Get Rid of Windows (Backup Windows That Is)

Get Rid of Windows (Backup Windows That Is)

Backing up data may be the world’s most important job that no one wants to do.  Every company in the universe these days understands that data is paramount to the organization. 

Take, for example, a landscaping company.  An organization that makes its money cutting grass, planting trees, building patios etc.  None of these activities involves an executable file. So where is the data? 

Consider for a moment all the activity that happens in between the time that shovels are hitting the dirt.

  • What job is being worked this week and where?
  • How many hours were spent on it?
  • What was spent on fuel and how many miles were trekked on the road? 
  • Who is being billed, who is being paid and how much of each? 

Today, this information and more is being tracked as electronic data. And even if this landscaping company is fully cloud-based in its approach – the data exists, and it had better be backup up somewhere.

So, if data is so important, even to the least data-driven business, why does no one want to back it up?

The dreaded “backup window”

Every admin has had the experience of cracking open their laptop first thing in the morning only to find the backup… from 12 hours before… is still running.  Or, worse yet, finished in no time at all!  No time at all because the backup failed. The backup window is a nightly free for all where anything and everything can go wrong.

Here is a timeline for a traditional daily backup:

Traditional Backup.png

 

What remedy can the backup admin apply? 

Answer - Simple, get rid of the backup window.

With Quest Rapid Recovery, backup windows are a thing of the past.  Rapid Recovery uses an incremental forever approach, writing down only the data that has changed since the previous backup. 

Following this logic, a backup that could be executed every, say, 30 minutes would have only a small set of changed data to gather and transfer to the local appliance, greatly reducing the time and network traffic to perform a backup.

Furthermore, all backups are done using snapshot technology, so the writes are consistent without disrupting your production work. The data is deduplicated and stored, ready for recovery if necessary

As an added bonus to eliminating the backup window, the frequent backup increments mean the Recovery Point Objective, or RPO, is cut down considerably.  Instead of going back to yesterday to find and restore data, one can go back less than an hour. 

This represents a tangible savings in worker production should a server fail in the middle of the workday. Here is a timeline of a Rapid Recovery backup:

Backup Rapid Recovery.png

What does that mean for your business?

Ransomware Protection

If a ransomware virus infects your file server, you just restore it from the last clean backup.  This was less than 30 minutes ago so you will lose minimal data. Rapid Recovery uses “Live Recovery” so your users can access the data while it is being recovered. 

  • No ransom paid
  • Minimal data loss
  • Minimal downtime

In case you are wondering, this is a real-life scenario.  It happened to one of our managed services customers and here is the timeline.

Malicious Attacks (by an employee!)

Maybe you fired someone who wasn’t doing a good job, but you were nice and gave them some time to pack up their things and say goodbye to their colleagues.

However, what you didn’t expect is that instead, they went back to their desk and started deleting critical data. Oh, and by the way, you are a medical company so losing this data could have legal implications that could cost the business thousands of dollars.

Fortunately, you have Rapid Recovery which means you can recover that data from backup almost as fast as it is being deleted.  You don’t have to go back to last night’s backup and hope it’s a good one. Instead, you can go back 30 minutes and find all the files you need.

Again, this really happened to one of our StorTrust customers. They called us in a panic and we helped them recover the files while the rogue employee was escorted off the premises.

Malicious Attack Deleting Data.png

There are additional benefits to Rapid Recovery that one can explore, including:

  • Near instant restore of critical servers with virtual standby capability. 
  • Built-in core-to-core replication for off-site storage or cloud disaster recovery like Abtech’s StorTrust service. 
  • Live Recovery:  Provides near-zero RTO by giving users access to their files while they are being recovered.
  • Universal Recovery: Recover a virtual machine to different physical hardware. Recover a physical server as a virtual machine or to a different physical machine.
  • Encryption: AES-256 encryption protects data in motion and at the remote site.
  • Deduplication: Powerful inline, block-level deduplication reduces bandwidth and storage usage.
  • Compression: Built-in compression algorithms compress files and data by as much as 80:1. 

In short, backup windows can be a thing of the past and the experts at Abtech Technologies can help make it happen. 

 

 

 

 

 

 

NetApp Maintenance: It’s not all about the storage

NetApp Maintenance: It’s not all about the storage

The majority of third party maintenance companies tout their experience in one maintaining one vendor or another.  They all say the same thing: 10, 20, 30 years of experience; tested spares; local engineers.  Something is missing.

Maybe everything else is missing.

Network storage doesn’t exist in a vacuum.  It exists in an environment of servers, operating systems, hypervisors, HBA’s, and networks. So, it makes sense to make sure that your support company knows more than just how to swap out a disk drive so the amber light turns green. Like maybe the network itself.

In addition to the usual (experience, tested spare parts, local engineers), Abtech has what most third-party maintenance companies don’t: on staff system administrators that work all day, every day, in multi-vendor network environments. 

When a NetApp filer has an issue beyond a hot swappable head and starts heading into networking territory, Abtech’s consultants can work with our hardware customer engineers to troubleshoot the problem and even fix it for you.

The result: better maintenance, faster diagnosis of problems, and increased uptime for you.

I saved $150K/year on my NetApp storage maintenance!

I saved $150K/year on my NetApp storage maintenance!

One of the largest content translation services was growing exponentially, requiring massive amounts of processing and storage. They scrambled to keep up with demand for their services. They added hundreds of servers and dozens of SANs at their colocation facilities to meet customer needs with little time to plan for systems integration and ongoing infrastructure support. Over time, they realized the support cost for this massive increase in infrastructure caught the attention of the accountants. 

They contacted Abtech for help. The cost of NetApp extended warranty support for their ten Filers (4x FAS6240, 2 x FAS6080, 2 x FAS6030) in two locations was more than US$250K/year.

Abtech provided as good or better support than NetApp for less than $100K/year, saving $150K/year.

While the annual cost saving made the financial team at HQ very happy, the technical team was about to be just as overjoyed. 

After several months of remote monitoring and performance analysis, Abtech determined that the Filers were not configured optimally. Abtech worked with client’s staff in multiple locations to reconfigure and relocate systems between sites, leading to a consolidation from 10 Filers to just 6.

Not only did this further reduce support cost by another $50K/year, but we also enhanced availability by configuring HA clustering on the Filers.

Over the 3-year engagement, Abtech saved the client more than US$500K, while reducing colo costs and enhancing availability. As an additional value-add, when the client closed their Denver colo, Abtech assisted in the relocation of Filers to their other colo and handled the removal, data wipe, and re-purposing of hundreds of servers and SANs.

My NetApp Storage will never go down, again!

My NetApp Storage will never go down, again!

An Abtech client, with offices across the US and globally was losing tens of thousands of dollars per day.  Why? 

Their NetApp Filer had failed, leaving their team unable to access critical data.  They immediately called NetApp who told them that their Filer was beyond the End of Service Life date. There only option was to replace with a new unit. This with no guarantee that they would still have their data.

They gave them one option - just buy a new one!

When a company is offline, the last thing they want to hear is a salesperson trying to sell them hardware!  Besides this, a storage refresh would have taken weeks to complete and cost tens of thousands of dollars, on top of what they were losing in production each day.

Instead, they called Abtech.  Abtech provided same day response to return the Filer to operation and put it under an Abtech maintenance contract.  The customer was back in business.

This allowed the client time so a refresh plan could be properly budgeted and a phased migration could be planned without any disruption to the company's business.

If you find yourself in a similar situation, where your ageing Netapp filer is no longer supported, Abtech can help.  Better still, speak to us while it is still under Netapp support, so we can plan your migration to Abtech support and not risk this happening to you.

