How to Craft an Enterprise-Level IT Security Strategy

Across the nation, corporations are still haunted by some of the largest IT security incidents in history, such as the attack on Yahoo, the hack of the Democratic National Committee, and the difficult-to-forget Target breach. If your enterprise is like most, these types of incidents move IT leadership to action, checking to ensure that security protocols are still in place and followed. But what if you could do more to safeguard your cyber assets?

For a growing number of enterprises, a full-scale IT security strategy has become a necessity. It’s no longer enough to adopt a reactive security position. As cybersecurity threats continue to escalate and grow increasingly sophisticated, now is the time to be proactive and strategic about protecting your enterprise.

Luckily, in this age of hypervigilance over cybersecurity, there are plenty of well-established best practices to help get your IT security strategy started. Here are seven of them:

1. AUDIT YOUR CURRENT CYBERSECURITY EFFORTS.

First, take the time to assess the organization’s current state of IT security. Include key stakeholders who have the technical skills and knowledge to fully assess the risk environment and the company’s position.

Be sure to evaluate the entire security framework. Consider how well-protected the enterprise is against threats, both internal (careless employees, poor data security protocols, etc.) and external (stolen credentials, denial-of-service attacks, etc.). Determine what is working—and what is falling short.

This initial audit should be a starting point for a more in-depth review. When necessary, partner with an experienced IT security consultant for a comprehensive audit.

Related Content:The Only Checklist You’ll Need to Uncover Your IT Security Risks

2. DEFINE YOUR SECURITY GOALS.

Following your audit, assess what needs to change to achieve a higher level of security. Are you effectively protecting data, discouraging high-profile cyberattacks, staying in compliance, and safeguarding the company reputation? If not, define these goals and start working out a way to get there.

3. CREATE A SECURITY ROADMAP.

With your security goals in mind, create a roadmap that will guide you from your current security position to your ideal one. What steps need to be taken to achieve each of your goals? Which departments, stakeholders, or partners need to be involved? It can be helpful to gain leadership approval of your roadmap, and then share it with the appropriate department heads, to ensure everyone understands his or her role and is on the same path toward success.

4. CULTIVATE A MORE SECURE CULTURE.

The most stringent security policies will still be ineffective if your people don’t take cybersecurity seriously. That’s why it is vital to encourage a more secure culture throughout the entire organization, from entry-level employees to your leadership team.

Establishing a set of organization-wide best practices for cybersecurity can help kick-start a more secure culture. How should employees handle passwords? How will data be backed up? Who will have access to sensitive information? These are the types of questions that should have well-established answers. Create your company’s best practices and publish them in a place where everyone can gain easy access.

Then, ensure that cybersecurity is a key part of training for new employees. If necessary, provide refresher training for all employees once a year or so to remind them of existing cybersecurity policies and to introduce new ones.

5. WATCH FOR EMERGING THREATS.

New cybersecurity threats emerge all the time, and hackers grow increasingly sophisticated every year. That is why it’s important to keep an eye on emerging trends and threats that may impact your network. Even now, your organization’s use of BYOD devices or IoT technology could be exposing the network, or shadow IT systems may be gathering vital information on your customers. It’s important to be aware of these new threats so that you can account for them in your planning.

6. INVEST IN CYBERSECURITY.

Today, there is no denying that enterprises must dedicate a portion of their budgets to cybersecurity. Research shows that the average cost of a single data breach now averages $4 million—and that figure grows every year. For some companies, a cyberattack hurts the bottom line (and their reputation) so much that they cannot recover.

But a proactive investment in cybersecurity can shield you from many of the leading cybersecurity risks. A comprehensive approach should include tools such as anti-virus software, firewalls, and cybersecurity training for employees and associates.

7. SCHEDULE ONGOING ASSESSMENTS.

Unfortunately, an initial audit isn’t going to keep your organization secure forever. Be sure to hold regular audits and assessments to continually check for new vulnerabilities and ensure the company is still protected and compliant.

Internal audits are helpful every year or so, while an external assessment can help you gain a more full-fledged picture of your security position. Partnering with a cybersecurity consultant can help you stay up to date on new threats, without having to constantly worry about whether you’re vulnerable.

ADDRESS CYBERSECURITY HEAD ON

IT security threats evolve quickly, and it’s important to stay vigilant of hackers, spyware, and viruses. Centrinet protects your enterprise from cybersecurity threats while ensuring optimal uptime, productivity, and efficiency. We constantly monitor and manage your network using leading tools and partnerships to ensure you are not only well-protected but also achieving the IT performance levels you need in order to be successful.

