dellemc-ci-vxrail-homepage

Why move to the Dell|EMC VxRail for your next upgrade?

Why move to the Dell|EMC VxRail for your next upgrade?

HYPERCONVERGED. One of the many buzzwords thrown around today amongst the litany in the IT industry. What is Hyperconverged and how can it help revolutionize your daily business operations? Many years ago, the need for more and more applications caused data centers to grow, so did the need for additional servers. Servers were standalone, single points of failure for data availability. Since the hard disks resided in each individual server, any failures that occurred on that server would cause data to become unavailable until the issue was resolved. This resulted in extended periods of application inaccessibility and loss of productivity. To help solve the issue of a single point of failure, administrators turned to external storage arrays for better utilization of computing hardware and data availability across the compute stack. Enabling data availability to multiple compute resources, the external storage array became common place in the data center and remains so to this day. The storage array solved the problem of data availability for the compute but introduced the added complexity of daily management tasks and maintenance of the array. Many datacenters today still rely on multiple arrays for data accessibility and often from many different vendors resulting in multiple points of contact for problem resolution causing frustration and downtime. A Hyperconverged solution does away with the need for an external storage array and brings your compute and storage hardware back under one roof. Hyperconverged allows local disk storage on servers to be accessible amongst all the servers in the stack.

How is this possible?
VMware vSAN

VMware is the industry leader in virtualization and has continued to mature with a multitude of products and features. Out of that evolution, VMware vSAN was introduced to solve the problem of having to utilize a traditional external storage array.

The Dell|EMC VxRail leverages the vSAN technology and has brought storage back under the same roof by utilizing the local disk drives in the latest generation of Dell|EMC PowerEdge servers. The days of separate physical servers and a separate storage array have been replaced. The introduction of VMware vSAN brought the standalone physical server populated with local hard disks back full circle and allows for continuous uptime and availability.

As for day-to-day management, this is all orchestrated by an interface many administrators are familiar with, VMware vCenter.

VxRail architecture is built on a scale up and scale out methodology. As additional compute and storage resources are required, additional nodes are added to the existing stack allowing your virtual infrastructure to grow with your business needs, all without interruption to daily operation.

The Dell|EMC VxRail solves numerous problems commonly found in datacenters today.

Ease of updates

Now that the storage array is no longer necessary, updates are contained in one easy to install package. All firmware and patches are combined by Dell|EMC and VMware for a hassle-free update process. No need for separate software packages for disparate hardware and possible maintenance windows. It really is the easy button for keeping your virtualization stack up to date.

VMware vCenter – Minimal learning curve

Many system administrators are right at home with this tool. VxRail leverages vCenter as the main interface for your day-to-day operations. VxRail is built utilizing the VMware vSphere platform, there is next to no learning curve when bringing VxRail into your data center, just continue operations as usual. If you have yet to embark on the VMware journey, the intuitive tools and user-friendly interface turn the learning curve more of a slight incline.

Single point of contact for support

Sometimes just keeping the lights are the biggest challenge a system administrator can face. Nothing can make this more difficult than having to deal with multiple vendors who might not take responsibility when an issue arises. The VxRail solves this problem by having a single point of contact for issue resolution. No longer do you have to contact separate vendors for software or hardware issues as the VxRail is all inclusive. The hardware and software support process has been streamlined by Dell|EMC technical support.

Contact the VxRail experts at Abtech Technologies to further discover how the Hyperconverged VxRail platform from Dell|EMC can solve some of the most difficult challenges in your datacenter.

 

 

Ransomware red button on keyboard, 3D rendering

How Protected Are Your Backups Against Ransomware?

How Protected Are Your Backups Against Ransomware?

Ransomware today is big business for criminals, so profitable that we are seeing more organized crime and nation-state actors getting involved. The threat landscape today is larger than ever with supply chain attacks targeting major vendors and pushing compromised software updates as seen in the 2021 SolarWinds incident or shipping conglomerate Maersk in 2017. Each week we hear news of a well-known organization or public utility falling victim to ransom demands before data gets destroyed or sensitive information leaked. With the proliferation of untraceable crypto currencies reaching record monetary highs and ever more sophisticated encryption methods – the profit potential is higher than ever.

Experts say the best defense against ransomware is a good backup, but what if your backups get encrypted and held for ransom? What is the cost of not having a reliable backup?

Backups are the literal last line of defense against falling victim to ransomware. No longer should we consider backups an afterthought in case of a deleted file or recovering a previous version of a file overwritten by accident. Successful backup restoration is the single point of failure between paying a ransom and successful restoration of encrypted files. Backups, therefore, need to be protected at all costs.