Ways to Eliminate OEM Warranty Frustrations

Ways to Eliminate OEM Warranty Frustrations

So, you may have a few to a couple thousand servers that need maintenance and software updates? And, you have a rigid OEM warranty that doesn’t address your service needs? Let’s talk about ways you can eliminate your frustration. There’s the smart way, and there are misguided ways!

The Smart Way

The smart way is to hire a 3rd party support service provider to assist with your SPECIFIC needs for half the cost of OEM coverage. 3rd party service providers, like Abtech, can manage entire operating systems that include hardware and software problems as well as firmware and system updates. Ultimately, YOU will get to design the service you need for your server set up environment.

Contract.png

Misguided Ways

There are two misguided ways that may seem like reliable solutions in the beginning, but they will actually continue to blow your fuse.

1st Way: You decide to purchase a few spares in case a few servers decide to call it quits. This may sound like a very attractive and cheaper deal until you delve deeper into the technical logistics. First, you’d have to make sure you purchase the SAME server with the SAME configuration. Second, you’d have to make sure you didn’t make any changes to environment over the time the old server was operating. Third, you would need to make sure that you were updating the spare with the same software and firmware patch levels as the production servers. Fourth, most servers and all SANS have batteries that require regular replacement. If spare systems are left powered off until needed, it’s likely the batteries will have discharged and would need to be replaced before the spares could be used.

What’s the conclusion?

You will create an unnecessary burden on a system administrator. They would have to remember to patch the spares while keeping their and YOUR fingers crossed that the firmware versions would match under extreme pressure to get the spare up and running in a sufficient amount of time. Also, you may need to purchase additional parts for the spares. Do you have easy access to these parts? Can you get and install the parts fast enough while you’re under stress and pressure? Can you anticipate further potential problems to get the spare servers operating with the most updated data and speed? These are important questions to ask yourself before you embark on solving critical server hardware responsibilities for your company.

2nd Way:

You decide to purchase and stay with the OEM (like HP) Warranty. You have their equipment, so why not stay consistent and keep them operating your system? Wouldn’t they know your system best? This may also sound like a viable solution until you get into the thick of the details! OEMs have been infamous for overbilling, overcharging, and delaying your warranty services.

Just recently, we received a call from our client who was determined to do away with all their HP equipment because they had taken 3 months to reconcile their annual support renewals. And even after those 3 months, they found out that they were still paying for an inactive system in their production. Another customer discovered that an OEM charged them twice for a service that was already guaranteed with their warranty service. And the big, grand finale, OEMs charge a “return to service” penalty equal to the full support cost during the “off support” period.

What’s the bottom line?

OEMs will not guarantee the proper level of support for your system. Therefore, you are at risk. OEMs have the power to charge whatever ridiculous support charges they want so long as you purchase them! They don’t allow you to design the coverage of your hardware maintenance and software needs with the budget you have at your disposal.

All in all, it is best to build a true support partnership with a 3rd party support provider. You will be able to uniquely create a coverage plan that protects your business!

Make the smart decision and say goodbye to OEM frustration today!

7 Reasons Why Your Database Will Crash

7 Reasons Why Your Database Will Crash

Databases are not invincible.

Here are 7 reasons for why databases will crash and why you need a hands-on DBA to partner with:

1. Low Maintenance on Pre-Deployment Scripts - There are many reasons how this could occur. 1.) Databases become destabilized when they don't have the needed keys and indexes to eliminate redundancy and improve response time. 2.) The latest upgrades of a system software and the database aren't functioning well together; resulting in poor performance. 3.) The planning of your database configuration is mismanaged. 

2. Database Is on the Wrong Server - The race for server hosting has never been so competitive as today! It can be very tempting to configure your system or plan an upgrade for a cheaper rate. Without careful strategy, your database and information can wind up on shared servers which can deny users when the network is full in shared resource usage. This can happen for reasons like poor configuration or query, faulty application coding, or even a compromised application/database. The effect is that the database is deficient in resources including memory and processing. 

3. Your Application and Queries Can Be Hostile - This can happen when your application's data access layer (if you have it) is not programmed correctly. It causes slow queries or too many queries being issued. These queries can be made when there is under/over-utilization of indexes and bi-directional table joins. This in turn causes indexes to be wasteful, flawed, and even absent. It all comes down to lousy quality design, lack of standards, bad coding and poor optimization queries. 

4. Hardware and Software Failures - A host server hardware or power failure can crash your database server to stop very suddenly. It can be pretty scary! Safeguarding quality hardware, a power backup plan, and rigorous system administration maintenance are the solutions to any kind of crash prevention. 

red server.jpg



5. Limited Amount of Memory and SWAP Space - A database uses memory based on buffers, caches, and log files such as data files and index files. The database buffer cache is the place where the database server duplicates data from data files and place for processing. As data volume increases on the database, the information located on the file system will increase too. If an equal amount of memory is not allocated for in-memory resources, the database will try to grab SWAP memory. And of course, if there isn't enough SWAP space available, the database server may stop the operation or crash due to lack of memory. 

6. File Permission and Corruptions - A great number of database crashes are caused by file permission issues, corrupted data, and index files. There are several reasons for this: 1.) Other processes are modifying a data or index that is written by the database without accurate locking. 2.)  Database server processes are using the same data directory in the host system that does not contain support for good file system locking or external file locking. This can disable the database servers. 3.) The database server tries to read/write from an already crashed and corrupted data/index file. 4.) A defective piece of hardware, such as I/O corrupting a data/index file. 

7. No Expert DBA on Board the Team - Systems can fail when you do not have a proactive DBA who has foresight and planning solution skills. A DBA provider can OVERSEE EVERYTHING for you. They can check data integrity, monitor the logs, catch problems, scale your system needs, and optimize performance space. This takes constant planning and critical organization in order to prevent system crashes that can seriously harm your database, as well as your business. 

By taking these 7 reasons for database failures in mind, choose a DBA that can provide you immediate results. Abtech has a full range of remote DBA services for OracleSQL, and Informix. If you need to hire a DBA, please speak to Abtech first. We can reduce the cost and increase the quality of maintenance on your database servers.

Don't wait until your system crashes or fails! We are here for you!

 

DBA Guy.jpg

Your HP Proliant Warranty Is Expiring Soon: What Should You Do?

Your HP Proliant Warranty Is Expiring Soon: What Should You Do?

After discovering your End of Life or End of System Life date on your HP servers, you’re probably wondering what to do.

1.       Should you extend your HP Carepack Warranty with the manufacturer?

2.       Should you reduce your annual/monthly post warranty costs by finding a third-party IT maintenance company?

In this article, I am going to present the advantages in switching to a 3rd party HP maintenance provider and share an example of how an Abtech customer has really benefitted from doing so.

After your original HP warranty expires, you will have the opportunity to upgrade and gain improved maintenance support. Servers are bound to fail, stall, or shutdown. They get old, collect dust, and slow down over the years of helping you operate your business.

Here’s how Abtech can alleviate your stress during a post-warranty HP Server Maintenance Upgrade:

  • Cost: You will save 50-70% on support.
  • Flexibility: You will choose a service that best matches your business needs.
  • Skills and Experience: You will have highly experienced US-based engineers in your area to assist you 24/7.
  • Parts Availability: You will have a large spare parts inventory for backup as one of your package options.
  • Options: You will have 100% support for systems no longer carried by manufacturers.

Let me give you a timeline to demonstrate how Abtech has helped a public office grow their efficiency in upgrading IT hardware and support:

2014: We moved from HP support to Abtech for 40 x HP Proliant G4 and G5 servers.

2015: We added 10 x HP Proliant G6 servers.

2016: We added 10 x HP Proliant G7 servers.