Staying Ahead of Ransomware: 7 Necessary Tactics

Are you concerned about a ransomware attack on your company? It’s not an idle threat.

In 2016, the number of these attacks each day reached 4,000, up 300 percent from the previous year. Healthcare organizations have been hit especially hard, as more than half of hospitals in the United States faced ransomware attacks between April 2015 and April 2016.

The success of cyber criminals in deploying ransomware depends on catching potential targets without the proper security rules and controls in place. But if your organization knows what to do before the attack comes, you’re less likely to fall victim to these security threats.

Is your company simply reacting when you hear about a ransomware threat on the horizon? Or are you proactive, with an IT security plan in place that adapts to the changing threat landscape?

Integrate these seven key tactics into your organizational plan and you’ll always be on the offensive against malicious attacks.

1. START WITH A COMPREHENSIVE HEALTH CHECK.

Just like a regular physical measures the health of your body, a health check of vital business systems keeps your organization out of trouble. A health check is a review and analysis of traffic and system architecture, along with scanning to pinpoint vulnerabilities.

You might also like:The Only Checklist You’ll Need to Uncover Your IT Security Risks

2. PROTECT IT ASSETS.

Ensuring asset protection readiness includes auditing user accounts to limit or remove administrator rights, taking inventory of systems like software, and configuring settings and access to enhance security and prevent intrusions.

3. UNDERSTAND BUSINESS RESILIENCE.

Can your organization handle emergencies and crises while maintaining business continuity? That’s business resilience. It’s an ongoing process that requires regular attention so that everyone in the company stays ready for the unexpected. As your industry changes, technology evolves, and risk tolerance shifts, the plan to ensure business resilience must adapt.

4. FORTIFY DEFENSES.

Beefing up security for core operations means reviewing access control policies; physical security; encryption; and controls covering email, malware, and ransomware. You’ll also need to configure backup and disaster recovery and implement training for everyone in the organization.

5. MONITOR DEVICES AND SET UP ALERTS.

The advent of BYOD (“bring your own device”) means that employees can unknowingly help penetrate the best security defenses. So you’ll need to monitor portable devices, create alerts that are sure to reach a human, and review log files consistently.

6. DEFEND YOUR CASTLE.

Playing defense never stops, and that means quarterly vulnerability scanning, annual reviews and awareness training, penetration testing, and ongoing risk assessments. You’ll also need to check in with vendors and service providers to confirm compliance.

7. PRACTICE DISASTER RECOVERY.

You probably have a business continuity plan, detailing what needs to happen when things go wrong and data is compromised or lost. But do you and your employees know exactly what to do? And can you do it quickly?

Instead of hoping your plan will work in an emergency, put it to the test. Giving workers mock scenarios and forcing them to restore systems and recover data from a disaster recovery backup is the truest measure of an effective strategy. When problems occur during the practice run, change your tactics and rewrite the plan.

Fending off security challenges requires solid preparation and regular maintenance. But you don’t have to do it alone. Partnering with an organization experienced in end-to-end security services means you won’t have to worry about the potential of ransomware attacks. Have a plan in place to identify, detect, and protect against cybersecurity threats so that you’ll never need to respond and recover.

5 Things to Consider When Creating a High-Availability Architecture Strategy

Handling increased system load, decreasing downtime, and eliminating single points of failure are all crucial needs of any SMB or enterprise IT infrastructure. High-availability architecture is one method that addresses these needs. Since every business is different, the right approach requires careful development of a strategy that is tailored to the business. Here are 5 things to consider when creating that strategy.

Read more

Installing Intel DC P3500 1.2TB NVMe SSD & VMware ESXi 6.0

Mark Ma, our Senior Systems Engineer and Citrix SME, recently published a case study on ServeTheHome.

ServeTheHome is dedicated to helping professionals and enthusiasts take their first leap into home and small business servers. Visited by thousands of people daily, ServeTheHome features content from a great community that uses STH as a focal point.

Case Study Preview

Recently I had a chance to work with the newly released PCIe AIC based Intel DC P3500 1.2TB NVMe SSD. After the installing Fusion-io on ESXi guide was published, NVMe was the next technology to evaluate. We were using a NVMe SSD to evaluate performance under VMware ESXi 6.0 and found some interesting results. I used the standard IOmeter for read throughput, write throughput, 4K read IOPS and 4K write IOPS. The results were certainly lower than we expected.