Modern-day ransomware almost always scans for and targets the local backups first during the initial phases of infection. This is being seen in compromised Exchange Servers exploited from the March 2021 Hafnium attack.

If the ransomware can encrypt the backups or delete backups before the protected computers get encrypted, the higher the chances of collecting the ransom to recover the files. This makes protecting the backups ever more important, as it has become the definitive line in the sand between paying a ransom and recovering the files or losing everything.

Can we trust a criminal to hold their end of the bargain when paying a ransom? Paying a ransom also lets the unknown attacker put a value on this data and increases the likelihood of reoccurrence. Who is to say they will not try again? This makes offsite backups that much more important.

One of the best and often proven backup strategies is keeping a copy of the backups offsite or air-gapped. An air-gapped or off-site backup is an offline copy of the data and far less likely to fall victim to ransomware from a compromised network. This increases the chances of recovery and minimizes the chances of having to pay an actual ransom. A cloud-based backup can be a defining point between a business losing all its data and the need to pay a ransom. The question about a business having offsite backups is now getting asked from cyber liability insurance companies and is becoming a requirement for coverage.

However, just storing data offsite is not enough, downtime from ransomware can be significant ranging from days to weeks of lost revenue. This can be incredibly detrimental to a business’s bottom line. The time for recovery entirely depends on the method used for offsite backups.

One of the best methods for dramatically reducing downtime in case of an incident is performing a cloud-based spin-up. A cloud-based spin-up allows for business-critical servers to come online in a protected cloud environment while recovery and remediation take place at the original location. The replicated backups are physically air-gapped and with a proper retention policy in place, we can restore the data to a point in time before the ransomware encryption. This allows employees and businesses to recover from an incident in a much shorter time frame than restoring from backups to a compromised system. A cloud-based spin-up also allows IT staff to investigate and remediate a current infection and recover from the attack and keep business functioning at the same time.

However, a business’s ability to recover is only as good as their last tested backup. Just replicating backed-up data to the cloud is not enough. It is no longer an “if” for a business to be compromised, but more of a when? Therefore, it is imperative to schedule testing of the backed-up data to the cloud regularly.

All we need to do is imagine the scenario of finding out the backed-up data is not good and what implications it will have. As it is often said, an ounce of prevention is worth a pound of cure. Protecting backups from ransomware is now more important than ever. It can mean life or death for a business.

Fortunately, Abtech has a range of services that meet these needs, under our StorTrust brand. The key benefits include:

  • It is a fully managed service. Abtech manages the recovery so you can concentrate on other issues you may have within the business.
  • The service includes an annual test, so you can be sure your recovery will work.
  • We can provide fully air-gapped solutions as part of our service for the ultimate protection.
  • We include the ability to run your systems in our cloud for up to 30 days for no additional cost. This gives you and your staff time to clean your systems or order new ones.
    If you would like to know more, please call us on 1-800-474-7397 or email info@abtechtechnologies.com
 
cyber_safety

Is Your Data Really Safe?

Is Your Data Really Safe?

The key to understanding whether or not your data is safe lies in understanding the threats to it. Most attackers will attempt to come in by several very common avenues.

Every organization will face different threat levels. For example, if you’re in finance or are a utility company, you’re going to be facing more persistent and creative angles of attack than a small locally-focused shop will. That doesn’t mean that there is any one type of business or set of circumstances where you can just forget about security, however. The internet is crawling with hackers and automated malware, and there’s always some willing to grab up low-hanging fruit if the right door is left open.

Be sure to consider all of the following possibilities when reviewing your network security policies and procedures.

“Phishing” and Social Engineering Attacks
So-called “soft” attacks in which hackers attempt to exploit company employees have become much more common than attacks against the software or hardware of the network. That’s because they’re much easier to pull off and actually have a higher rate of success.

The main angle of attack is by email. Attackers can mass-mail to everyone in the company, but they may also do some homework and try to target specific entities by profiling them using publicly available information. Whatever the case, the endgame is the same; get the employee to either open a tainted email attachment, or to follow a link to an attack site that automatically installs malware.

The most common varieties of malware that will be installed are keyloggers or ransomware. A keylogger sits in the background and records keystrokes, possibly also taking periodic screenshots, and quietly forwards these to the hacker so that they can steal login information and private data. Ransomware encrypts vital files on the network, and the hackers then demand a payment (or two, or three) in return for the password to unencrypt them.