2017: We added 10 x HP Proliant G8 servers.

2018: We are currently  70 x HP Proliant G4/5/6/7/8 servers with 45 x HP Proliant G9 servers with Abtech acting on their behalf to manage HP warranty service calls.

Server Infrastructure.jpg

 

Our partnership began in 2014 when a harsh blizzard hit the East Coast. A frustrated municipal organization was receiving bad press for their city’s Mayor being unable to send and receive emails. Due to inclement weather and remote OEM warranty services, the Mayor’s Office was restricted from receiving replacement parts and onsite technician assistance for several days. As a result of this experience, the Mayor’s Office IT staff asked the OEM to provide onsite spares and remote support for their mission critical servers. After endless negotiations and red tape, the Mayor’s Office elected to drop OEM support and move to Abtech support services. We provided a deep stock of replacement parts onsite for their Data Center. They decided to gain 7x24x365 remote and local onsite support from our OEM-certified Service Engineers.

When it was time for a system refresh, the Major’s Office wanted to keep the proven support model for their new server infrastructure. Abtech and the Mayor’s Office worked together on purchasing new servers to minimize the cost of maintenance. With careful evaluation, the client selected the lowest level of OEM warranty support while also continuing the same Abtech services:

  • 4-Hour Onsite Customer Engineers
  • Onsite Spares
  • 7x24x365 Remote Support

Today, we provide the Mayor’s Office with a weather-proof support solution the OEM could not uphold. We have extended the service life of their critical IT infrastructure from across 5 generations of HP Proliant servers; Gen 5, Gen 6, Gen 7, Gen 8, and Gen 9. Going forward, we will continue to keep this client connected and secure.

With this service example in mind, we are proud to extend our support! We can certainly create a plan together that will best fit your business. When you discover a 3rd Party hardware maintenance company like Abtech, you are upgrading to better warranty service as well as better IT support. Don’t allow your HP Carepack to expire. If you do, you cannot get the same warranty agreement as before. In fact, you’ll get a more expensive offering that includes less warranty perks. And even more annoying, you may end up with having to self-diagnose IT failures, search online for parts, and wait additional time to receive them. Maintenance issues can be a grueling process and a lot can go wrong if you do not have the extra support to assist you with upgrading, replacing, or repairing server parts.

Therefore, let Abtech be your problem solver.

Your warranty services with Abtech Technologies will pay off.

Five Things You Need to Know About Hardware Maintenance and Mission-Critical IT Infrastructure Management

Five Things You Need to Know About Hardware Maintenance and Mission-Critical IT Infrastructure Management

Your data center infrastructure is mission critical and needs to be managed using best practices. Here are five critical areas you need to focus on:

What and where are your mission-critical IT infrastructure assets?

Simple as it sounds, keeping an up-to-date asset inventory of critical IT data center and remote location assets is anything but. In larger enterprises, asset management software is typically deployed to track valuable IT assets; however, many smaller organizations rely on manual inventory lists that are hard to maintain and quickly become outdated or forgotten as IT asset management responsibilities are reassigned within IT support departments. If you don’t know what you have deployed, it can be challenging to maintain operational budget compliance, pass internal and external audits, and identify hardware maintenance schedules or end-of-life infrastructure, which increases your risk profile.

Quest’s KACE asset management and end-point deployment software tool offers a good value for small to medium-sized businesses. More info at: https://www.quest.com/kace/

Are your mission-critical IT assets currently under some type of support agreement, either through the OEM’s warranty or extended warranty agreements?

There are three parts to this question. One is licensing compliance. The second is firmware and software revision control, and the third is when the support and licensing agreements are to be renewed. It's important to engage all stakeholders within the enterprise in an annual review to ensure that systems meet current and future growth and performance requirements. Decisions regarding system refresh, performance tuning and planning for future growth should be encouraged at these times.

Dell’s DPACK, a free, memory-resident performance gathering tool is an excellent solution for reporting all physical and virtual systems performance and resource utilization. More info at: http://www.dell.com/en-us/work/learn/dpack

Is there an opportunity to enhance mission-critical IT infrastructure?

Many IT organizations are asked to continue to support workload and user growth with little to no increase in operating and capital budgets (sound familiar?) This can force a “set and forget” practice of installing and configuring IT resources initially, then moving on to other priority projects, having no choice but to leave the old resource configurations in place until retirement. What many IT department leaders may not realize is that with some relatively inexpensive software tools, it is possible to put a “dollars and cents” figure to this practice.

Quest’s vFoglight is a tool that applies value to each resource, and can identify savings that are available, based on recommended reconfigurations. More info at: https://www.quest.com/foglight/

Are internal infrastructure support resources being utilized properly?

In today’s heterogeneous computing, storage and networking environments, it is challenging to maintain the necessary depth of certifications and knowledge within the organization’s support structure. For this reason, third-party maintenance options from trusted partners, such as user groups and online forums — or, if budgets permit, professional services available from independent support and service organizations like Abtech Technologies — are critical to maintaining your infrastructure. More info at: www.abtechtechnologies.com

Should you engage an independent (multi-vendor) IT infrastructure support partner?

The answer here is…why not try? Tap your professional network and ask your associates at other companies who they've used for hardware maintenance in the past, and how they rate the experience. Select one or two recommendations for potential support partners and engage them in discussions regarding your environment, goals and objective (such as performance vs. cost, high availability vs. hardware costs, etc.) Check their client references and speak with not only the account reps, but also the customer engineers, both local and remote.

Randy Henniger is a Senior Support Specialist at Abtech Technologies, based in Carlsbad, CA. Randy has more than 30 years of experience in enterprise solutions and services with IBM, Dell/EMC, HP, Western Digital and Data Switch. Abtech Technologies is an independent IT support and services company with thousands of clients and support centers around the U.S. More info at: www.abtechtechnologies.com.

Are Your Servers Feeling Unloved?

Are Your Servers Feeling Unloved?

It isn’t fashionable to talk about servers anymore, especially old ones. All the talk is around Cloud Applications, DevOps and Hyperconverged Infrastructure.

Unloved Servers.png

But wait!

What is keeping your critical business processes running? What is hosting that ERP software application or that Oracle database that’s allowing you to get your stuff out to customers on time, that’s making sure your invoices go out promptly?

Yes, that would be those reliable old servers that sit purring away in your datacenter, with a host of green flashing lights and the odd red light....
 

Server Red Light.jpg

A red light!

There can’t be any red lights!

Unfortunately, there are. This is because the systems are still being supported by your hardware vendor.

Your IT team really doesn't want to log a support call, because they will be routed to a distant call center on the opposite side of the World, where the phone will be answered by Bob. Well, he uses the name Bob and he is a level 1 call center support engineer. In reality, he has just joined the team and hasn’t had a lot of training. His English is OK, but he doesn’t really understand a lot of the technical terms.

Maybe your team was brave enough to make the support call and explain the problem to Bob. The vendor’s engineer turned up on site but didn't have the right part in stock. Their SLA says "4-hour Response" - where technically they met, so they are fine waiting a week for the part, even if you (or your customers, or your boss) are not!

Unhappy Team Member.jpg

This explains why your servers are feeling unloved.

But there is another way, which could make you, your team and your servers a whole lot happier.

You could put your servers on a support contract with Abtech Technologies.

Abtech has been in the business for 30 years and has some of the most experienced engineers in the industry. They are all US-based and, when your IT team puts in a support call, they will usually be put straight through to their local engineer to diagnose the issue.

What’s more, we carry spares for all the systems we support. Enough spares so that the engineer will have the part on hand. In the rare event that the spare was just used and not replenished yet, it will be shipped overnight for next day delivery.

This is why many of our support clients have been with us for 10, 20 or more years, through several hardware refresh cycles.