Visit ServeTheHome to read the full article by clicking on the following link:

Installing Intel DC P3500 1.2TB NVMe SSD & VMware ESXi 6.0 

PVS vs. MCS in a VDI deployment

There’s a lot of debate in the engineering community on whether to use Provisioning Services (PVS) or Machine Creation Services (MCS) when deploying a VDI solution. There are clear differences between the two technologies, and depending on the type of deployment, important factors to consider when choosing which one to use.

MCS

MCS uses linked clone technology. This means that a snapshot is taken of the master template, which is then used as the parent disk for the clones (VDIs). This is a relatively simple method to deploy, and it doesn’t require any additional infrastructure.

Challenges of MCS 

The main challenges of MCS are storage and scale-out related. With MCS, the clones and the parent disk must be on the same datastore in order to maintain link integrity. If the linked clones are distributed across multiple datastores, a copy of the master must be as well – substantially increasing the storage requirements for a deployment. For this reason, scaling out an MCS deployment can become difficult.

  • MCS uses about 21% more IOPS than PVS. Depending on the network infrastructure, this may be an important factor to consider for maintaining consistent performance across the VDIs.
  • MCS does not regularly “clean up” old master clones when deploying an update from a new snapshot. Instead, the old files must be manually removed in order to free up disk space.
PVS

PVS uses software streaming technology to deliver VDIs, requiring additional infrastructure to support the solution. PVS imaging wizard captures an image from the master machine, and then stores it in a VHD format (vDisk) on the Provisioning Server. The vDisk can then be shared (streamed) by multiple VDIs.

Technical Note: PVS utilizes a PXE boot method (BDM can also be used in the absence of DHCP) and a TFTP to stream the vDisk. Additional network configurations are required to allow PXE to work in the environment.

PVS is an elegant solution, and scales well in large enterprise-class deployments. Multiple PVS servers can be built out to balance the vDisk streaming load, providing redundancy as needed. And, with the introduction of caching to device RAM, the IOPS used by a PVS deployment can be greatly reduced (<1 IOP in some cases).

Summary

MCS is suited for small deployments (or lab scenarios) and is simple to deploy. But overall, PVS is the more robust and scalable solution for enterprise environments.

PVS requires more intensive planning, additional infrastructure, and more configuration to implement. However, once built it’s easy to maintain and requires very little maintenance. In most scenarios, it would be preferable to deploy PVS as opposed to MCS for the reasons outlined above.

 

Here at Centrinet we keep up-to-date on the latest technologies – and like to make sure you do too. Contact us today to learn more about our suite of datacenter virtualization and management services.

 

Expanding a vDisk

Do you need to increase the size of your vDisk in order to allocate more space to your OS drive? Follow these simple steps to complete the process on a Windows 2008 R2 server and above.

  1. Download the following link: VhdResizer
  1. Once you have the VhdResizer installed, open it.
  1. Browse to the VHD that you want to expand:

3

  1. Once the VhdResizer opens, enter the new name and size of the .VHD file in the appropriate fields. When finished, hit the “resize” button:

4

  1. Once you have your new .VHD file you will need to have Windows expand the drive from the disk management standpoint. Right click on your .VHD file and click “Mount”:

5

  1. Open the Windows Disk Management console:

6

  1. You will now see your .VHD drive mounted with the new unallocated space:

7

  1. Right click on the Volume and select “Extend Volume”:

8

  1. Now right click on the mounted .VHD and select “Detach VHD”:

9

10. Good job! You are now ready to use your new VHD.

 

Here at Centrinet we keep up-to-date on the latest technologies – and like to make sure you do too. Contact us today to learn more about our suite of datacenter virtualization and management services.

Let us help you get the most out of your IT investments!

 

Citrix StoreFront: Update Receiver for HTML5

Here is a short instructional guide to update your HTML5 receiver for StoreFront.

1. First you will need to verify your current version:

step1

2. Once verified, download the HTML5 update:

step2

 

 

3. Execute CitrixHTML5Client-x64:

step34. Now refresh your StoreFront console:

step4

 

You’re done!

Reverse Imaging a Disk Image & Updating XenTools

Purpose

Our purpose in creating this guide is to lay out a step-by-step procedure for updating XenTools on a PVS image, and to document some of the pitfalls involved with the process.