The biggest first step in defeating phishing attacks is to ensure that all email clients used on the network do not automatically download or run attachments! While mass-mail phishing attacks are usually easy to spot, a targeted attack may come from a “spoofed” email address that seems to be legitimate. Employees should be instructed to verify with the other party by phone or instant message if an unexpected attachment is sent or if they are asked to visit an external site out of the blue. As a safeguard against ransomware, you can also run automated “snapshot” systems that periodically send backups of network data to both the cloud and a local storage system.

Documented Software Exploits
While nearly every business has some data a hacker wouldn’t mind having, some are much more interesting than others. For example, a company like Google or Goldman Sachs will regularly employ teams of hackers called “penetration testers” who try to find completely new and novel ways to break into their systems, ensuring they are on the cutting edge of security at all times.

A more “average” business doesn’t face this kind of advanced threat. If the data they are guarding isn’t particularly juicy, hackers will generally try known exploits against the software they are running and move along if none of them work. So how do you protect against these exploits? Primarily, it’s by making sure you have the latest updated versions of each piece of software and app, as they receive continual security patches against newly discovered vulnerabilities. Old, discontinued software should also be replaced with something more modern, as new vulnerabilities will no longer be patched.

Discarded, Recycled and Lost Devices
Simply moving data to the recycling bin on the desktop doesn’t make it disappear. If old electronics are to be sold or recycled and are still functional, they need to be cleaned with a good “hard disk wiping” program like DBAN that scours them to eliminate residual data. If you’re simply disposing of an old drive, have it shredded. Don’t forget that devices like copiers, printers, and old phones also have internal drives that store data!

Employees losing company phones or devices will happen from time to time, but you can secure against this mishap by mandating strong unique passwords for each device and two-step authentication for logins. It would also not hurt to encrypt data on devices that go out into the wild with a unique key that can be revoked later if they go missing.

Internal “Turncoat” Attacks
The toughest data security issue to deal with is the possibility of a trusted employee going rogue. Mitigation in this area primarily comes down to identifying privileged accounts and monitoring them appropriately, as well as removing credentials ASAP when such an employee leaves the company.

1663158678005

Is Cloud Computing Right For Your Business?

Is Cloud Computing Right For Your Business?

In today’s era of technology, having your data available on multiple servers and devices is important. Not only is it great for security purposes, but it’s also an exercise in self-discipline. After all, your sensitive data is one of the most important aspects in the workplace. By keeping your info stored on the Internet, you’re taking things seriously in the business. Speaking of which, what is cloud computing? Generally speaking, it means storing and accessing data over the Internet instead of your computer’s hard drive. Hence, as long as there’s a device with Internet connection, you can easily access your data. With that said, even though many businesses have invested in the cloud, that doesn’t mean every company needs to use it. Is cloud computing a right fit for your business? Here are a few questions you should ask.

#1. Is Your Information Secure?
Before investing in the cloud, you should consider whether your data is already secure or not. While it’s true that cloud computing is one of the best methods for keeping your data secure, remember that most businesses invest in it in the first place, because their files aren’t secure enough. Believe it or not, there are several other security methods if you feel the cloud isn’t right for your business. Not only could you keep your data backed up through multiple servers, but have you considered using a USB flash drive as well? While some businesses don’t use it due to the small size, it’s efficient for keeping your files stored and secure. Not to mention that you can upload your files on to any computer in the workplace.

#2. Can Anyone In The Workplace Access Your Files?

Before investing in the cloud, you should also consider whether others can easily access your files or not. For example, are your files already locked behind a server with a secure password? If the answer is no, then cloud computing would be your best option. If the answer is yes, then your files are definitely more secure than you think. Overall, limiting access of your files from others is important, especially in the workplace. After all, many times, it’s those in the workplace who might be looking to access your data. Lastly, remember that just because cloud computing is one of the best options for storing and securing your data, doesn’t mean it’s the only one.

#3. Are You Usually in the Office?

One reason many businesses invest in cloud computing, is because it gives them easier access to their data. Remember, because you can access your files from any device with Internet connection, this is a huge convenience for business owners who are always out of the office. For example, let’s say there was a business owner who was always traveling. Obviously, they would need a way to access their files at all times, and the cloud greatly compensates for this. However, if you’re a business owner who’s always in the office, you wouldn’t need constant access to your files.

Overall, these are some important questions when considering cloud computing. Check to see if your information is already secure enough, whether others can easily access your files, and if you’re usually at your office computer.

