This is a quick update on what I am doing at GetMorePC are doing with network security to help keep our managed networks safe. I have recently rolled out some new network hardware that I am using to better protect the networks that I work with. With the network hardware that I am using, I’m starting to do some really interesting things as far as intrusion prevention and geo ip blocking.
With the intrusion prevention system that I have, I am now monitoring individual nodes on a network and making sure that there is no funny business going on. Making sure that there are no devices on the network that are communicating out with any known malware servers. Make sure that there is no executable code that is being downloaded and ran on any of the devices.
I’ve always been doing this on my computers, but with the new hardware I’ve got, we’re rolling it out and doing it on mobile devices as well. I can tell what your employees are doing on the network because they are on your network.
Maybe you have a little sinking sensation that people are wasting time. Maybe you have a sinking sensation that people are spending a lot of time on Facebook and a lot of time on Youtube. You just want to make sure that they’re not doing that. Well, we can block it.
I can also tell you who is doing what by device. I can tell you that people who are on different devices, how much time they are spending there a day, where the majority of their traffic is. Are they making money for the company? Or are they just wasting time?
That is some of the intrusion prevention that we are doing. I’m watching to see any kind of funny business. If anything that comes in that we don’t like, we can block them.
I also just rolled out geocaching. I saw one of my servers had communicated with Russia. And so I’m a little scared about any sort of botnets or Russian attack. I keep all of my devices up to date. I make sure that everybody is patched and everything is all good.
I don’t even want there to be communication. If somebody needs to communicate with Russia, they can let me know. Oh, this .ru site doesn’t work, so can you turn off the blocking? Sure I would turn it off in 2 seconds. But for the most part, I can’t see why that would need to be done.
What we can do now is we can block ip address from specific networks that are in countries that I don’t really want to try to do all the heavy lifting for. The ones I am blocking are the traditional axis of evil. I am blocking the Russian Federation, Iran, Islamic Republic of Iran, Democratic Republic of North Korea, and China. These are four countries that have been known to have bad actors that are trying to get at US networks now. I am better protecting my networks for my clients by blocking any traffic in and out of those networks.
If this sounds like something that you might be interested in doing, which you probably should. I’m looking at you Federal Election Commision. For the small businesses out there that don’t have a team of IT people on staff, to know that you’ve got somebody watching your back. That’s pretty valuable. Check out GetMorePC, give us a call. Let’s getting crackin’ on protecting your network. This is a problem that needs to be solved.
Leave a Reply