They have also sought our guidance when refreshing their hardware, which we are happy to provide. Abtech also has partnerships with many tier one hardware and software vendors, so we can supply as well as support.

Too busy to do it all yourself?  Our on-staff consultants  can size, supply and implement new IT infrastructure, so you are in good hands. 

To top it all, our clients are routinely saving 50-70% off the annual cost of their hardware support contract. So, not only are their servers feeling loved, but their CFO is delighted.

Everyone is Happy with Abtech Support.jpg

Preparing For Hurricane Harvey

Preparing For Hurricane Harvey

How we were able to prepare and protect our clients’ businesses from a major natural disaster.

Watching the news late last August, we saw that Hurricane Harvey was headed for the Texas coast.

Abtech has customers in our StorTrust backup and disaster recovery cloud that would be right in the path of the hurricane, especially one of them, a supply company to the petrochemical industries.

We contacted our customer to talk about preparing for a possible disaster recovery invocation.

As a result of the call, we decided to do some advanced preparation and set up their disaster recovery environment. Using Rapid Recovery’s virtual standby server features, we created images of each server required for the disaster recovery.

As Rapid Recovery takes each recovery point in their production environment, it is replicated to the StorTrust cloud and the virtual standby server feature applies that data to the images of their servers. This allows a very small recovery point objective and minimizes lost data should the worst happen.

Our StorTrust cloud service includes an annual test. During this test, we configure and spin-up the customer’s disaster recovery environment and set up the networking to connect everything.

Once the test is finished, we store the configuration for use during a disaster.

In preparation for the possible invocation, we applied the configuration to the virtual standby servers we created and we were ready to spin-up if necessary. We supplied a unique IP address to the customer should they have to access their servers.

On the day the hurricane hit Houston, we sat near our phones waiting for a call.

18 hours into the event, we finally got it.

Our customer asked us to start spinning up their environment – they had lost communications with their servers in the colocation facility.

Because the StorTrust cloud does not rely on websites or menus to start a disaster invocation, the one call was all our customer had to make to get things started. In his case, that was important because they did not have a network connection to work from and would not have been able to set up their environment and start it.

We started to spin-up the servers and make them active.

We were almost ready to put everything on air when received another call saying that network contact with their servers had been restored and asked us to stand down.

It turned out that one of their colo’s network feeds had flooded and they were able to fail over to another feed entering the building from a different direction, which is proper for a good colo facility.

Our customer finished riding out the storm without further incident and we put their environment back in normal backup mode. Having everything ready ahead of time in this instance allowed our customer’s personnel to worry about their families instead of how to keep the company running

 

 

What to do when an ex-employee starts deleting your company data.

What to do when an ex-employee starts deleting your company data.

We had an interesting customer situation to deal with recently here at Abtech.

One of our StorTrust clients had to let one of their employees go.  Nothing too unusual.

However, they didn’t escort the person off the premises, delete their login and move on.  Instead, they let her go back to her desk while they sorted out the necessary paperwork.

So, what did the now ex-employee do with that time? Did she quietly pack up her stuff and say goodbye to her colleagues?

Unfortunately not.  Instead, she logged onto her system and started to delete files and emails.  The company was in the medical space and not having these files could have compliance implications.

Luckily, someone noticed and notified their manager, who removed the ex-employee from her desk and arranged for her network access to be revoked.  

I guess that person will not be getting a reference anytime soon.

So, what could they do to recover the data?

After a bit of head scratching, someone pointed out that they had recently signed up for a StorTrust backup and DR contract with Abtech.

They called us up and asked if we could help.

StorTrust uses Quest Rapid Recovery software at its core, which has powerful recovery capabilities.  It can be used to recover complete servers but also individual files and emails.  

Our engineer logged on and reviewed the logs.  They found where the files had been deleted and recover them from a recent backup.  

The whole process took less than 10 minutes.  All the data and emails were recovered to their original location.  

The first thing to learn from this is that, when you let go an employee, they can sometimes do irrational things.  So, have everything prepared, including instructions to cancel their network login, before you have that “we are having to let you go” conversation.

What this also shows is the value of having the right backup and recovery solution in place.  StorTrust and Rapid Recovery provide the protection against this and many other scenarios.  These include ransomware attacks and hardware failures as well as the more obvious natural disasters.

If you want to know more, please give us a call or download our ebooks on Disaster Planning and How to Deal with a Ransomware Attack

 

An employee opens an email virus. Read what happens & see a timeline of events [Infographic]

Curious how a backup and disaster recovery (BDR) service can be really helpful? Here's a real-life example: 

One of our managed services customers recently experienced a ransomware attack. A member of staff was sent an email with a virus attached to it. This is a widely used piece of ransomware, which encrypts the files on the computer it infects and any directories on other systems it has access to.

The email looked genuine and was addressed personally to that staff member by name, so he opened it. Immediately his system was encrypted. The virus also encrypted the company file server so none of the users could access their data. Everything ground to a halt.

Shortly after a ransom request arrived in the user’s inbox asking for a sizeable amount to be paid in bitcoins. The CEO and CFO were alerted and, after a short period of mild panic and discussion, they called Abtech for advice.

Fortunately, they were signed up to our StorTrust Backup and Disaster Recovery (BDR) services. The service uses Quest Rapid Recovery software that is configured to take snapshots of their systems every 30 minutes (it can take Snapshots every 5 minutes, but this customer preferred every 30). The data is then replicated to our StorTrust cloud data center in Nevada, for disaster recovery purposes.

The StorTrust engineer checked the logs and found that the last good backup happened 5 minutes before the ransomware attack. This meant that we would be able to recover the data to a clean file server and the client would only lose 5 minutes’ worth of data.

The client agreed and we restored their infected server from a clean backup. The user’s system was also reimaged and data restored from the backup. The whole process took less than an hour and no ransom was paid.

If the infection had been more widespread, we would have elected to spin up their critical systems in our cloud, using the replicated good backup, so their users could continue working, while we cleaned and restored all their infected systems.

If you want to know more, please give us a call or download our ebooks on Disaster Planning and How to Deal with a Ransomware Attack

 

recoveringcompanydatafromransonware.png

What Options are Available When Your Dell EMC Support Contract Is Due For Renewal

Hardware Upgrade or Replacement Option

Upgrading is worth considering especially if your performance needs have grown.  The arrival of low cost SSD drives and ever larger capacity bulk drives, means you can experience a considerable improvement in both performance and capacity by upgrading. 

Check out our article on Dell EMCs storage roadmap for guidance on the options available.  As a DellEMC Platinum Reseller, Abtech can advise you on the best options for upgrading.  We can also make use of current partner promotions to get you the best possible deal.

 

Dell EMC Mid Range Storage Strategy

In many ways, OEM support ending after two or more years is a symbiotic process, if by force. They're essentially weaning you off OEM support reliance so you can benefit from third-party maintenance.

Going with a third-party maintenance plan isn't a bad transition for various reasons, though you'll want to know when it's appropriate. It's better to transition before your OEM support ends so you won't have to scramble to find something suitable.

Renewing OEM Support

For some IT equipment, it's sometimes possible to enter a longer OEM support agreement than others. Often, they'll allow you to enjoy several years of support and then extend to a limited point through contract renewals. 

If your equipment is still fairly new, this may be a good option and Abtech can provide pricing to renew your OEM Support with Dell EMC. 

You will maintain access to firmware upgrades and services like Co-pliot on SC/Compellent Arrays.  OEM Support is generally of a high standard, although your initial call may be routed to a call center outside the US, initially.

 

Third-Party Maintenance

Dissatisfaction with OEM support is one of the main reasons companies switch to third-party maintenance recently. According to statistics, 75% of companies make this switch because OEM support didn't help with changing business requirements.

