour runtime, and the shift away from the actual cable pipeline project to dive deeper into the personal lives and sentimental reflections of the two main characters feels just a bit cliché and a minor misstep from writer-director Kim Nguyen.
From a technology standpoint, The Hummingbird Project fares better than most when it comes to providing a realistic portrayal of working with fiber optic cables and data centers. Fiber splicing, cable installation, and data centers are all displayed with relative accuracy, and the filmmakers brought in IT industry experts as consultants to ensure the actors and production team understood the concepts and equipment being used. It’s also worth noting that the film is set in 2012, and the technology used to power high-frequency trading has already evolved well beyond the use of fiber optic cables (the characters smartly note the cable they’re installing will be obsolete within a few years). Still, there are plenty of interesting and innovative uses for fiber and other high-speed technology solutions today that go well beyond the financial markets.
If you’re interested in learning more about cabling or other data center solutions and services to help your business, please contact Sentinel for more information. We also work closely with plenty of finance customers, and would be happy to discuss the latest IT innovations that are powering the financial industry.
The Hummingbird Project is currently in limited theatrical release. Check to see if it’s still screening in your area by going here.
Safer Schools: The Sentinel Difference
This morning, Sentinel held a safer schools seminar at our Downers Grove headquarters for some of our education customers. Our experts highlighted the latest security systems and notification technologies intended to quickly alert teachers, students, staff, executives, and local authorities about dangerous or emergency situations so they can respond according to previously established safety guidelines. The educators in attendance also participated in a roundtable discussion focused on response solutions and strategies, asking plenty of questions and sharing plenty of ideas. Here are some insights into Sentinel’s comprehensive and innovative approach when working with schools to improve their safety.
Sentinel begins every new school safety engagement by reviewing your current mass notification solution and determining how it aligns with your current goals and requirements. Our team then builds a new or advanced solution around those requirements, including the design and review of triggers and notification devices. Once approved, we will deploy the solution, train designated people so they know how to use it, and engage with your executives so they understand what’s in place.
Sentinel’s Advisory Services can also come in and help your school, university, or educational institution build stronger security plans based around the National Incident Management System (NIMS) approach. It is what all first responders use to manage every type of emergency situation. It’s important that executives and other staff within your school district are educated on NIMS, particularly if they are responsible for managing an incident, because it allows you to build a plan and know what the first responders are going to ask when there’s an incident.
You want to be prepared to handle anything. If something happens and you need to evacuate the school, what’s the plan for that? What happens if students are at a museum on a field trip and something happens there? Would the instructors know what to do with the kids at that point, and how to communicate with them and those back at the school? The Sentinel Advisory team works with you to help build a plan and prepare for almost any type of scenario. We encourage people outside of the IT staff, such as executives and school board members, to participate in this process and make sure these plans are comprehensive and meet your needs. We’ll also coordinate with any local police department and public safety groups to integrate them into your security systems and processes, because they have their own ways of doing things. The ultimate goal is to build a response plan that satisfies everyone.
Involvement has to be across the board. It can’t just be the IT guys going out just saying, “You need a speaker here, a panic button there, just add a strobe light in this hallway, and that’s it.” You need everybody involved so they all understand what you’re doing and what you’re providing. A lot of companies are selling school safety solutions, and you could buy them almost anywhere, but Sentinel goes in and works with the whole staff as we’re bringing in all the different components while also understanding what you already have in place today. Very few businesses are willing to do that. We don’t want to just sell you a box. We want to give you a complete solution and strategy that’s going to protect yourself, the staff, and all of the students eager to learn.
If you would like to find out more about the solutions and services Sentinel offers to help keep your school safe in the event of an emergency, please contact us.
Sentinel's Spring Event Calendar
At Sentinel, we’re all about providing our customers with innovative and industry-best technology solutions designed to enhance the way business is conducted and promote growth. Our “Always Leading” approach also means that we keep a close eye on trends and new developments throughout the IT industry and pass that knowledge along to our customers so they can make the most informed decisions when it comes to their technology investments.
One of the ways we like to keep our customers educated is by hosting events. Not only do events provide an opportunity to learn more about a specific topic or solution with some of our experts, but they also allow us to get to know our customers and their needs better while building a stronger relationship. No matter if you’re a long-time Sentinel customer or are brand new to us and have never attended a Sentinel event before, we’d love to see you! Here are some fun and interesting events we have coming up over the next month. Please visit the Events page on our website or click the individual event links below if you would like to learn more and RSVP!
Wednesday, April 3
Safer Schools Seminar [Register]
Our Downers Grove, IL headquarters will be hosting a special presentation and discussion focused on the latest technologies to help improve school safety. There are a number of comprehensive solutions designed to improve alert systems and communication so teachers, students, and administrative staff remain aware of emergency situations and can make critical decisions to help stay out of harm’s way and minimize risk. Attendees will also have the chance to talk with other education professionals to share strategies and insights related to security and incident management.
Wednesday, April 10
HyperFlex Lunch and Learn [Register]
While most organizations and IT professionals are familiar with Cisco HyperFlex and hyperconverged infrastructure (HCI) solutions, there have been some exciting new advancements to the technology that experts from Sentinel and Cisco are excited to share with you as part of a special lunch and learn event at Gibsons Steakhouse in Oak Brook, IL. Find out how you can easily deploy applications across multiple environments and types of clouds, then manage them all at once using a highly intuitive, simple system. It’s an agile and adaptive version of HyperFlex you’ve never seen before, plus a steak so delicious you won’t soon forget it.