Please keep in mind that failure to follow the correct sequence can brick the image, in which case you must start over from scratch.

Scope

This procedure applies to PVS images hosted on XenServer, but a similar process can be followed if using VMware as your hosted hypervisor.

1) Reverse Image vDisk

1.1   First, we need to attach a second drive that is the same size as the disk image. Make sure the new disk is not in position 0 (please note that the cache drive can be detached as it not required):

4.1.1

1.2   Initialize the disk and format it (GPT can be used as well, and may be a better choice):

4.1.2

1.3   Create a volume and assign a drive letter to the new drive:

4.1.3

1.4   Download and install XenConvert for the OS version that you are using:

4

1.5   Launch XenConvert:

5

1.6   Select “Volume” and “Volume” for the “From” and “To” selections on the Welcome screen:

6

1.7   Select the C: drive as the source volume and the new drive (F drive) as the Destination:

7

1.8   Click “Convert” on the next screen:

8

1.9   If you see the warning below, click “Yes”:

9

1.10   Once the conversion is complete, click “Finish”.

2) Remove Target Device and VDA

2.1   Shut down the machine and detach the Cache Drive:

10

2.2   In the Provision Services console, set the machine object to boot from the Hard Disk in the Target Device Properties:

11

2.3   Also remove the vDisks from the machine object:

12

2.4   Boot up the machine with the newly created drive. You may have to set the VM to boot from the Hard Disk and uncheck the Network boot option (please note: you may need to boot the machine up with the vDisk and mark the new drive as active if the system doesn’t boot up):

13

2.5   You need to exit the provisioning target device process from the system tray (you can also view the status to make sure there are no vDisks attached):

14

2.6   End the process called “BNDevice.exe” from the task manager:

15

2.7   Now, uninstall the Citrix Provisioning Services Target Device x64 application:

16

3) Update XenTools and Create New Image

3.1   Reboot the machine and then run the XenTools update installer and follow the prompts (a couple of reboots may be required) and click “Done” when it is complete:

17

18

3.2   When the windows prompt comes up, select “Restart Later” or you will brick the machine. This must be selected for Citrix to finish the tools update:

19

3.3   After the XenTools update, you may need to remove the old ghosted adapter, so set the device manager to show hidden devices (a failure to do so could prevent new image creation):

20

3.4   When Device manager comes up, select view→show hidden devices and expand the Network adapters group. Locate the ghosted adapter and uninstall it:

21

3.5   Reinstall the Citrix Provisioning Services Target Device from the ISO and run the installer PVS_Device_x64.exe. – then follow the prompts and restart the machine:

22

3.6   Before you cut a new disk make sure there is a vDisk connected (it will change it later). Make sure to set it to boot from Hard drive on the machine object in the PVS server, otherwise the process might fail:

23a

23b

3.7   Change the boot options in XenCenter to only boot from the network, and reboot the machine:

24

3.8   Now you are ready to cut a new disk. Make sure the machine is online with the provisioning server by checking the provisioning target device status in the system tray. From the start menu, launch the Provisioning Services Imagine Wizard:

25

3.9   Click “Next” to start the wizard and enter the Provisioning Server (use the IP on the same network segment). Use Windows Credentials unless you logged on with a local account, then enter them:

26

3.10   Select “Create new vDisk”:

27

3.11   Create a vDisk name and choose the store (make sure to use one you used for your Master Device Collections) where you want to place the new vDisk and click “Next”:

28

3.12   For the master image, choose “None” for the KMS setting. You will set KMS on the production image later on:

29

3.13   Make sure to set all other drives to “None” on the Configure Image Volumes page (or the image may not be usable) and click “Next”:

30

3.14   Click “Next” on the Existing Target Device page (The existing master image target device):

31

3.15   If you see the following warning, click “Yes”:

32

3.16   Click the “Optimize for Provisioning Services” button:

33

3.17   Leave all the boxes checked and click “OK” on the dialog box:

34

3.18   Now click “Finish”:

35

3.19   Click “Yes” on the dialog box that says the machine must reboot:

36

3.20   After the server reboots, log in again and you will see the following dialog box displaying the progress:

37

3.21   When the image completes, click “Finish” and then shut down the machine. Detach the drive you used to reverse image (40 GB in this case) the vDisk and reattach the original cache drive (20 GB):

38a38b

3.22   The new vDisk should be attached now, but you need to set the boot from option to “vDisk” again:

almost

3.23   Attach any other drives that are needed for the image:

last

3.24   Boot up the machine and make sure it comes up properly. If you have issues, check the boot options and make sure you have it set to network boot.