Data like this shows why maintenance from outside sources has rapid growth in IT departments worldwide.

When you find a new maintenance team, you're going to discover they give you many benefits over OEM Support, if you choose a reputable support provider like Abtech.

The main advantage is cost savings.  Typically our 3rd party support is 50-70% cheaper than OEM support. Parts and EMC-trained engineers are local to site and the first call will always be routed to a US based engineer.

An additional benefit is that support will be available long after the OEM has ended their support on the hardware.  

If you are not seeing any good reason to upgrade your hardware, but want to avoid the high costs of OEM support, EMC support from Abtech could be the way to go.

Summary and Recommendations

Upgrade or Replace - Recommended when performance and capacity needs have increased and you have capital budget available.

EMC OEM Support - A good idea if the equipment is still relatively new and regular firmware upgrades are being released.

Abtech 3rd Party Support - A good option when high support cost is an issue or if you are not happy with the OEM support.  This is the only option if EMC has ended support on the equipment.

Preparing for Hurricane Harvey - Disaster Recovery in Action

Preparing for Hurricane Harvey - Disaster Recovery in Action

Watching the news late last August, we saw that Hurricane Harvey was headed for the Texas coast. Abtech has customers in our StorTrust backup and disaster recovery cloud that would be right in the path of the hurricane, especially one of them, a supply company to the petrochemical industries.

hurricane harvey

We contacted our customer to talk about preparing for a possible disaster recovery invocation. As a result of the call, we decided to do some advanced preparation and set up their disaster recovery environment. Using Rapid Recovery’s virtual standby server features, we created images of each server required for the disaster recovery. As Rapid Recovery takes each recovery point in their production environment, it is replicated to the StorTrust cloud and the virtual standby server feature applies that data to the images of their servers. This allows a very small recovery point objective and minimizes lost data should the worst happen.

Our StorTrust cloud service includes an annual test. During this test, we configure and spin-up the customer’s disaster recovery environment and set up the networking to connect everything. Once the test is finished, we store the configuration for use during a disaster. In preparation for the possible invocation, we applied the configuration to the virtual standby servers we created and we were ready to spin-up if necessary. We supplied a unique IP address to the customer should they have to access their servers.

On the day Hurricane Harvey hit Houston, we sat near our phones waiting for a call. 18 hours into the event, we finally got it. Our customer asked us to start spinning up their environment – they had lost communications with their servers in the colocation facility. Because the StorTrust cloud does not rely on websites or menus to start a disaster invocation, the one call was all our customer had to make to get things started. In his case, that was important because they did not have a network connection to work from and would not have been able to set up their environment and start it.

We started to spin-up the servers and make them active. We were almost ready to put everything on air when received another call saying that network contact with their servers had been restored and asked us to stand down. It turned out that one of their colo’s network feeds had flooded and they were able to fail over to another feed entering the building from a different direction, which is proper for a good colo facility.

Our customer finished riding out the storm without further incident and we put their environment back in normal backup mode. Having everything ready ahead of time in this instance allowed our customer’s personnel to worry about their families instead of how to keep the company running.

SonicWall Turbocharges Innovation with Unprecedented Delivery of New Wireless, Mobile and Wired Network Security Products

SonicWall Press Release

KEY ANNOUNCEMENTS FROM SONICWALL

Sonicwall.png

 

  • New SonicOS 6.5, which includes more than 50 new features, powers SonicWall’s Automated Real-Time Breach Detection and Prevention Platform and is the biggest customer-driven SonicOS release in company history
  • New NSA 2650 firewall enables threat prevention over 2.5 Gigabit Ethernet wired and 802.11ac Wave 2 wireless networks, supports twice the number of DPI connections and offers 12,000 DPI SSL connections, an increase of 12X
  • New SonicWave 802.11ac Wave 2 wireless access points bring together high performance, security, and management into wireless networks with innovative pricing
  • New SonicWall Cloud Analytics application expands on management and reporting capabilities to empower better, faster and smarter security decisions
  • New Secure Mobile Access OS 12.1 ensures remote workers are protected with the same level of security from any location

PRESS RELEASE – SEPTEMBER 26, 2017

SANTA CLARA, Calif. — SonicWall, the trusted security partner protecting more than 1 million networks worldwide, announces an unprecedented range of advanced network security products and services that accelerate speed thresholds for its Automated Real-Time Breach Detection and Prevention Platform across wired, wireless and mobile networks.

“In a modern, hyper-connected world, there are no compromises,” said SonicWall President and CEO Bill Conner. “Our customers, and their end users, expect the best in real-time security, performance and analytics — regardless of network, device or physical location. This automated, real-time breach detection and prevention platform ensures organizations can build smart, consistent and sound security postures while meeting the speed, performance and cost-of-ownership demands of today’s businesses and their users.”

The platform enhancements include more than 50 new SonicOS features, a new high-performance firewall, a series of new 802.11ac Wave 2 wireless access points, an intuitive cloud analytics application and advanced secure federated single sign-on (SSO) capabilities.

“It’s imperative that any well-meaning, responsible organization take appropriate action to safeguard their networks, customer data and business as a whole,” said Jeff Wilson, senior research director for IHS Markit, a global information provider. “The threat landscape moves far too fast to rely on static solutions. More emphasis should be placed on real-time threat mitigation across wired and wireless networks. Companies of all sizes need to consider TLS/SSL decryption and inspection solutions as well, now that the majority of common internet traffic is encrypted by default.”

SonicOS 6.5 Boasts Modern Interface, Threat Intelligence API Capabilities for Security Automation

With more than 50 new features, SonicOS 6.5 is the biggest customer-driven release in SonicWall history. Highlighted by a modern, intuitive interface, SonicOS offers advanced networking and connectivity capabilities to optimize system availability, while scaling firewall performance to deliver uncompromised, uninterrupted threat protection for all connected networks.

“SonicWall products have always been very good, but the new SonicOS 6.5 is a giant step forward,” said Greg Thomas, owner of ComLogic, a SonicWall partner. “SonicWall is clearly visionary, not just in protection, but in analytics and usability as well. The new UI is fresh, relevant and easy to use.”

The operating system includes improved threat API capabilities to help businesses build automated security platforms that can leverage third-party threat intelligence feeds.

SonicOS 6.5 also features a suite of wireless features that enables security and connectivity for mobile users. Multi-domain authentication support also provides a simple and fast way to manage and enforce security policies across an entire organization.

New Multi-Gigabit Firewall Boosts Speeds, Adds Real-Time Security on Wired and 802.11ac Wave 2 Networks

Core to the platform expansion, SonicWall is unveiling the new SonicWall Network Security Appliance (NSA) 2650 firewall, which delivers automated, real-time breach detection and prevention, as well as TLS/SSL decryption and inspection, over multi-gigabit wired and Wave 2 wireless networks.

The NSA 2650 appliance is the first branch and campus firewall to support both multi-engine sandboxing via the Capture Advanced Threat Protection (ATP) service and full deep packet inspection of TLS/SSL-encrypted traffic for 2.5G wired and 802.11ac Wave 2 wireless networks.

With eight 2.5G Ethernet interfaces and 20 total ports, the NSA 2650 matches network throughput between multi-gigabit wired and 802.11ac Wave 2 wireless networks. Compared with the previous-generation NSA 2600 appliance, the NSA 2650 supports twice the number of DPI connections and offers 12,000 DPI SSL connections, an increase of 12X.

“One of our customers’ biggest challenges is ransomware, which is often sent around the internet using encryption,” said Spencomp Solutions security specialist Dominic Valois. “The NSA 2650, with high-speed TLS/SSL inspection, and the SonicWall Capture service, give them a whole lot more security from their firewall.”