For more information about how to decide whether the cloud is right for your business or not, feel free to contact us today at AbtechTechnologies. Our business offers a range of security products and services that will provide protection of your sensitive information and will augment business continuity by assessing compliance and overall security of your network. We look forward to hearing from you, and assisting you in the best way possible.

prepare-for-all-types-of-emergencies-in-the-workplace_storee-scaled (1)

Preparing For Disaster in the Workplace

Preparing For Disaster in the Workplace

When you’re in the workplace, one of the keys to having a successful business, is planning ahead at all times. For example, not only do you need to have a business goal for your company, but contingency plans are important as well. Nothing is ever set in stone, so you might need to make adjustments to your end plan. For example, what if your sales goal didn’t end up as expected? This is why you should always be prepared.

With that said, while many companies do prepare for these unexpected events, they often don’t take disasters into consideration. Planning for unexpected disasters, such as a power failure, is crucial for keeping your business safe, among other things. Speaking of which, how should businesses prepare for these incidents? After all, each disaster in the workplace can’t be dealt with in the same way, and some require more drastic measures. Here are a few things to keep in mind.

#1. Educate Your Employees
It’s one thing if you’re prepared for disaster, but what about your employees? It’s essential to remember that teamwork plays a key role in all this. What someone else does in the workplace, could have a major impact on the entire company, for better or worse. As an example, let’s say you were familiar with the dangers of ransomware, and how to avoid it. Your employees, on the other hand, weren’t knowledgeable. You had better teach them the basics, or they might end up making a careless mistake. Preparing for disaster isn’t just about you, everyone in the business needs to know their part as well.

#2. Plan For Each Disaster
Initially, this might seem like a lot of work, but that’s not necessarily the case. You don’t need to create a plan for every disaster, but you should know how to handle each incident. As I had mentioned earlier, each disaster in the workplace can’t be handled in the same way. As an example, let’s make a comparison between a power failure and a natural disaster. For the former, all you’d have to do is make sure your info is backed up on a regular basis, particularly via cloud computing. A method that allows you to store your information virtually, even the most severe incidents would have no impact on your data. For the latter, however, it’s a different case. Considering natural disasters could have an impact on your building, you need to have a plan that goes beyond storing your data. If there’s a hurricane, are you moving your equipment to higher ground? Do you have another building to transfer your data to? These are some things to keep in mind.

#3. Cloud Computing
Of all the ways to prepare for disaster, cloud computing is easily the most effective. As I had mentioned before, this method allows you to store all data virtually, and it becomes accessible on any device with Internet connection. Whether you fall victim to ransomware, or end up spilling coffee on your keyboard, these disasters will have no effect on your virtually accessed info. Even more so, use cloud computing is also an exercise in keeping your data backed up on a regular basis. Many businesses are too laid back about their files, keeping everything on their desktop, and sometimes even backing everything up at the last-minute. Cloud computing is a smart decision, because it allows you to focus on other aspects of your business, without always having to worry about worst case scenarios.

For more information about preparing for disaster in the workplace, as well as the importance of disaster recovery as a service, feel free to contact us today at Abtech Technologies. We offer a range of security products that not only protect your sensitive information, but also assess compliance and overall security of your network. We look forward to hearing from you, and assisting you in the best way possible.

Dell_EMC_630X300_1

Dell EMC’s Current Positioning and Product Portfolio

Dell EMC’s Current Positioning and Product Portfolio

Dell’s acquisition of EMC Corporation was the largest tech buyout in history. The primary focus of it was to position Dell as a leader in the emerging “Internet of Things” market, or smart connected devices ranging from household appliances to vehicles. This also greatly expands their range of enterprise and data storage offerings, however, particularly in the software as a service (SaaS) and platform as a service (PaaS) realms.

The merger came as both companies were facing some internal challenges and looking to reinvent themselves to some degree; Dell going private and pivoting away from hardware and to the virtual space, and EMC making a somewhat similar move from physical data storage devices to cloud storage services and analytics.

The two companies were already moving in complementary directions, which looks to offset the traditional disadvantages seen when companies that are both in flux merge. HP and IBM, the new company’s two closest competitors, are also facing similar struggles and pivots that keep them from bounding ahead in the market.

The new company is now vastly expanded in size and scope as compared to its previous constituent components. Dell EMC is worth an estimated $74 billion, which would make it the largest privately held tech company in the world, and has nearly every Fortune 500 company as a customer for at least some of its products. The company has about 140,000 employees worldwide.

The Dell EMC Product Portfolio

STORAGE
Dell EMC’s data storage products run the gamut from flash to NAS systems, with all sorts of hybrid solutions in between. Noteworthy additions to the Dell lineup from the merger include EMC’s VMAX for larger businesses, the all-flash Unity and VNXe systems for smaller businesses, and simplified cloud systems like ScaleIO and Elastic Cloud Storage.

