VMware Carbon Black Cloud – Next Generation Security

VMware Carbon Black Cloud

This interesting company Carbon Black, a VMware acquisition Oct, 08, 2019 , then lead me to watch the live demo’s / presentation at VMworld 2019. This product, possibly a game changer (opinions are my own) in the security space of VMware.

With my background in VMware vSphere, Qualys, McAfee, Trend Micro, Symantec and Ethical Hacking, this product jumps out to me. I started looking in more detail at what this new integration could do.

Image from “VMWCB-VMware-Carbon-Black-Cloud-1.pdf”

Could these features, now built in to / plugin for vCenter replace many other security products?

Components

  • Next-Generation Antivirus and EDR
  • Managed Alert Monitoring
  • Real-time device assessment
  • Inbuilt and Proactive Threat intelligence

Benefits

  • One Console – Provides One Platform for your Security
  • One Agent – Reduce the endpoint security agents required
  • Reduce CPU usage

For more information or a demo, visit the Carbon Black site.

Secure Connectivity to Azure


05.03.2020 – Stephen Hackers, attended the North East Azure User Group – 14th Meetup. Hosted by Frank Recruitment Group.

The core presentation was on Secure Connectivity to Azure by Matthew Bradley Chief Engineer (Azure) at ClearCloud

The session covered:

VPN Offerings, Service Endpoints, VNet Peering and Private Link

The presentation was focused on educating and sharing experiences in securing connectivity into Azure.

A key point : Security to Azure is required and it doesn’t need to come at a great expense to the business. Build it in to your solution from day 1.

Presentation Notes

VPN offerings:

  • Basic options start at £20 a month roughly (06.03.2020)
  • Bandwith is the key difference between levels
  • Number of S2S tunnels is mostly limited to 30 except basic is 10.

Service Endpoints:

  • No additional cost for VNet Service Endpoints
  • VNet ACLs are not supported across AD tenants
  • Service Endpoints add a system route which takes precedence over other routes

VNet Peering:

  • Traffic between resources is private/isolated. Not encrypted
  • Network address space must not overlap
  • VNet peering doesn’t impose bandwiths

Private Link

  • Connect to Azure without a public IP address
  • Private end points mapped to an instance of PaaS (in Preview)
  • Private Link works a bit like NAT, Private Link endpoint is given a private IP in the VNet of the source
  • IP ranges can overlap

Summary

Small event, around 45 technical Azure focused people attended. Keeping the event simple with one good presentation. There are a great community bunch attending this up and coming North East Azure User Group. Thanks to Frank Recruitment Group for hosting the event and essential beer and pizza. Having a recruitment company hosting, minimal sales pitch was a double win. We did discuss careers a little too at the end (in the optional pub near by).

Looking forward to the next event. For anyone wishing to attend https://www.meetup.com/North-East-Azure-User-Group/

Security, LinkedIn, Enable Two-Step Verification and FaceID

#Security  #LinkedIn turn on #2FA its really straight forward and I would suggest it’s a “must” to protect yourself/ LinkedIn account. Rather than recreate the wheel, I found this useful link where someone had done the hard work of explaining the how to enable 2FA. The setup / enable process should take less than 1-2minutes to complete. https://www.howtogeek.com/448273/how-to-turn-on-two-factor-authentication-for-linkedin/amp/

Example shown below where the options are set:

  1. Two-Step verification option to enable


If your concerned about loosing your phone, enable additional security for the FaceID when opening the LinkedIn app. If FaceID is already setup on the phone, just enable it in settings.

  1. App Lock using FaceID option to enable



#cyberattack
#cybercrime
#infosec
#cybersecurity
#informationsecurity
#cloudsecurity
#datasecurity
#mfa

Office 365, Legacy Applications and MFA

Some legacy applications don’t support MFA. This is a solution to enable the apps to continue to function when MFA is enabled for a user in Office365.

How to create a “Additional Security Verification App Passwords”

Browse to https://portal.office.com/account/

Click “Security & Privacy” then click “Manage Security and Privacy”

Expand / Click on “Additional Security Verification”

Click “Create and manage app passwords”

Click “Create”

Enter a Name , example “Diary Sync” and click “Next”

Click “copy password to clipboard” (YOU NEED THIS PASSWORD)

(password above example only)

Some might get this error. Copy the password. (short cut to copy > Ctrl +A, then Ctrl + C)

(password above example only)

Click “Close”

You now have an application password which you can use with your legacy application without MFA causing any integration problems

Office 365 – Security (Part 1)

Have you setup MS Office 365? Did you start with security in mind?

Have you reviewed your Security and privacy settings? Nothing is configured out of the box. When implementing o365, start treating the platform as if you were securing your On-Prem infrastructure.

Start with the basics:

  • Password Policies
  • Privacy Statements

Can you add additional security to users?

Have you enabled and enrolled users to use MFA? Is it Enfored MFA?

Has access been restricted?

https://docs.microsoft.com/en-us/sharepoint/control-access-based-on-network-location

Mobile Device Management, are you applying any controls to apps accessing OneDrive?

Has logging been enabled for the Office 365 Security and Compliance reports and stats

Phishing Email – TV Licensing – Don’t be a victim

Watch out for the latest Phishing Email Scams. They are getting ever more convincing. This TV Licensing email just came through.

Sent from “Trusted Sender”

No spelling or grammar issues

Always, catching your eye.

EEEeee I’ve not paid a bill.

Sign up now.

ALWAYS ALWAYS hover over the links to view the correct URL address.

Nobody takes payments via clear txt “HTTP”

TV license dont use “soul-rebel.de” A german .de site collecting my TV license these days. Oh reall

DON’T user phone numbers in Phishing emails for verification of a legit email.

Question everything.

Secured By miniOrange