Increase your Network Visibility to better use your business bandwidth with Cisco Meraki!

Increase your Network Visibility to better use your business bandwidth with Cisco Meraki!

Does your business have enough bandwidth?

Many businesses today are looking for ways to upgrade their current bandwidth because of user feedback, they complain mostly about slow browsing speeds.  Little do they know that there is a certain user in the office that is “torrenting” on the network, which results to bandwidth hogging and can even put the business at risk.

However, administrators can now feel reassured with Cisco Meraki’s Layer 7 application fingerprinting which gives them a better view of their network. Network administrators/managers can rely on this level of visibility every day to see beyond the size and rate of data transfers on their networks and gain insight into the actual behavior of their users. It’s useful to see patterns in large spikes of traffic on the network, but it’s even better to know whether those spikes are coming from online backup or from BitTorrent.

What’s better than traffic Visibility?  Traffic shaping!

So now the administrators have identified which applications (and most importantly, which users) are using more bandwidth than necessary, what can you do about it?

You can now create application-specific shaping policies for total control over your wired and wireless network. With the built-in Traffic Shaper in Cisco Meraki, shaping policies can be created that apply per user bandwidth limits for specific applications such as video streaming sites, as well as apply QoS (Quality of Service) priority levels at both Layer 2 and 3 to make sure your critical traffic gets prioritized across the network.

The Cisco Meraki portfolio includes wireless access points, switches, security appliances, and mobile device management solutions. What sets Cisco Meraki apart is that all of these are centrally managed from the cloud. This makes them significantly easier to deploy and manage than traditional networks.

Contact us at 893-9515 to try Cisco Meraki for yourself and discover the power of cloud networking today!  

Security Advisory: Meltdown & Spectre Vulnerabilities

Security Advisory: Meltdown & Spectre Vulnerabilities

Over the past few days, you may have heard of the new vulnerabilities that has been uncovered, Meltdown and Spectre.  These vulnerabilities affect all modern processors, meaning your business machines and even personal gadgets that use processors are affected which puts you in risk of potential attacks.  Below is a brief explanation of what exactly Meltdown and Spectre are:

Meltdown

Meltdown is a hardware vulnerability in processors (Intel x86 microprocessors and some ARM based microprocessors) which allows attackers to use programs to access your computer’s memory.  With this access, they are able to gain sensitive data from your other applications within your system.

Spectre

Spectre is a hardware vulnerability in modern processors, which attackers can use to trick error-free programs, which follow best practices, into leaking their secrets.  Safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre.

However, since the vulnerability has been announced it means that so have the solutions.  Below are the steps in which you need to take fix these vulnerabilities:

1. Update your Processor Firmware

Processor manufacturers have already released firmware updates to fix these vulnerabilities, however they said that they would only be releasing updates for processors within the last 5 years.  Below are the current firmware updates you will need per vendor (note that we will be placing more updates as they come):

HPE

For ProLiant Gen10 products (except for the ProLiant DL385 Gen10), update to System ROM Version 1.28.

For the ProLiant DL385 Gen10 server, update to System ROM Version 1.04.

For ProLiant Gen9 series servers, update to System ROM Version 2.54 (except for the ProLiant DL20 Gen9 or ML30 Gen9)

For the ProLiant DL20 Gen9 or ProLiant ML30 Gen9 server, update to System ROM Version 2.52.

For ProLiant Gen8 series servers, update to a System ROM version dated 12/12/2017.

For the ProLiant m710x server cartridge, update to System ROM Version 1.60

For the ProLiant m710p server cartridges update to the System ROM version dated 12/12/2017.

Click here and place your HPE product to find the firmware patch you need.

Cisco

Below is a table of known Cisco products affected by the vulnerabilities, to download the update, you will need to click on the Cisco Bug ID and log in to your Cisco account to access it.  We will be updating this table when updates are available.