SERVERS
Dell’s PowerEdge server system remains in place, offering blade, tower or rack-mounted servers in five total form factor options to businesses of all sizes.

INFRASTRUCTURE
EMC brings their range of data center products to the catalog including the VxBlock, VxRack and VxRail systems. Complete IaaS or PaaScloud-based systems are also available in both native hybrid and enterprise forms.

SECURITY
Dell EMC’s data security services remain under the umbrella of the RSA Archer eGRC platform, which EMC had been operating as a subsidiary prior to the merger. This is a customizable platform meant to encompass as many aspects of a business as desired including encryption, access control, web and database security.

HARDWARE
Despite the recent pivot, Dell still does sell quite a bit of PC hardware. This includes the lineup of desktops and laptops the company first became known for, as well as workstations, servers and storage devices. Dell also remains in the business of supplying printers, monitors, routers and other accessories, both under their own brand name and selling other brands through their website and retail stores.

VMWARE
VMware continues under the merger as an independent Dell EMC subsidiary. It remains publicly traded even though Dell is private and EMC has gone private under the terms of the merger. VMware was the first virtual system to replicate x86 architecture and has experienced a 100% growth rate annually in recent years.

ALIENWARE
Alienware has become the leading brand name synonymous with prepackaged high-end gaming PCs and laptops. The company also recently debuted the Alienware Alpha R2, a hybrid of gaming console and computer that runs Windows 10. The company has operated as a subsidiary of Dell since 2002.

Other Dell and EMC subsidiaries that continue in their prior roles under the Dell EMC name include SonicWall, Wyse, Gale, Credent, AppAssure, KACE and Boomi QS. Though the two companies were in the midst of some difficulties prior to the merger, there are difficulties that are shared to a great degree by their major competitors, thus keeping the overall market position of Dell EMC products and services looking favorable.

GettyImages-962404026-e1542666118749

Dell EMC – Future Direction for Mid-Range Storage

Dell EMC – Future Direction for Mid-Range Storage

Dell and EMC became one company, Dell Technologies, on September 7th, 2016. This made it the largest data center infrastructure supplier in the world. It also brought together a wide range of different and in some cases, competing storage technologies.

What does this mean to current Dell and EMC storage customers and what does the future roadmap look like. As a Dell and EMC partner, Abtech Technologies has been given first hand access to this information and our engineers have also given their viewpoint on which technology fits which application.

Unity and SC (Compellent) – The way forward.
Dell has been putting much more emphasis on its SC range of storage arrays recently. The SC4020 and the new SCv2000 range are both aimed squarely at the affordable end of the midmarket for block and file storage applications. For larger environments, the new SC7000 and SC9000 platforms will scale in terms of both capacity and performance.

EMC has recently released its new Unity platform of unified storage. Designed entirely from the ground up, Unity offers a solution for both block and file data in a single array platform that is easy to configure and manage. Unity is best suited to customers with mixed block and file storage requirements and those that require maximum scalability (up to 10PB).

Here is an excerpt from the mid-range storage presentation at DellEMC World, which shows how DellEMC is positioning the two platforms:

The following table compares the maximum specs and features of the two platforms currently:

Legacy Dell EqualLogic Customers
The PS-Series platform is still available but Dell has made no secret that it is moving customers to the SC platform. The SCv2000 and SC4020 series are priced competitively and offer future-proof options to replace legacy EqualLogic arrays. The SC interface is similar to the current PS (EqualLogic) series and replication between PS and SC is now available. This makes migration and training less of an issue for existing Dell customers. Dell has also introduced a number of discount programs through their channel partners to incentivize EqualLogic PS customers to upgrade to SC Series.

Legacy PowerVault Storage Customers
As with the PS-series customers, PowerVault customers are encouraged to look at the entry level SC storage. The PowerVault will continue to be made available and is still the platform of choice for low cost, but high performance, scalable mid-range storage. However, the SC series will eventually take over this role and customers should consider this route to be completely future proofed. Channel only promotions are currently available on additional trays for PowerVault MD arrays including flash configurations.

Legacy EMC VNX and VNXe Customers
The VNX and VNXe have been EMC’s mid-range platforms for several years. They offer a wide range of controllers options and both SAN and NAS capabilities. However, EMC took the decision to completely re-engineer the platform to create Unity. Like customers on the Dell side, legacy VNX and VNXe customers should consider the new Unity platform if they are looking to refresh their storage.

