tag:blogger.com,1999:blog-1220835097862778056.post985419181574874881..comments2024-03-22T00:37:00.815-07:00Comments on Consultant or Amateur?: If You Get Viruses, Fire Your Technician - Or YourselfKarl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-1220835097862778056.post-85405428155639927192016-04-13T12:29:46.338-07:002016-04-13T12:29:46.338-07:00Actually, Anon, that's a great firewall/AV pro...Actually, Anon, that's a great firewall/AV product. Generally speaking, you want to avoid the under-$100 "firewall" products. They are super basic and really only intended for home use. Once you get to $500 or $1000 plus modules for AV, intrusion detection, etc. then you know you have a true business class solution.<br /><br />Very often the difference boils down to three things: Feature set, speed, and memory. All of those mean a good firewall will add security to your network without becoming a huge bottleneck for the business.Karl W. Palachukhttps://www.blogger.com/profile/10854725002875547297noreply@blogger.comtag:blogger.com,1999:blog-1220835097862778056.post-85750987919959854912016-04-13T12:20:15.604-07:002016-04-13T12:20:15.604-07:00What is "a good firewall with antivirus modul...What is "a good firewall with antivirus module installed"? We're using a Juniper SRX240 with AV which is used to scan emails. It doesn't sound like that's exactly what you mean but.. is it?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-1220835097862778056.post-49390529327825808112016-01-25T09:43:59.689-08:002016-01-25T09:43:59.689-08:00I agree with Karl. The last viruses any client had...I agree with Karl. The last viruses any client had was when some employee goofed off opening their personal Gmail or Hotmail and browsed for junk; and this happened to clients who asked us to open security filter (go figure). We use gateway IDS, Content Filtering and OpenDNS filtering so junk can’t even get onto the network. So now employees resort to using their own devices & data plan to download junk but whatever; as long as company systems stay clean.Uli Maui Tech Gurusnoreply@blogger.comtag:blogger.com,1999:blog-1220835097862778056.post-74162883007716912172016-01-18T07:29:23.848-08:002016-01-18T07:29:23.848-08:00I have to say, after 20 years in this business, I&...I have to say, after 20 years in this business, I've never seen one of these magical web sites that can infect a machine that's properly patched and not running as an administrator. I <b>have</b> seen sites that pop up and ask you to click "Yes" to something.<br /><br />Patching can be totally automated on an unlimited number of machines for very little money. Running as a non-administrator is a quick one-time change followed by regular standard operating procedures. So no matter how small your budget it, you can do all of this for less than the cost of cleaning up one computer.Karl W. Palachukhttps://www.blogger.com/profile/10854725002875547297noreply@blogger.comtag:blogger.com,1999:blog-1220835097862778056.post-47134842227048913852016-01-18T07:19:15.488-08:002016-01-18T07:19:15.488-08:00I agree that your steps are good recommendations, ...I agree that your steps are good recommendations, but you are missing a few important details. Users actually get as much as 85% of malware from compromised web sites. Is it really a user's fault if they visit the reader's digest website, and get exposed to an exploit kit running on the front page? <br /><br />Now, if they are up to date on all their patches and have limited admin rights, that will probably be enough to protect them. Probably. It would be even better if they were running a browser without Java or Flash enabled at all, though, or running with click-to-play turned on so flash content doesn't run automatically.<br /><br />I also question the value of anti-virus these days. IT budgets only go so far and spending heavily on AV isn't worth it. It is trivial to crypt malware to bypass it altogether, and any targeted phishing email will do that. Better off investing in technologies to detect intrusions. Reasonable IDS/IPS and a properly configured network can be had for less than most AV and have loads more value.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-1220835097862778056.post-44153373574669264802015-12-05T22:22:29.005-08:002015-12-05T22:22:29.005-08:00Agreed, Josh. But, again, it costs money to be in ...Agreed, Josh. But, again, it costs money to be in business. The cost of being secure vs. paying for cleanup is purely a math (insurance) problem. Some people are better at math.Karl W. Palachukhttps://www.blogger.com/profile/10854725002875547297noreply@blogger.comtag:blogger.com,1999:blog-1220835097862778056.post-50978491159790281262015-12-05T13:16:02.798-08:002015-12-05T13:16:02.798-08:00Almost there with you. Just don't forget that...Almost there with you. Just don't forget that only newer firewalls installed by top-end-competent companies can scan SSLVPN traffic, which is what most traffic is today. Every time someone tells you to pickup a file from Dropbox, Box, iDrive, or any other encrypted file share, if you're not doing DPI scanning on SSL traffic, you are risking disaster. And by the way, almost nobody is doing this sort of DPISSL scanning, because it is hard to setup and costs some real money to get going with!Joshua Libermanhttps://www.blogger.com/profile/08070694607743004462noreply@blogger.com