To complement the NSA 2650 appliance, the new SonicWave series of access points meets the 802.11ac Wave 2 wireless standard, which features 4x4 MU-MIMO technology for best-in-class Wi-Fi performance, range and reliability.

“The new SonicWave access points give us throughput that matches our wired network,” said Dr. Michael Breen, Dean of Arts, Mary Immaculate College. “Whether someone is on a handheld device or directly wired to the network, the service is indistinguishable. Signal reception is consistently strong over a one-and-a-half-acre site.”

Centralized Firewall Security Analytics via the Cloud

Leveraging a powerful intelligence-driven engine, SonicWall Cloud Analytics is a new cloud application that is delivered as a service to customers and partners. It provides deep real-time visibility, insight and alerting for network traffic, user behavior and device activity from a centralized dashboard.

SonicWall Cloud Analytics empowers organizations to monitor, record, analyze and report security data for deep forensic analysis across multiple SonicWall firewalls and SonicWave wireless access points.

An extension of the recently introduced SonicWall Cloud Global Management System (GMS), SonicWall Cloud Analytics provides extensive drill-down investigative and forensic capabilities for deep security data analysis, including traffic, applications, threats, and user behavior and activities.

SonicWall Cloud Analytics — featuring real-time data presented in a structured, meaningful, actionable and easily consumable manner — enables security teams, analysts, auditors, boards, C-suites, and stakeholders to discover, interpret, prioritize and take appropriate defensive actions against both known and unknown cyber attacks or threats.

Extend Speed, Security to Remote Workforce

When employees are on the road, they require secure access to the same systems and applications they trust when on Wi-Fi or wired networks in the office. Not only must access be available anywhere, anytime and on any device, speed and security cannot be compromised.

To extend SonicWall security from wired and wireless networks to remote users, SonicWall Secure Mobile Access (SMA) 12.1 provides secure, policy-enforced access to email, file servers and corporate applications using federated SSO to both cloud and on-premise resources from authorized devices.

To defend corporations and security-conscious organizations against advanced cyber attacks, SMA now scans all file uploads with the SonicWall Capture ATP service, a cloud-based, multi-engine sandbox designed to discover and stop unknown, zero-day attacks, such as ransomware. This real-time sandbox approach ensures users have the same level of protection from zero-day threats when they are on the road as they have in the office.

Product Availability

For North American and European customers, SonicOS 6.5, NSA 2650 firewall and the SonicWave series of wireless access points are available immediately. SMA 12.1 and Cloud Analytics will be available in early Q4 in North America and Europe. For availability in other regions, please contact your local authorized SonicWall distributor for details.

About SonicWall

SonicWall has been fighting the cyber-criminal industry for over 25 years, defending small, medium-size businesses and enterprises worldwide. Backed by research from SonicWall Capture Labs, our award-winning real-time breach detection and prevention solutions, coupled with the formidable resources of over 18,000 loyal channel partners around the globe, are the backbone, securing more than a million business and mobile networks and their emails, applications and data. This combination of products and partners has enabled an automated real-time breach detection and prevention solution tuned to the specific needs of the more than 500,000 organizations in over 150 countries. These businesses can run more effectively and fear less about security.

 

Abtech Technologies is a leading SonicWall partner. Our engineers are fully certified in SonicWall technology.  We can design, implement and support any SonicWall solution to meet your security needs.

Ransomware - What To Tell Your CEO

Ransomware - What To Tell Your CEO

When your CEO says, 

“I need to discuss how the company is protected against ransomware”. 

Here is what you need to do.

 

 

CEO.jpg

I am sure many of you are have received countless emails recently from IT vendors telling you to buy their hardware or software because it is the “best way to protect against Ransomware”.  This is all well any good, but right now, you are probably more concerned with what you are going to tell your CEO when he or she asks

“What measures do we have in place to protect us against Ransomware attacks”

or

“Are we open to attack?”

Ransomware is one of the fastest growing industries on the planet.  There isn’t a week goes by without talk of somebody being attacked or a new threat emerging.  The reason;  because it is incredibly profitable for its creators, who are also difficult to trace.  

Ransomware is always evolving and becoming more sophisticated. Like any malicious code, it is often designed to attack the unprepared. 

 

Cryptolocker and Its Derivatives

Most Ransomware attacks use software, such as Cryptolocker or its derivatives, which enters a corporate network attached to an official looking email.  Often this looks like an invoice or other official document and is addressed to a member of staff..  Opening the attachment will immediately encrypt the data on the owner’s PC and any attached file servers.   This is swiftly followed by a message saying “pay a ransom in the next few days or your data is gone for good.”  Not a lot of fun and quite scary for the individual and the owners or the company.

 

WannaCry – Ransomware Steps Up a Gear

More recently ransomware has taken a new twist. “WannaCry”, also known as Wcry, WanaDecrypt0r or WannaCryptor works by exploiting a security hole in the Windows operating system. Microsoft issued a patch in March2017, but any systems that haven’t been kept up to date with security patches are vulnerable.  

This doesn’t need human interaction for the infection to occur so, the attack can be much more widespread.  The number of computers that can be infected by this type of ransomware virus can quickly run into hundreds of thousands.  The effect to the user and the target organization is the same.  The user’s system is encrypted and a ransom notice flashes up on their screen. However, the infection can spread to multiple systems in a single organization if systems aren’t patched up to date.

 
 

 

What Can You Tell Your CEO?

This conversation can follow two routes:

  • This is what we have in place.
  • This is what we need to buy.

The second option is likely to be less well received, but it is also a great opportunity to get funding for something you really do need, to protect the organization.

So, let’s look at the measures you can take:

  1. Patch your systems:  This is an easy one, unless you have a lot of systems.  It just involves time.  If you don’t have time, you should suggest that you outsource the patching to an external managed service company, who can manage it for you. 
  2. Invest in some good quality anti-virus software:  Anti-virus software vendors make it their job to protect you against the latest virus strains and will happily tell you if their software protects you against Ransomware viruses. This makes it easy to see if your software is up to the job. Again, if you don’t have suitable software, you can sign up for a managed antivirus service so someone else can make sure you are protected.
  3. Check your firewall:  Firewalls are designed to protect against outside attacks.  A recent blog article from SonicWALL, illustrates that they and other vendors are on top of things. Look for similar statements from your firewall vendor. If they can’t provide this, look to your CEO for budget for a replacement.
  4. Update your Backup Software: This may not be as obvious, but this can be your last and best line of defense.  If you assume that you will, at some point get infected, having the ability to recover systems without paying a ransom is quite important.  Modern back up software, that takes regular snapshots throughout the day and has the capability to spin up virtual machines, it the best way to avoid paying a ransom.  The infected system or systems can be isolated, formatted and re-imaged from a recent clean backup in a matter of minutes.  Clean virtual machines can also be spin up from the last clean backup, to replace the infected ones. 

This eBook goes into more detail and gives an example of where Abtech was able to recover our client’s main file server in less than an hour with less than 5 minutes of data changes lost. 

 

 

The Meeting with the CEO – A Happy Ending

Armed with this information you can go into that meeting with the CEO fully prepared.  Making a statement like this:

All our systems are up to date and we have protection through our firewall and antivirus software, but I recommend we invest in a new backup system to ensure we can recover quickly if we are attacked

will reassure your CEO and senior management even if it may cost them some money. 