PLEASE CALL ABTECH ON 1-800-474-7397 FOR MORE DETAILS OR EMAIL: INFO@ABTECHTECHNOLOGIES.COM

CEO

Ransomware – What To Tell Your CEO

Ransomware – What To Tell Your CEO

When your CEO says,

“I NEED TO DISCUSS HOW THE COMPANY IS PROTECTED AGAINST RANSOMWARE”. 

Here is what you need to do.

I am sure many of you are have received countless emails recently from IT vendors telling you to buy their hardware or software because it is the “best way to protect against Ransomware”.  This is all well any good, but right now, you are probably more concerned with what you are going to tell your CEO when he or she asks

“What measures do we have in place to protect us against Ransomware attacks”

or

“Are we open to attack?”

Ransomware is one of the fastest growing industries on the planet.  There isn’t a week goes by without talk of somebody being attacked or a new threat emerging.  The reason;  because it is incredibly profitable for its creators, who are also difficult to trace.  

Ransomware is always evolving and becoming more sophisticated. Like any malicious code, it is often designed to attack the unprepared. 

CRYPTOLOCKER AND ITS DERIVATIVES

Most Ransomware attacks use software, such as Cryptolocker or its derivatives, which enters a corporate network attached to an official looking email.  Often this looks like an invoice or other official document and is addressed to a member of staff..  Opening the attachment will immediately encrypt the data on the owner’s PC and any attached file servers.   This is swiftly followed by a message saying “pay a ransom in the next few days or your data is gone for good.”  Not a lot of fun and quite scary for the individual and the owners or the company.

WANNACRY – RANSOMWARE STEPS UP A GEAR

More recently ransomware has taken a new twist. “WannaCry”, also known as Wcry, WanaDecrypt0r or WannaCryptor works by exploiting a security hole in the Windows operating system. Microsoft issued a patch in March2017, but any systems that haven’t been kept up to date with security patches are vulnerable.  

This doesn’t need human interaction for the infection to occur so, the attack can be much more widespread.  The number of computers that can be infected by this type of ransomware virus can quickly run into hundreds of thousands.  The effect to the user and the target organization is the same.  The user’s system is encrypted and a ransom notice flashes up on their screen. However, the infection can spread to multiple systems in a single organization if systems aren’t patched up to date.

WHAT CAN YOU TELL YOUR CEO?

This conversation can follow two routes:

  • This is what we have in place.
  • This is what we need to buy.

The second option is likely to be less well received, but it is also a great opportunity to get funding for something you really do need, to protect the organization.

So, let’s look at the measures you can take:

  1. Patch your systems:  This is an easy one, unless you have a lot of systems.  It just involves time.  If you don’t have time, you should suggest that you outsource the patching to an external managed service company, who can manage it for you. 
  2. Invest in some good quality anti-virus software:  Anti-virus software vendors make it their job to protect you against the latest virus strains and will happily tell you if their software protects you against Ransomware viruses. This makes it easy to see if your software is up to the job. Again, if you don’t have suitable software, you can sign up for a managed antivirus service so someone else can make sure you are protected.
  3. Check your firewall:  Firewalls are designed to protect against outside attacks.  A recent blog article from SonicWALL, illustrates that they and other vendors are on top of things. Look for similar statements from your firewall vendor. If they can’t provide this, look to your CEO for budget for a replacement.
  4. Update your Backup Software: This may not be as obvious, but this can be your last and best line of defense.  If you assume that you will, at some point get infected, having the ability to recover systems without paying a ransom is quite important.  Modern back up software, that takes regular snapshots throughout the day and has the capability to spin up virtual machines, it the best way to avoid paying a ransom.  The infected system or systems can be isolated, formatted and re-imaged from a recent clean backup in a matter of minutes.  Clean virtual machines can also be spin up from the last clean backup, to replace the infected ones. 

This eBook goes into more detail and gives an example of where Abtech was able to recover our client’s main file server in less than an hour with less than 5 minutes of data changes lost. 

THE MEETING WITH THE CEO – A HAPPY ENDING

Armed with this information you can go into that meeting with the CEO fully prepared.  Making a statement like this:

All our systems are up to date and we have protection through our firewall and antivirus software, but I recommend we invest in a new backup system to ensure we can recover quickly if we are attacked

will reassure your CEO and senior management even if it may cost them some money. 

FURTHER RESOURCES AND ACTIONS MICROSOFT RECOMMEND YOU TAKE:  

Download English language security updates: Windows Server 2003 SP2 x64,Windows Server 2003 SP2 x86,Windows XP SP2 x64,Windows XP SP3 x86,Windows XP Embedded SP3 x86,Windows 8 x86,Windows 8 x64


Download localized versions for the security update for Windows XP, Windows 8 or Windows Server: http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598
Read general information on ransomware: https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx
Download MS17-010 Security Update: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx 

FAQs: 

WHERE CAN I FIND THE OFFICIAL GUIDANCE FROM MICROSOFT? 