Product Cisco Bug ID Fixed Release Availability
Routing and Switching – Enterprise and Service Provider
Cisco ASR 9000 XR 64-bit Series Routers CSCvh32429
Cisco 800 Industrial Integrated Services Routers CSCvh31418
Cisco NCS 1000 Series Routers CSCvh32429
Cisco NCS 5000 Series Routers CSCvh32429
Cisco NCS 5500 Series Routers CSCvh32429
Cisco XRv 9000 Series Routers CSCvh32429
Unified Computing
Cisco UCS B-Series M2 Blade Servers CSCvh31576 Fix pending
Cisco UCS B-Series M3 Blade Servers CSCvg97965 (18-Feb-2018)
Cisco UCS B-Series M4 Blade Servers (except B260 and B460) CSCvg97979 (18-Feb-2018)
Cisco UCS B-Series M5 Blade Servers CSCvh31577 (18-Feb-2018)
Cisco UCS B260 M4 Blade Server CSCvg98015 (18-Feb-2018)
Cisco UCS B460 M4 Blade Server CSCvg98015 (18-Feb-2018)
Cisco UCS C-Series M2 Rack Servers CSCvh31576 Fix pending
Cisco UCS C-Series M3 Rack Servers CSCvg97965 (18-Feb-2018)
Cisco UCS C-Series M4 Rack Servers (except C460) CSCvg97979 (18-Feb-2018)
Cisco UCS C-Series M5 Rack Servers CSCvh31577 (18-Feb-2018)
Cisco UCS C460 M4 Rack Server CSCvg98015 (18-Feb-2018)

Dell

BIOS updates for PowerEdge Server Products

Generation Models BIOS version
14G R740, R740XD, R640 1.2.71
R540, R440, T440 1.2.71
T640 1.2.71
C6420 1.2.71
FC640, M640, M640P 1.2.71
C4140 1.0.2
R940 1.2.81
T30 1.0.12
Generation Models BIOS version
13G R830 1.7.0
T130, R230, T330, R330 2.4.1
R930 2.5.0
R730, R730XD, R630 2.7.0
C4130 2.7.0
M630, M630P, FC630 2.7.0
FC430 2.7.0
M830, M830P, FC830 2.7.0
T630 2.7.0
R530, R430, T430 2.7.0
C6320 2.7.0

BIOS update for Dell Datacenter Scalable Solutions (DSS)

Models BIOS Version
DSS9600, DSS9620, DSS9630 1.2.71
DSS1500, DSS1510, DSS2500 2.7.0
DSS7500 2.7.0

2. Checking if your registry is compatible with your OS updates (Windows)

There are some third party anti-virus software that are currently incompatible with the latest patch updates from Windows.  If you are unable to update your OS due to this reason, it is recommended that you modify your registry to fix this.  However we highly recommend that you also backup your registry before you manually edit it as using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system.  Below is the registry key to be set:

Key=”HKEY_LOCAL_MACHINE”

Subkey=”SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat” Value=”cadca5fe-87d3-4b96-b7fb-a231484277cc”

Type=”REG_DWORD”

Data=”0x00000000”

For Trend Micro users, there has been a patch release for their products in which enables the ALLOW REGKEY (the above code) automatically.  This however is not the fix to the vulnerabilities and you have to update your OS as this patch will not update your OS but allow you to update.

Additionally, note that per Microsoft, even clients that do not have active anti-malware or security software installed may still be required to apply the specific registry key before the security patches can be obtained from Windows Update.

Product Updated version Notes Platform
OfficeScan XG (all versions including SP1) – CP 1825-4430 Readme Windows
11.0 SP1 – CP 6496 Readme Windows
Deep Security Deep Security Agent 10.0.0-2649 for Windows (U6) Readme Windows
Deep Security Agent 9.6.2-8288 for Windows Readme Windows
Worry-Free Business Security 9.5 CP 1447 Readme Windows

3. Updating your OS (Operating System)

Below are the updates that are currently out for Windows OS for both Servers and Desktop (this will be updated as more updates are released):

Product

Article

Download

Windows Server, version 1709 (Server Core Installation) 4056892 Security Update
Windows Server 2016 (Server Core installation) 4056890 Security Update
Windows Server 2016 4056890 Security Update
Windows Server 2012 R2 (Server Core installation) 4056898 Security Only
Windows Server 2012 R2 4056898 Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4056894 Monthly Rollup
4056897 Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4056894 Monthly Rollup
4056897 Security Only
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4056894 Monthly Rollup
4056897 Security Only
Windows 8.1 for x64-based systems 4056898 Security Only
Windows 8.1 for 32-bit systems 4056898 Security Only
Windows 7 for x64-based Systems Service Pack 1 4056894 Monthly Rollup
4056897 Security Only
Windows 7 for 32-bit Systems Service Pack 1 4056894 Monthly Rollup
4056897 Security Only
Windows 10 Version 1709 for 64-based Systems 4056892 Security Update
Windows 10 Version 1709 for 32-bit Systems 4056892 Security Update
Windows 10 Version 1703 for x64-based Systems 4056891 Security Update
Windows 10 Version 1703 for 32-bit Systems 4056891 Security Update
Windows 10 Version 1607 for x64-based Systems 4056890 Security Update
Windows 10 Version 1607 for 32-bit Systems 4056890 Security Update
Windows 10 Version 1511 for x64-based Systems 4056888 Security Update
Windows 10 Version 1511 for 32-bit Systems 4056888 Security Update
Windows 10 for x64-based Systems 4056893 Security Update
Windows 10 for 32-bit Systems 4056893 Security Update
Microsoft SQL Server 2017 for x64-based Systems (CU) 4058562 Security Update
Microsoft SQL Server 2017 for x64-based Systems 4057122 Security Update
Microsoft SQL Server 2016 for x64-based Systems Service Pack 1 (CU) 4058561 Security Update
Microsoft SQL Server 2016 for x64-based Systems Service Pack 1 4057118 Security Update