 

Further Resources and Actions Microsoft Recommend You Take:  

Download English language security updates: Windows Server 2003 SP2 x64,Windows Server 2003 SP2 x86,Windows XP SP2 x64,Windows XP SP3 x86,Windows XP Embedded SP3 x86,Windows 8 x86,Windows 8 x64


Download localized versions for the security update for Windows XP, Windows 8 or Windows Server: http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598
Read general information on ransomware: https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx
Download MS17-010 Security Update: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx 

FAQs: 

Where can I find the official guidance from Microsoft? 

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ 

  

Is the update available for Windows 2003 & Windows XP as well? 

Yes. The link for download of the update is available at the end of this article 

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ 

  

Will the update run on unlicensed Windows? 

It is recommended that the update is run on a licensed version. 

 

What about Windows 2003 R2? 

The Windows 2003 update should get applied on Windows 2003 R2 as well.   

 

Will the installation of the patch, prevent the occurrence of ransomware? 

No. Applying MS17-010 is just preventing the malware from spreading, not giving protection against the infection itself. Based on reports, this malware is using Social Engineering to target companies.Please warn your users to not open, click or enable macros on email reception. 

  • The priority is that your anti-virus can detect the malware. 
  • Verify that you have up-to-date signatures, along with patching the Windows systems 
  • Make sure that users have the level of knowledge required to never click on suspicious attachments even if they are displayed with a familiar icon (office or PDF document). Where an attachment opening offers the execution of an application, users must under no circumstances should accept the execution and in doubt, users should you consult and/or consult the administrator. 
  • Implementation of strong filtering in O365: 

http://blogs.msdn.com/b/tzink/archive/2014/04/08/blocking-executable-content-in-Office-365-for-more-aggressive-anti-malware-protection.aspx 

  • Exchange Online Protection 

            http://TechNet.Microsoft.com/en-us/library/jj723164(v=Exchg.150).aspx 

            http://TechNet.Microsoft.com/en-us/library/jj200684(v=Exchg.150).aspx 

            http://TechNet.Microsoft.com/en-us/library/jj723119%28V=Exchg.150%29.aspx 

  

Security tips to Protect against Ransomware 

https://social.technet.microsoft.com/wiki/contents/articles/29787.microsoft-protection-center-security-tips-to-protect-against-ransomware.aspx 

  

Is the ransomware effective only if the user has administrative rights on the client machine? 

No. This piece of ransomware, like most of others, once executed, encrypts all files it can reach in the context of a user, if the user is an admin on the box the outcome is more devastating. In addition, this ransomware also tries to disable shadow copies and make some registry changes in HKLM hive which require administrative privileges. 

When it tries to spread, it uses a vulnerability, which once exploited gives the malware SYSTEM level access on the target system. All this means that this attack maybe very successful and destructive even if the users don’t have admin privileges on their unpatched workstations/servers. 

  

Is only disabling SMB v1 Server (LanmanServer) on all our machines helps us to protect from this vulnerability? 

Patch installation would be the first option. To answer the question, Yes. SMBV1 should be removed, but in a planned way. Please refer the below link 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/ 

  

Do we need to disable SMB v1 client (Lanmanworkstation) as well on all our machines? 

No. It is only the SMBv1 server component (which means Lanmanserver), on the client machine and not Lanmanworkstation on the client machine. 

  

What is the impact of removing SMBv1? 

  • You’re still running XP or WS2003 under a custom support agreement 
  • Windows XP will not be able to access shares on a Windows 2003 Server or any other Operating System 
  • Windows Vista and above Operating System will not be able to access shares on a Windows 2003 Member Server or Domain Controller (if you still have them in the environment) 
  • You have some decrepit management software that demands admins browse via the ‘network neighborhood’ master browser list 
  • You run old multi-function printers with antique firmware in order to “scan to share” 

  

Please refer the below article for more details 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/ 

  

If we must disable smb v1 Server service, what are the registry values to disable it? 

When using operating systems older than Windows 8.1 and Windows Server 2012 R2, you can’t remove SMB1 – but you can disable it: KB 2696547- How to enable and disable SMBv1, SMBv2, and SMBv3 in Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 

Please refer to the below link for more details 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/ 

  

How do we know SMB v1 is active in our environment?  Can we proactively check it? 

Yes. Please test this, before using in the production environment. 

https://blogs.technet.microsoft.com/ralphkyttle/2017/04/07/discover-smb1-in-your-environment-with-dscea/ 

  

Windows 2016 and Windows 10 provides a way to audit usage of SMBv1, which can be found here 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/ 

  

Is Windows 10 affected as of now? 

https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/
The exploit code used by WannaCrypt was designed to work only against unpatched Windows 7 and Windows Server 2008 (or earlier OS) systems, so Windows 10 PCs are not affected by this attack as of now.
 

  

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
Customers running Windows 10 were not targeted by the attack today.
 

  

Windows 10 systems also need to be patched, because the variants can be developed. In addition to this, it would be recommended to remove SMBv1 from the clients and Windows servers, after doing a complete review of the below mentioned article. 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/

How long can your business afford to be offline?

How Long Can oOur Organization Afford to Be offline

Businesses have many different mission critical apps that could potentially be affected by a network outage. Losing connectivity for even a short amount of time could cause businesses to hemorrhage revenue. Let's look at how businesses are vulnerable to being offline, what causes downtime and how companies can protect themselves.

What business assets are vulnerable to downtime?

Businesses are increasingly reliant on their network for more than just the cloud-based applications that they depend upon. A typical retail business might have an array of services that could be affected by an offline network.

  • Point of sale terminals in the front of the store.
  • WIFI networks that a business's customers might need to access.
  • The WIFI and wired network that's dedicated to your employees.
  • Surveillance cameras and VoIP phones that connect to the network.
  • The back office equipment room that has racks full of servers.
  • Visual signage and digital kiosk space.

How downtime can affect credit card processing

Network security is critical for any businesses running credit card processing. You need to maintain your PCI compliance, which means locking down the security both locally and remotely. Companies should be monitoring all the traffic that is accessing its network. Companies might not have on-site IT to manage these various network resources. If not, you'll need a capable cloud management solution for managing, monitoring and deploying your various network devices.

But PCI compliance is the least of your worries when access to the credit card networks go down. If a business can't process transactions electronically, then they'll have to resort to storing and forwarding transactions. Credit card fees can be extremely high for store and forward transactions. Having to store and forward many small transactions can kill a business's profitability.

  1. If you have a network connection, the credit card fees average 2-3%.
  2. If the network connection goes down, the fees that a business incurs can be as high as 30% for small transactions.

Downtime caused by human error ... and squirrels

There's a high cost to your business being offline. It's estimated that nearly a trillion dollars of revenue are lost each year to network downtime. And although network administrators do their best to keep networks online, 60% of all network failures are due to human error. It could also simply be the matter of a construction crew digging up a trench in the wrong spot. Poof! There go all your DSL, cable and T1 wired connections. It turns out that squirrels account for another approximately 17% of network downtime. In 2010, Yahoo was taken down by squirrels chewing on wires in its Santa Clara, California data center.

 
 

No business is immune to these outages. It doesn't matter whether it's through natural disasters or human error, these episodes are going to happen. In the retail industry, margins are razor thin. Your downtime might have only lasted a few hours, but it can be the difference between having a positive or a negative quarter. Downtime also affects the quality of the customer experience. If the customer comes in and you aren't able to access their records, that's not an outcome you want to see repeated.

Downtime caused by natural disasters

Businesses also need to prepare themselves for natural disasters and other unforeseen network disruptions. Hurricanes and tornadoes can take out miles of infrastructure in a flash. Natural disasters will almost always take out the wired infrastructure first. During a hurricane, water gets into the wires in the ground and knocks out networks. Many businesses deploy routers in remote locations so that they can have secure backup Internet connectivity.