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

IS THE UPDATE AVAILABLE FOR WINDOWS 2003 & WINDOWS XP AS WELL? 

Yes. The link for download of the update is available at the end of this article 

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

WILL THE UPDATE RUN ON UNLICENSED WINDOWS? 

It is recommended that the update is run on a licensed version. 

WHAT ABOUT WINDOWS 2003 R2? 

The Windows 2003 update should get applied on Windows 2003 R2 as well.  

WILL THE INSTALLATION OF THE PATCH, PREVENT THE OCCURRENCE OF RANSOMWARE? 

No. Applying MS17-010 is just preventing the malware from spreading, not giving protection against the infection itself. Based on reports, this malware is using Social Engineering to target companies.Please warn your users to not open, click or enable macros on email reception. 

  • The priority is that your anti-virus can detect the malware. 
  • Verify that you have up-to-date signatures, along with patching the Windows systems 
  • Make sure that users have the level of knowledge required to never click on suspicious attachments even if they are displayed with a familiar icon (office or PDF document). Where an attachment opening offers the execution of an application, users must under no circumstances should accept the execution and in doubt, users should you consult and/or consult the administrator. 
  • Implementation of strong filtering in O365: 

http://blogs.msdn.com/b/tzink/archive/2014/04/08/blocking-executable-content-in-Office-365-for-more-aggressive-anti-malware-protection.aspx

  • Exchange Online Protection 

http://TechNet.Microsoft.com/en-us/library/jj723164(v=Exchg.150).aspx

http://TechNet.Microsoft.com/en-us/library/jj200684(v=Exchg.150).aspx

http://TechNet.Microsoft.com/en-us/library/jj723119%28V=Exchg.150%29.aspx

 

SECURITY TIPS TO PROTECT AGAINST RANSOMWARE 

https://social.technet.microsoft.com/wiki/contents/articles/29787.microsoft-protection-center-security-tips-to-protect-against-ransomware.aspx

IS THE RANSOMWARE EFFECTIVE ONLY IF THE USER HAS ADMINISTRATIVE RIGHTS ON THE CLIENT MACHINE? 

No. This piece of ransomware, like most of others, once executed, encrypts all files it can reach in the context of a user, if the user is an admin on the box the outcome is more devastating. In addition, this ransomware also tries to disable shadow copies and make some registry changes in HKLM hive which require administrative privileges. 

When it tries to spread, it uses a vulnerability, which once exploited gives the malware SYSTEM level access on the target system. All this means that this attack maybe very successful and destructive even if the users don’t have admin privileges on their unpatched workstations/servers. 

IS ONLY DISABLING SMB V1 SERVER (LANMANSERVER) ON ALL OUR MACHINES HELPS US TO PROTECT FROM THIS VULNERABILITY? 

Patch installation would be the first option. To answer the question, Yes. SMBV1 should be removed, but in a planned way. Please refer the below link 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/

DO WE NEED TO DISABLE SMB V1 CLIENT (LANMANWORKSTATION) AS WELL ON ALL OUR MACHINES? 

No. It is only the SMBv1 server component (which means Lanmanserver), on the client machine and not Lanmanworkstation on the client machine. 

WHAT IS THE IMPACT OF REMOVING SMBV1? 
  • You’re still running XP or WS2003 under a custom support agreement 
  • Windows XP will not be able to access shares on a Windows 2003 Server or any other Operating System 
  • Windows Vista and above Operating System will not be able to access shares on a Windows 2003 Member Server or Domain Controller (if you still have them in the environment) 
  • You have some decrepit management software that demands admins browse via the ‘network neighborhood’ master browser list 
  • You run old multi-function printers with antique firmware in order to “scan to share” 

Please refer the below article for more details 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/

IF WE MUST DISABLE SMB V1 SERVER SERVICE, WHAT ARE THE REGISTRY VALUES TO DISABLE IT? 

When using operating systems older than Windows 8.1 and Windows Server 2012 R2, you can’t remove SMB1 – but you can disable it: KB 2696547- How to enable and disable SMBv1, SMBv2, and SMBv3 in Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 

Please refer to the below link for more details 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/

HOW DO WE KNOW SMB V1 IS ACTIVE IN OUR ENVIRONMENT?  CAN WE PROACTIVELY CHECK IT? 

