Network SecuritySponsored by Jamf Now

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have a computer on our domain that is sharing a folder and a printer.  Just within the past couple days, access to any shares on this computer has stopped.  I have double checked the shares are still active.  I can get to the shares from that computer itself via unc.  No other machine can access the shares though and remote desktop connection is not working either.  I also rejoined the machine to the domain and turned the firewall off.  Any other suggestions?
Cloud Class® Course: SQL Server Core 2016
LVL 12
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

Coming up with a good network security checklist can be challenging. The list below was created with input from not less than a dozen technology consultants and security experts.
LVL 18

Expert Comment

by:Andrew Leniart
Comment Utility
A very handy baseline checklist. Great work. Endorsed.
I have recently joined a company where the juniper SRX 3400 already bought but not installed.   Now I want to implement this in HA mode as a replacement of SonicWALL 4400.  Please help me, step by step to implement same. For your kind information I very new to Juniper so I need details knowledge in same.

Waiting for the good answer.

I have five locations that have Sonicwalls and all five locations are connected by VPN.  The contract is up with the five Sonicwalls and the contract is up for renewal.  The owner wants to consider installing a different VPN firewall at each location.  He's has not been very happy with the Sonicwalls and doesn't want to renew the contracts for the Sonicwalls.  I've used Sonicwallls in the past and don't have any problem with them but the boss wants a change.  Each location has 4-5 Windows 7 or Windows 10 computers.  The owner wants to know if the Ubiquiti Edgerouter would be a secure solution using site-to-site VPN.  I've used the Edgerouter before but never in a situation like this so I don't know if it would be a good solution.  I was thinking about looking at a Fortinet VPN router to replace the Sonicwalls but I want to see what your suggestions are.  Why or why not would you recommend going with a Edgerouter for a site-to-site VPN between 5 locations?  Would Fortinet or Ubiquiti be a better (better value--same level of security) solution as a Sonicwall replacement?  Is there a better (better value) solution?  Thanks in advance for your help!
I'm trying to connect a Watchguard T30 to an AP320 through a Cisco Catalyst 2960.

I'm able to set up trunking on the Cisco so that I can see the AP320 through the controller, however when I connect to the WLAN I get no DHCP address, and I can't get online even when I hard code the IP. Based on some logging information I've seen on the Watchguard, it almost looks as though the Cisco switch is sending packets to the wrong gateway address.

It looks like when a device was requesting an IP on the VLAN subnet that request was sent to the lan gateway.

I'm extremely new to Cisco so it's entirely possible I'm missing something obvious, but when the VLAN's are set up on the router and then trunking is configured for those VLAN's on the Cisco, is there a place where you need to specify what Gateway to use for each trunk?
Does anyone recommend any good ethical hackers?  I want to ensure that I close any open security issues for my organization and I was thinking of hiring an organization or individual that can provide that service?  

Any reputable recommendations?
I have a question about defending against  DDoS attacks.  My ISP charges a large penny for service to protect me from DDoS attacks, it's basically the same amount for my internet, and it's not cheap.  Besides buying hardware, does anyone recommend any online companies that can provide the same kind of service as my ISP, but at a descent cost?

What other options do I have, or does anyone recommend a good solution?
We have a Watchguard M200 firewall that we would like to limit inbound/outbound bandwidth to 20Mbps on our External (WAN) interface. Our ISP allows for 40Mbps total bandwidth. I've gone into Traffic Management and changed the interface to limit bandwidth to 20Mbps but this only seems to apply to upstream outbound traffic. Inbound traffic is still coming in at the fulll 40Mbps. Is it possible to also limit inbound traffic to 20Mbps?

Thank you
I currently have my CISSP & CISA and I'm considering pursuing penetration tester certifications. I see that the Certified Ethical Hacker (CEH) certification is now on the DoD 8570 certification list under CSSP Incident Responder. Therefore I wanted to ask the experts if you think the CEH certification provides a good foundation prior to taking other more advanced courses related to penetration testing or is the CEH certification just not worth the money. Any additional information or thoughts on this topic are greatly appreciated. Thank you again.
I work for a small company with roughly 50 users and have been asked to have an outside vendor perform security/vulnerability testing.  We have several servers, ranging from SQL, to Exchange, to Remote Desktop with a hosted firewall through Windstream.  I thought I would appeal to the Experts in the Experts-Exchange community for advice and/or recommendations for a good vendor that specializes in such things.
Simple Misconfiguration =Network Vulnerability
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

Hello Everyone,

I am looking for options to protect my files and folders on my local laptop.

For example, if  someone stole my computer or hacked into it, I would like to have certain files (my business file that houses information on clients/staff and my financial file) to have a password on them in order to open them.  I know that some apps also hide the file and can’t be opened or seen.

I Want to make sure that I have to put a password in when file needs to be opened and it would be good to be able to have it hidden to anyone that hacks into my computer if that should happen.  

What options do I have please ? what do you recommend ?

important I am running Windows 7. I am looking for a solution for windows 7

Thank you,

I need to create an IE lock down group policy to block all internet access for some computers but allow exception for specified work related internet websites and also allow the internal websites

Please advise how this can be probably done.  

Many thanks.

With my Tenvis camera connected to my home's Wifi SSID and my laptop
connected to my home's Wifi, I could http://Tenvis_IP:7777  & see what
the camera sees.

However, at my company, I can't connect my Tenvis camera to the Guest
Wifi as it requires registration plus clicking a couple buttons on the
landing page before the device could connect to Guest network.

