[dropcap] W [/dropcap]elcome to my first newsletter for TBJ Consulting. We are going to be producing this on a monthly basis to help keep you updated on some of the trends in the Technology Industry and also to help with your IT decisions. We also just launched our website at www.tbjconsulting.com where you can find more information about us.
For those of you who do not know me, I sold a business I started in 2001 and started this TBJ Consulting LLc. After the sale of JSO Technology, I was unsure of exactly what I wanted to do. I decided that I really enjoy the technology field and workings with clients helping them solve problems. I am just doing it this time with a bit more balance in my life. So I started this company to fulfill those needs. This time I am just going to be focused around Network Security, Infrastructure and helping clients with technology decisions. We are also looking for some good clients. I am going to be a bit more selective this time. I want to make sure it is a good fit for everyone. If not, it just leads to frustration and at the end of the day poor service. I am not looking for clients who just want the cheapest price or fight me with every recommendation I make. At the end of the day it is not worth it and takes too much energy.
I have noticed a trend in this business that most of the IT providers just care about the next sale. I really want to offer my clients a good value with premium service and products. I do not want to be what I call the arrogant consultant or just looking for the next sale and run. That is why I am careful who I partner with and which products I recommend. I want to make sure it is a product that has great support and is something you can manage if you would like. I also want to make sure that if you need to find someone else to support it, you can.
Some of the items you can expect are a monthly Tech Tip to help you out. a highlight of a Vendor we work with and product updates. From Time to Time I am also going to have a gadget corner section. This is an item or gadget I have reviewed and is something I will offer others the chance to review.
I am also going to start providing Lunch and Learns and also start presenting at Trade shows. If you have an idea of a topic you would like to learn more about please contact me.
The main goal of this newsletter is to provide you with useful information. If you have any advice of what you would like to see, I am very open to ideas. You can also tell me what you don’t like about other newsletters or how I can improve this newsletter.
Also if you are working with the arrogant consultant or need help, you can find my contact information below.
Vendor Highlight of the Month – Palo Alto Networks
I have been working with Palo Alto Networks for some time and they have a great product. They have some exciting new releases I think you should be aware of.
[tab title=”4.1 Code Release”] This is a big deal for them as it provides a few nice functions. The first and foremost being VPN Support for Apple devices and the mighty IPAD. They also support Droids and others. Before this release VPN was very weak and not something I was recommending to my clients. [/tab]
[tab title=”WildFire”] These days we are not seeing the mass virus attacks of the late 90’s or the early 2000’s. The attacks are much more targeted these days. With that, more and more virus scanning products are having a difficult time keeping up. Palo Alto has a neat feature called Wild Fire. It will take certain file types and ship them off to a virtual machine to review. This virtual machine is Window bases. If the file is doing something it is not supposed to be doing, it gets blocked. This helps with malware infected .exe and zip files. It is truly something unique in the industry. [/tab]
[tab title=”PA200″] They also released a firewall for the small business, the PA200. It has all of the same features of the big boys, without the cost. You can get the great application intelligence at an affordable price. You also get Active Directory Integration, Wildfire, Spyware and Malware detection.
We at TBJ can provide a demo unit if you would like to see of the features. We also offer the ability to manage the firewall for a monthly fee. We purchase and do all of the firewall changes. We even keep it updated with the most current firmware. Call us at 414-303-2182 or email firstname.lastname@example.org for more information. [/tab]
I have had a majority of clients this year call me with spyware and malware issues. Some of these clients are using Next Generation or UTM firewalls. After reading a Wall Street Journal Article (It is a good read, it has more than just business in it). I discovered that advertising was causing people to receive malware. What was happening is someone was purchasing advertising time on the websites and when they placed the ad on the website, it inserted malicious code. Some of these sites are banking and other sites.
To prevent this I had those clients block the advertising category. Once I had them do that, most of them stopped receiving spyware and malware. I would highly suggest you do this simple item. It is a bit of a nuisance as you will see blocked items on a webpage, but in the end it will save you much hassle.
TBJ Consulting will be at Brainstorm 13.0 Monday March 12th at the Kalahari Resort & Convention Center, Wisconsin Dells, and WI. Stop by our both to register for our show giveaway.
We also might be presenting at that show.
Pass The Hash Attack
Passwords in Active Directory are stored in a hash. In the 90’s and most of the 2000’s the computing power was not enough to crack the hash in a timely fashion. Today with the high computing power of most devices, this attack is becoming much more common. The thing is you do not even need to perform a brute-force attack to gain access to the passwords.
Getting access to the hash database(what you will need to get the administrator password) is very easy with the availability of free downloadable tools from the Internet.
To see if you could be vulnerable to this attack you can perform a test on your network. Running the test will require at least two computers, one being a domain controller and the other being a member server of the domain. You will also need a few free utilities from Truesec – Islsass X86 and RunAsh x86. To get complete instructions go to tinyurl.com/hash338