Yes. Please test this, before using in the production environment. 

https://blogs.technet.microsoft.com/ralphkyttle/2017/04/07/discover-smb1-in-your-environment-with-dscea/

Windows 2016 and Windows 10 provides a way to audit usage of SMBv1, which can be found here 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/

IS WINDOWS 10 AFFECTED AS OF NOW? 

https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/
The exploit code used by WannaCrypt was designed to work only against unpatched Windows 7 and Windows Server 2008 (or earlier OS) systems, so Windows 10 PCs are not affected by this attack as of now.
 

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
Customers running Windows 10 were not targeted by the attack today.
 

Windows 10 systems also need to be patched, because the variants can be developed. In addition to this, it would be recommended to remove SMBv1 from the clients and Windows servers, after doing a complete review of the below mentioned article. 

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/

 

DELLXTREMEIOSAERECOVERPOINT_2104x700

Dell EMC UNITY – NEW All Flash Storage Array

Dell EMC UNITY – NEW All Flash Storage Array

The Future is Flash…. All Flash
Dell’s new merger with EMC has been widely talked about and anticipated, but it is finally here. The market seems to be extremely optimistic about this merger. These two companies coming together might be the “Dawn of a new age” in the world of IT end-users. If you want to read more about the merger go here.

One of the things that is an exciting step forward is the release and promotion of Dell EMC UNITY! It is a all flash storage array.

If you want to check out the EMC page on Unity, go here.

“EMC Unity offers modern data center simplicity and all-flash performance in an affordable package. Designed specifically to get the most out of all-flash media, EMC is making it simpler and more affordable for both SMEs and enterprises to modernize their data centers. With the launch of Unity, 2016 is truly the year of all-flash for EMC.”

– Jeff Boudreau, Senior Vice President and General Manager, Mid-Range Solutions, Core Technologies Division at EMC

To summarize the features and benefits of this new array we must start with performance.

PERFORMANCE

Compared to past HDD, UNITY’s all SSD can deliver far superior performance with 300 IOPS. It also has features like: (EMC.com)

True dual-active controller architecture

Support for file, block and VVols
Snapshots and remote sync/async replication
Native, controller-based encryption
New scalable file-system for transactional and traditional file use cases
VMware VASA 2.0, VAAI, VVols, VMware- Aware Integration
Complete REST-API for automation and DevOps use cases
Integrated Copy Data Management with EMC iCDM
Zero-impact garbage collection

ADAPTABILITY:

Purpose built – Unity is purpose built for all flash data centers but it can also be deployed in hybrid environments. This allows for companies to make the transition to all flash data center, without having to do it all at once.

Software Defined – UnityVSA™ is capable of file and block storage and data management features that allow Unity to be deployed easily as a virtual machine.

Convergence – VCE ® Vblock™ and VxBlock™ System 350 are available with Unity as well. EMC really focused on convergence capability. Now you can take up less rack space and get more performance.

Unity provides incredible unified storage density, with up to 80TB of all-flash storage in a dense, 2U array. – EMC.com

AFFORDABILITY:

All flash Array starting at $18,000

Hybrid Model starting at $10,000

We feel that this price point is on the higher side of accurate, but you get what you pay for when you go all flash. We really can’t argue with the performance capabilities and feel there is “solid” value in the SSD Unity array.

AVAILABILITY:

If you are looking to purchase Unity, make sure you are going through the right source. Unity can only be sold through EMC partners. It is best you go through a partner that has a lasting relationship with Dell and EMC. In the near future, that relationship could mean big savings for you.

In addition, make sure your partner has the consultation capabilities needed to properly assess your environment and give you options that will be best in the long-run.

Abtech Technologies is a trusted partner of Dell and EMC. We have access to highly competitive pricing and promotions that are only available to partners. We also have a staff that is knowledgeable and experienced with engineers with over 25 years of experience. Abtech Technologies can provide valuable consulting and a solution at an affordable price. We want to make sure that your solution is as unique as the needs of your business.

Contract

Review of Dell Rapid Recovery – Storage Switzerland

Review of Dell Rapid Recovery – Storage Switzerland

Here is a review article by Storage Switzerland that outlines the benefits of using Dell Rapid Recovery (formerly Dell AppAssure) and features available in its latest release:

Addressing Modern Recovery Requirements

 

Dell Rapid Recovery now offers agentless backup for VMware as well as its tried and tested agent-based backup.

In addition to being able to run recovery versions of a VM from the Rapid Recovery server, customers of Dell Rapid Recovery are able to run a recovery version of a VM in the Stortrust cloud. This is regardless of whether the backed up system was a VMware VM, HyperV VM or a physical machine when it was backed up. This makes it the ideal platform for business continuity.