Friday, April 12
Cisco Meraki MV Webinar [Register]
Unable to leave the office, but have an hour to spare? Join Sentinel and Cisco for a special webinar that will dive into the brand new features and innovations available for security cameras as part of their Meraki platform. It eliminates all the infrastructure traditionally associated with an enterprise video deployment, plus stores video directly on the cameras themselves so there are no servers or cloud space required to operate them. There are plenty of other great benefits as well, all of which will be revealed through this special Webex presentation. Those registered will also have the opportunity to win an MR33 wireless access point and other Meraki-related prizes!
Friday, April 26
Avengers: Endgame Movie Premiere [Register]
Sentinel will be teaming up with two superheroes of technology – HPE/Nimble and Veeam – to host the premiere of the gigantic blockbuster Avengers: Endgame for our customers in the Phoenix, AZ area. Before the movie, there will be some exciting presentations on the AI-Driven Data Center and protection strategies for Multi-Cloud environments. You may want to hurry up and register for this one, as seats will be gone in a snap!
A Closer Look at Cisco Meraki
by Paul Wiercioch, Sentinel Senior Sales Executive
Organizations interested in getting a different management and visibility perspective of their technology consumption should consider adopting Cisco Meraki. It combines wireless (MR), cameras (MV), voice and switching (MS), plus security (MX) technologies into a single, cloud-based platform that’s easy to use and manage. You don’t need to deploy it for every piece of your environment, but it does offer significant advantages for those working with multiple or complex IT environments such as public school systems, government agencies, and multinational corporations.
The primary benefits of Meraki are ease of management, ease of deployment, and simple visibility. Three years ago, I was working with a customer that had separate systems for each piece of their environment. They had their switching infrastructure on one system, their firewalls on another system, their access points on a third system, and a small closet with monitors for their security camera system. The IT director wanted a solution that enabled him to manage as much of the environment as possible from the least number of systems possible so he and his team could respond to issues quickly. He immediately saw the value of having a standardized platform like Meraki with the ability troubleshoot, manage, patch, and deploy different technologies through one system.
As another example, a long time Sentinel customer was preparing to open up a new remote office location. We had already deployed non-Meraki wireless technology for this organization over the last couple of years, but they wanted to give Meraki a try this time because of the camera system and the ability to manage everything from a single pane of glass. They also needed the solution to be deployed in under 90 days, which meant we had to move quickly and order the equipment, configure it, install it, and then train their IT staff on how to use it.
That type of conversation seems to happen more and more these days. Organizations are looking to shorten the time it takes to deploy a normal, complex, and expensive solution while also making it manageable for end users who are working at a remote location without any on premise IT personnel to troubleshoot any issues. They need the ability to connect and integrate with the system from a branch location on the other side of the country to make adjustments as needed and quickly respond to end users.
Sentinel is responsible for properly qualifying our customers to make sure the technology they want actually aligns with and can fulfill their needs. An ideal candidate for Meraki should be looking to consume more than one piece of the proverbial pie. If you only want to look at switching, there are certainly benefits to be found in Meraki’s cloud management tools, deployment and update capabilities, along with its troubleshooting features. But there are other cloud platforms on the market that are fully devoted to the switching side of things and might be a better fit for your organization. If you’re looking to combine and integrate two or more systems and appliances however, like switching and wireless or switching and security, then Meraki is second-to-none in the industry just because of what you can see and what you can touch.
If you are interested in learning more about Cisco Meraki and how it can benefit your organization, please contact Sentinel for more information.
The Benefits of a Cloud Framework
by Michael Soule, Sentinel Strategic Solutions Advisor
At Sentinel’s Tech Summit earlier this year we discussed a variety of topics, but a common theme among them was the proliferation of cloud services. My presentation focused on the benefits to operational maturity that can be achieved through the strategic adoption of already established cloud services rather than building your own. Implementing a best practice alignment framework can not only improve your cloud operations, but has a wide-range of advantages for your workloads and infrastructure elements no matter where they are running.
There are plenty of great best practice alignment frameworks available today to help you get the most out of your cloud and premise infrastructure investments, including the AWS Well-Architected Framework, the Microsoft Operations Framework, the Information Technology Infrastructure Library (ITIL), and by association, the Capability Maturity Model Integration (CMMI). Do some research and choose one that’s best suited to your particular organization and environment. If you are interested in learning more about methods and strategies to measure your cloud operational maturity, I’d recommend checking out books like Eli Goldratt’s The Goal, The Phoenix Project, or even Simon Wardley’s Maps.
The cloud provides an opportunity for organizations to consider change and reevaluate the status quo. More often than not, the discussion will be more complex than simply moving some virtual machines to the cloud. It enables cloud service providers and standards agencies like the National Institute for Standards and Technologies (NIST) to develop frameworks and offer guidance on how to properly measure and improve your IT posture. The AWS Well-Architected Framework is a great example of this, as it features specific questions that encourage you to consider innovative ideas and approaches you might not have come up with on your own. These frameworks also incorporate on premise infrastructure elements so you’re not just focusing on the cloud.
One example I used during my presentation is a question from the Reliability Pillar of the AWS Well-Architected Framework: “How do you monitor your resources?” This single question can lead to multiple in-depth technical discussions about what is most valuable, from a stack of switches to your organization's enterprise resource planning (ERP) system. Every piece plays an important role in your IT operations, whether you own the facility it resides in or not.
This is just a small portion of what was covered at the Tech Summit. There were many other important topics worth exploring in greater detail, including new identity management tools that incorporate certificate-based authentication or single sign-on technologies, as well as modern systems management that use Infrastructure as Code (IAC) or Functions as a Service (FaaS). Sentinel offers Jumpstart packages designed to help your organization make real progress on its cloud journey. They focus on establishing public cloud landing zones to create a standardized configuration baseline, along with shifting your backup and disaster recovery solutions to the cloud as a way of modernizing your existing processes. If you are interested in learning more about these packages or any of our other CloudSelect offerings, please contact us.