4. Updating your browsers

The last step would be to make sure that your internet browser is patched to the latest version.  Below are a few of the most used browsers and the versions they need to be updated to:

Mozilla – Firefox 57.0.4

Internet Explorer/Microsoft Edge – Included in the latest security update of Windows KB4056890 (OS Build 14393.2007)


Again more updates will be posted as soon as the fixes are released by the respective vendors.  If you need more details or help in implementing the said solutions from vendors, please do contact us at 893-9515 and we will do our utmost to help!

 

Migrate your Business to SAP HANA with the affordable SAP HANA Dynamic Tiering

Migrate your Business to SAP HANA with the affordable SAP HANA Dynamic Tiering

What is SAP HANA?

Deployable on premise or in the cloud, SAP HANA is an in-memory data platform that lets you accelerate business processes, deliver more business intelligence, and simplify your IT environment. By providing the foundation for all your data needs, SAP HANA removes the burden of maintaining separate legacy systems and siloed data, so you can run live and make better business decisions in the new digital economy.

In summary, your company will be able to simplify its IT with one platform for trans-analytic applications.  This means that you will be able to analyze live data to support real-time business while at the same time reduce data redundancy, hardware and IT operations.  You will also be able to modernize your data centre with flexible SAP HANA deployment options, be it public or private cloud.  With SAP HANA, some companies are seeing 575% five-year  ROI by increasing innovation and decreasing data management costs.

If SAP HANA is so beneficial, why is it not a standard?

Even with all the business benefits that SAP HANA can provide, it is still placed on a company’s wish list rather than their next purchase.  Why you may ask?  Price.  The expense for an initial migration project for SAP HANA can cost the company over $2 million when things such as deployment, staff, hardware and licensing are considered.  Even with all its benefits, it is very hard to justify anything with that kind of cost behind it.  However, it is projected that by 2025 that SAP HANA will be a must have business solution, whether or not the company can justify the expense.  You must also take into consideration that just because your company is not getting SAP HANA that your competition will not.

Here is where SAP HANA Dynamic Tiering on an all-flash infrastructure comes in.  Be able to migrate to SAP HANA and gain the benefits of its real-time insights almost immediately without paying the potentially limiting upfront and ongoing costs.

S AP HANA Dynamic Tiering is an add-on for the SAP HANA database.  It allows less frequently used data (warm data) to be moved from the main in-memory SAP HANA database into extended storage.  Using extended storage can dramatically reduce costs by decreasing the size of the SAP HANA database – thereby lowering maintenance, hardware, and software/licensing costs.  When the extended storage is an all-flash infrastructure, performance loss can be minimized compared to keeping all date in SAP HANA itself.

Pure Storage tested the cost and performance impacts of running SAP HANA with SAP HANA Dynamic Tiering on their Pure Storage FlashStack converged-infrastructure solution to see if it was possible to save organizations millions of dollars while still being able to realize all of its benefits.  The results?  Organizations that run SAP HANA with SAP HANA Dynamic Tiering on Pure Storage’s all-flash infrastructure were able to quickly and easily start using SAP HANA at a lower cost (up to 75% lower) while still obtaining performance on par as if running SAP HANA on its own.  As a bonus, with Pure Storage all-flash solution and Pure Storage’s collaboration with SAP, organizations will be ready and able to reduce the overall in-memory data footprint and offload less frequently used war data on to all-flash technology while still obtaining high performance with future SAP HANA capabilities, be it the capabilities of SAP HANA Dynamic Tiering or something else.

To learn more about the Pure Storage test, please read this article for a more in-depth study.  If you want to learn more about Pure Storage, you can visit our product page or call us at 893-9515.