Preparing for Disaster in the Workplace

When you're in the workplace, one of the keys to having a successful business, is planning ahead at all times.  With that said, while many companies do prepare for these unexpected events, they often don't take disasters into consideration. Planning for unexpected disasters, such as a power failure or a ransomware attack, is crucial for keeping your business safe.

Ransomware

So how should businesses prepare for these incidents?  Here are a few things to keep in mind.

#1. Educate Your Employees

It's one thing if you're prepared for disaster, but what about your employees? It's essential to remember that teamwork plays a key role in all this. What someone else does in the workplace, could have a major impact on the entire company, for better or worse. As an example, let's say you were familiar with the dangers of ransomware, and how to avoid it. Your employees, on the other hand, weren't knowledgeable. You had better teach them the basics, or they might end up making a careless mistake. Preparing for disaster isn't just about you, everyone in the business needs to know their part as well.

#2. Plan For Each Disaster

Initially, this might seem like a lot of work, but that's not necessarily the case. You don't need to create a plan for every disaster, but you should know how to handle each incident. As I had mentioned earlier, each disaster in the workplace can't be handled in the same way. As an example, let's make a comparison between a power failure and a natural disaster. For the former, all you'd have to do is make sure your info is backed up on a regular basis, particularly via cloud computing. A method that allows you to store your information virtually, even the most severe incidents would have no impact on your data. For the latter, however, it's a different case. Considering natural disasters could have an impact on your building, you need to have a plan that goes beyond storing your data. If there's a hurricane, are you moving your equipment to higher ground? Do you have another building to transfer your data to? These are some things to keep in mind.

#3. Cloud Computing

Of all the ways to prepare for disaster, cloud computing is easily the most effective. As I had mentioned before, this method allows you to store all data virtually, and it becomes accessible on any device with Internet connection. Whether you fall victim to ransomware, or end up spilling coffee on your keyboard, these disasters will have no effect on your virtually accessed info. Even more so, use cloud computing is also an exercise in keeping your data backed up on a regular basis. Many businesses are too laid back about their files, keeping everything on their desktop, and sometimes even backing everything up at the last-minute. Cloud computing is a smart decision, because it allows you to focus on other aspects of your business, without always having to worry about worst case scenarios.

For more information about preparing for disaster in the workplace, as well as the importance of disaster recovery as a service, feel free to contact us today at Abtech Technologies. We offer a range of security products that not only protect your sensitive information, but also assess compliance and overall security of your network. We look forward to hearing from you, and assisting you in the best way possible.

Dell EMC Storage Strategy

Dell EMC Storage Strategy

"Expanding The Horizon for Dell EMC Midrange Storage Customers  (taken from DellEMC blog article published September 2016)"

Here we are as Dell EMC, and we’re champing at the bit to show our customers, partners and the world what we’re made of as a combined business. We were already recognized as the leader in data storage pre-merger and together we’re going from strong to stronger, now number one across all combined mid-range markets in which we play. If you’re a customer or partner of either company this bodes well for you, as Dell EMC can now offer an even greater choice of world-class products from a single vendor, which has become the largest privately controlled IT company in the world.

Since we started this journey nearly a year ago, we’ve had a number of questions from customers about our plans to support the midrange storage portfolios that are coming together. Let me confirm that we are 100% committed to supporting both EMC Unity and the Dell SC Series (Compellent) going forward. Why? Let’s start with a look at what both product lines have brought to the combined business and then fast forward to see what the future holds.

The Dell EMC midrange businesses represent:

  • Market share of 29.4%, nearly double that of our nearest competitor.
  • Leadership across all price bands. [i]
  • $5 billion in combined revenues [ii] within a total addressable market of more than $17 billion.
  • More than 100,000 existing, passionate storage customers [iii], with the heritage of both EMC technologies well positioned in large enterprises and of Dell’s incredible strength in the entry-level and mid-markets.
Dell EMC Entry and Midrange Storage
Leadership dell emc midrange storage

The Combined Dell EMC Midrange Portfolio – Go Forward from Today

Dell EMC’s midrange portfolio now has a scale and breadth that is without comparison in our industry. Our combined midrange offerings are the strongest they’ve ever been as, this year, we have launched new products such as Unity Flash storage systems and made powerful enhancements to the SC Series OS. This all adds up to a combined portfolio for our customers and partners that is unmatched elsewhere in the industry.

 

Portfolio Approach = A Win-Win for Customers and Partners

While single “point solutions” may be temporarily viable for one-trick, cash-burning startups and niche players, neither Dell, nor EMC has ever believed ‘one-size fits all’ is the best approach because it limits choice and flexibility. It’s not about us; it’s about our customers, so we focus on offering a continuum of solutions. This means we’re able to tailor our offerings for specific customer needs, by combining unique capabilities from across our broad portfolio. As Dell EMC, we can bring customers an even deeper portfolio approach to midrange storage. Together, we can ensure choice of the right product for an even wider spread of our customer’s needs at the optimal price and performance, now covering almost any use case.

As a combined business, Dell EMC is the midrange segment leader in market share and offers two strong and distinct product families that meet customer needs from entry-level into upper midrange storage. For the sake of simplicity, let’s refer to them as Dell SC Series and EMC Unity. There are clear distinctions in both the use cases and scale that each product family addresses.

SC Series: Value-Optimized Mid-Market Proven Storage Systems

The Dell SC Series is a value-oriented family with a proven track record in many small and medium businesses. In analyzing the SC customer base, we’ve seen distinct areas of strength where Dell is the server vendor. Focused on value and ease-of-use, the automated data placement and data efficiency features provide performance at a low price. The range of configurations includes all-flash, hybrid and disk-only configurations. Ideally suited to smaller deployments across a variety of workloads, the SC Series products are easy to use and value optimized. We will continue to optimize the SC Series for value and server-attach.

Unity Family: The Ultimate in Simple, Flexible, Unified Storage

The EMC Unity family is able to address most general-purpose midrange customer requirements for block, file, and unified workloads with configurations for all flash, converged, hybrid and virtual deployments. The Unity architecture will continue to be optimized for simplicity, flexibility and affordability. In just a few more weeks, we will announce a powerful Unity code update to expand its all-flash data services, increase its category-leading density and provide advanced cloud services.

With such incredible assets and customers, the Dell EMC strategy is to retain both product families and continue investing in them according to their strengths. That benefits us, because it benefits our customers. It’s a strategy we believe supports customer choice and leaves no gaps for the competition.

While we are leading with Unity and SC Series for our midrange customers going forward, we will continue to support our N-1 platforms from both Dell and EMC. Customers can continue with their current products and then choose to evolve over time as Dell EMC invests more in seamless management and mobility across our product set.

For migration, management and mobility, we’ve got our customers covered. We already have EMC ViPR Controller – which is a common storage management platform across multi-vendor storage arrays. In addition, we have world-class data protection across Dell and EMC storage with EMC Data Domain, EMC Avamar, and EMC NetWorker. EMC RecoverPoint and EMC VPLEX can also be used today for replication between Unity and SC Series to facilitate easy coexistence and data mobility.

 

Bottom line

Dell EMC is better together, and we’re making sure that this is true most of all for our customers, who will be able to stick with what is most familiar and comfortable for them. Both Unity and SC Series product families will continue well into the future with support and R&D that will further develop their capabilities to handle the most diverse set of midrange use cases and workloads. The level of quality, product functionality and support that our customers have come to trust and appreciate will be a minimum baseline for Dell EMC today, and it will be the foundation from which we will exceed customer expectations in the future.

Don’t let End of Service Notices Drive Your Infrastructure

IT equipment needs to be replaced and updated after a while. It makes sense to replace it when it's no longer reliable, when requirements change, or when upgrading will give a big performance improvement at a reasonable cost