Congratulations, you have successfully completed the procedure for reverse imaging a PVS vDisk and updating XenTools.

IT Projects 3

Software Defined Storage (SDS): A Centrinet Case Study

I recently completed a very interesting client project based on MS Hyper-V and MS Storage Space, and wanted to share the details here today.

The Clients had been using the 2008 R2 Hyper-V CSV cluster with iSCSI storage, which was complex to manage. The steep costs for iSCSI storage were returning low levels of performance on the 1GbE iSCSI network. After looking at some alternative solutions, we proposed that they utilize the existing 2U DL380G7 servers’ local storage with Hyper-V 2012R2.

Details and Setup 

We used 4x Hyper-V 2012 R2 hosts by running local storage tiering with a 4x 450 GB 10K SAS drive and a 4x 400 GB SSD. Additionally, we enabled Windows data deduplication on the file system. This had the end result of maximizing the performance (since VMs run locally) while still preserving storage (deduplication).

This setup met the requirements of cost-effective high-performance storage, and simple management, but did not have redundancy without the use of shared storage.

To handle this, we implemented Hyper-V Replica to a fifth Hyper-V node (4x Hyper-V hosts continuously replicate changes on the VM to the fifth Hyper-V node). In case any of the Hyper-V hosts are experiencing hardware issues, they are able to bring up the VM in minutes. Additionally, we put a robust backup in place, which backs up VMs locally and replicates everything offsite.

Results

The clients were thrilled with the results. Their initial backup rate was 25-35 Mbps on the shared iSCSI SAN. After project completion the backup rate increased to 200-250 Mbps on their local storage.

Active VMs are now on SSD disks, versus the slow mechanical hard drives of the past. Hyper-V Replica gives clients an ability they’ve never before had – the ability to quickly restore VMs on the Hyper-V Replica node. In less than 5 minutes the client can bring back a failed VM, instead of having to suffer through the entire restoration process. Additionally, the Replica will have made 8 copies of the VM within a 24-hour period –there’s some reassurance!

Summary

This architecture fundamentally changes the ways we normally deploy virtualization solutions. Instead of having to acquire expansive blade servers, high-performance SANs, and high-performance storage networks, this architecture gives businesses the ability to use traditional rack mount servers to start virtualization projects. Now each server can potentially support 200-250 users, and the client doesn’t need to bleed in order to have in-house virtualization solutions.

This is a perfect example of utilizing software-defined storage (SDS). The only cost to the client is the solid-state drive (SSD). All of the necessary software features are free with Microsoft Server 2012 R2. And although this is not a silver bullet solution, it is a great alternative for anyone who is willing to look outside the box to move IT one step further from the cost center

 

 

Unique Solutions for Distributed Storage

The primary objective of a distributed storage model is for local storage on each individual server to act as a pool for the cluster. In this model, the virtual machine (and any data) is stored locally for better performance. Because the data is being replicated, redundancy is achieved – opening up alternate network paths and ensuring no single point of failure.

For a distributed storage model to work properly, a high-speed network is a must. I have compiled the following list of vendors based on those who have put in a lot of work to get this model running efficiently. Here are the top four I recommend looking into; each is listed along with a short description of their solution.

Atlantis

Atlantis is a memory based, replicated local vSAN solution. It provides very good performance, but the setup is complex.

VMware vSAN

This solution requires three minimal servers for setup. Each server has one SSD, and at least one SAS/SATA drive. It’s still in beta, but has great feedback thus far.

Nutanix

Nutanix created a solution where each node has two SSD and four SAS drives. In addition, this solution requires three minimal servers for setup. Each hypervisor node has a control VM that presents all local storage to the cluster, and then handles the storage replication. This solution is definitely one to watch.

Microsoft- Hyper-V replication


Last, but not least, is the unique route taken by Microsoft with the Hyper-V replication solution. In my opinion, this is the simplest way to achieve redundancy for the following reasons:

  1. There is no need to create a storage pool, or server clusters.
  2. If there are two active Hyper-V nodes hosting different VMs, then the third can act as the replica Hyper-V node for both. Refer to Microsoft’s Distributed File System (DFS) for more information.

There are currently several vendors out there with unique solutions for distributed storage, each with their own pros and cons. No matter which of these solutions works best for you, this topic is certainly something to be watching and researching.