Now, I'm replacing the Tenvis with my iPhone using the steps below:

However, with both my iPhone & laptop assigned an IP each by Guest Wifi, my
laptop still can't ping the iPhone & can't see the videos despite that both iPhone
& laptop have registered successfully & clicked the necessary buttons to get
authenticated/connected to Guest.  How can I overcome this?

I plan to put the iPhone in my car to monitor the car (using the laptop) as my car
is parked within the vicinity of the company.  I could sign up a data plan for the
iPhone but it's going to cost quite a bit to monitor 22 days, ten hrs per day so
tagging onto the free Guest Wifi.
How to be a SOC service provider ?

       ...  we  are beside performing  the  required  feasibility study  to  invest  in   providing  SOC as  a managed and monitor services  ?

......  what  are  the  requirements for  a   company  to  be able to provide  SOC  services  either as  manged or monitor  services  ?    

>>>  what  are  the main components of  a SOC
After being hit with Ransomware, restoring from backup, and reinstalling applications as needed, I can't get the Quickbooks Database Server services started or the Quickbooks Database Server Manager to run. When I browse for files and 'Start Scan", it attempts to start the services after browsing the files, finding Quickbooks files. It claims the folder in which the company files live isn't shared. I guess that's technically true, but the directory one level up IS shared, so it's possible to browse to it from a network share. Then it tells me it is attempting to resolve Networking issues, and tells me after that to resolve network issues and try again later (not the exact syntax, obviously).

I have tried installing just the bare server (what we had done in the past), installing the full version of Quickbooks (2016 for the moment), uninstalling, rebooting the server (2008 R2), reinstalling just the database server, using the Quickbooks clean boot utility, disabling ALL firewalls (Kaspersky and WIndows Firewall), I can't get the QBDbMgrN to start and stay started. I can't get the QuickbooksDB26 started. For some reason it claims to be a service that should be started manually. I don't recall that having been the case in the past.  Also,  I don't think the QuickbooksDB26 ever disappeared, even after a clean install (using the Clean Install tool), an uninstall, and/or a reboot.

Previous to the ransomware, the server had Quickbooks 2015 and 2017 database servers installed. …

how many retention policy we can have
I currently have a Watchguard Firebox in place and have recently purchased a Cisco Catalyst 2960 to server as our primary switch. Our Watchguard currently manages our WAP's (also Watchguard) which have a private and public wifi network which is segmented through the use of VLAN's.

I'm extremely new to Cisco and I'm trying to determine how I would go about configuring the ports on the switch to pass along all VLAN traffic which should allow the WAP's to continue functioning.
I was given a task to migrate NPS server from Windows 2008 R2 to Windows 2012 r2. The current NPS is at Domain controller and is being used for 802.1X. I read few articles of migrating, basically export and import the xml file to new server. Do they have to be in domain controller or we can migrate it to a server in a Domain? My other question, Do we have to have the same name for the migration server?
What are  the best practices and Guide lines to build a Security Operation Center - SOC ?

what  are  the components needed to build a SOC ?
Upgrade your Question Security!
LVL 12
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

I have my IT guy access my computer via Teamviewer so he can access my servers via RDP from my computer, and he doesn't have server login information.

If I give him RDP access to my computer instead of using TeamViewer, how can I secure files and data on my  servers?

Can you please advise why IP of server is changing like

Pinging with 32 bytes of data:
Reply from Destination host unreachable.
Reply from Destination host unreachable.

Open in new window

Running Exchange 2010 with MS outlook 2010
 I have a share mailbox call  ( in my inbox has an auto forward all mails to my inbox.

what I need is a rule that will move (filter) the email that is auto forwarded to a specific subdirectory in my personnel inbox in  Outlook 2010

Screen shot attached.
Hi, i have an application running in a debian server, developed in delphi 7 for 32 bits, with postgresql as database, port 5433.
To get an easy way for updating the app, all the clients (windows platform, 32, 64 bits, xp, 7, and 10), reference the executable in the server, but execute it in a local folder, where an ini file configures the link to the database.
In a lot of customers (not all with a debian server, instead, there are windows servers and ubuntu server), and in this customer, this scheme works fine.
In one PC, with Win10, i have this strange problem:
1) if i use a link, that reference the exe in the server and execute the app, it doesn't work. I get an error (internal to the app), as if i can't reach postgresql server.
2) if i copy the exe, and execute in any folder, executing in the same folder as 1), the app works fine.
It seems to be something of the firewall... i disabled it.
It seems to be something of the antivirus... i disabled it (AVG).
pgAdmin, conects to the server.
I simply can't see any other posible solution...
Can anybody help?
Active Directory: Customize the Password must meet complexity requirements. Is there a way to enforce 4-4  categories? or how to specifically enforce the Non-Alphabetic characters?

Contain characters from three of the following four categories:
English uppercase characters (A through Z)
English lowercase characters (a through z)
Base 10 digits (0 through 9)
Non-alphabetic characters (for example, !, $, #, %)
Complexity requirements are enforced when passwords are changed or created.

We are trying to enhance our password security and would to be able to enforce the special character.
We know there is third party software that allows this but like to know if there is a way to do it on Windows server 2012?
We use F5 application security manager asm as WAF.

Which log or file in asm logs down the asm admin's activities?  

Can this logs/events be forwarded to Splunk or a syslog?

Network SecuritySponsored by Jamf Now

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.