Introducing the Threat Grid for Meraki MX

Introducing the Threat Grid for Meraki MX

When Cisco announced the integration of Cisco Advanced Malware Protection with the Meraki MX last July, it was to provide a simple and effective way for MX customers to monitor, detect and remediate advanced threats.  Now they are taking it a step further, they have now integrated their Threat Grid into the Meraki MX platform.   This integration allows security teams to be able to better understand, prioritize and mitigate attacks by combining advanced sandboxing with threat intelligence.

With how advanced today’s malware and other advanced attacks are, it is harder for companies to just to rely on their first line of defenses.  Even with some of the best security tools in place, it is still highly likely some of them will eventually get into your system.  However, with Threat Grid, you can be able to avoid these situations.  It rapidly analyzes files and suspicious behavior across your environment while providing your security team context-rich analytics.  It also provides threat intelligence so your team will know what a file is doing or attempting to do which helps in quickly responding to the threats.

The integration starts with the AMP for Meraki integration.  Files that pass through MX will be queried against AMP which will respond with a disposition of clean, malicious or unknown.  The clean files are allowed through while malicious files are blocked and the unknown files are automatically sent to Threat Grid to be analyzed.  After the analysis is complete, a detailed report and threat score will be displayed on the Meraki Security Center.  Files with threat scores of 95 and higher are considered malicious which will trigger an alert as to notify the security team so they can remediate it ASAP.

Threat Grid for MX is available now as an add on to the MX Advanced Security license. Customers must have the Advanced Security License to purchase Threat Grid. To find out more contact us at 893-9515 and we will be happy to help!

Click here for more information.

Join us in our upcoming event Cisco Start!

Join us in our upcoming event Cisco Start!

Technology is evolving at an unprecedented pace, and its impact can be seen in every sphere of life. Whether it’s communication, education, healthcare, or entertainment, technology has revolutionized every aspect of our lives. Cisco, the leading technology provider, is at the forefront of this revolution, and it’s time to unleash the power of technology with Cisco Start!

Cisco is a technology giant that specializes in providing networking hardware, software, and services to businesses worldwide. Its solutions are tailored to help organizations of all sizes connect and collaborate securely and efficiently, regardless of whether it’s through LANs, WANs, data centers, cloud computing, or IoT.

Cisco’s product portfolio is extensive and includes routers, switches, wireless access points, security appliances, telepresence systems, and more. However, the company’s focus is not just on the technology it offers, but on the outcomes it can enable for its customers. Cisco’s business strategy centers around helping businesses achieve digital transformation, by leveraging emerging technologies such as AI, ML, and automation to drive innovation and productivity.

Cisco is well known for its expertise in network infrastructure and security, with many businesses relying on its products and services to power their operations. The company is committed to providing high-quality products and services, with a strong focus on customer support and satisfaction.

 

On June 29, 2017, Comstor, in partnership with CT Link Systems, Inc., will be hosting an educational event for white space companies, Cisco Start!  Learn more about Cisco’s brand new offerings 2017 for their datacenter, networking and security products in an informative seminar from 11:00 AM to 5:00 PM at the Makati Diamond Residences.  Get freebies while learning how you can improve your business efficiency and workforce performance!  Be able to get a chance as well to win our grand raffle prize, a Sony PS4!  For inquiries on how to register, please call us at 893 -9515.

 

Cisco Meraki Hits 1 Million network Milestone!

Cisco Meraki Hits 1 Million network Milestone!

On May 23, 2017, about 10 years since the first shipped Meraki product, the Meraki network community reached a milestone of 1 million networks!

This comes as no surprise as more and more industries demand that their IT is able do more with less which may include tasks such as:

  • Supporting corporate devices and any preferred user devices
  • Transitioning to wireless offices and the ability to support remote working
  • Enabling massive device expansion and constant digital collaboration
  • Ensuring zero downtime and constant change
  • And most importantly, Mission Focused Technology, technology which drives the main function of industries such as education in schools and patient care in healthcare.

With so many tasks to deliver, IT teams will need to have simple infrastructures which will allow them to be nimble while being able to adapt with the business.  It was at this time Cisco started shipping simpler IT, managed via the cloud, through the Meraki Mini which was well received within the IT community.  IT teams were grossly overloaded and spread thin worldwide under the load of legacy systems with clunky interfaces so the then emerging cloud option given was a helpful option to help solve these issues.  A far cry from today, cloud services have become an integral part of our daily and corporate lives, even more so as the confidence is growing in the dependability and security of the cloud.

Meraki Mini (2006)                                               Meraki MV (2017)

We are happy to say that we partnered with one of the pioneers of cloud-native IT and will continue to support them the best way we can so that our customers will be able to enjoy all the benefits!  To learn more about their products, please see our Cisco product page here.