Advertise Here

Support our Sponsors

Saturday, May 24, 2014

Overview of Next Generation Firewalls


An overview of Next Generation Firewalls

Alfonso Barreiro explains the security capabilities that Next-Generation Firewalls are supposed to have and offers some tips on what to consider when researching them. 

Firewalls commonly serve as the boundary between the Internet and an organization's private network. Traditional firewalls offer protection based on controlling specific protocols and ports, and restricting traffic to and from specific IP addresses. These days however, most attacks are web-based, easily passing through http (port 80) and https (port 443) as most firewalls are unable to identify malicious applications or traffic passing through these ports. The trusted firewall must evolve to effectively defend against these threats.

Enter the Next Generation Firewall

The term "Next Generation Firewall" (NGFW for short) is being used to describe devices that go beyond the traditional firewall functions by adding security capabilities such as intrusion prevention. The concept and the market segment is fairly new, it's creation being widely credited to Palo Alto Networks when they introduced the first of these type of devices. Outside of security vendors, the term has been mostly championed by Gartner, using it to identify devices that have the following capabilities:

  • Standard firewall features such as packet filtering, network address translation and VPN capabilities.
  • "Integrated" network intrusion prevention.
  • An "application awareness", capable of identifying applications and applying controls at the application layer (such as allowing Skype calls but blocking it from performing file transfers).
  • The ability to obtain and use "extra firewall" intelligence to improve blocking decisions, such as the use of reputation services or identity services such as Active Directory.

Be aware that just because a vendor uses the term, it doesn't necessarily mean their product will provide this particular set of functions. Vendors keep evolving their products, playing to their respective strengths or adding capabilities to differentiate themselves from the competition.

There is also some confusion with the term UTM (Unified Threat Management, coined by IDC) that also describes a multipurpose security device beyond the traditional firewall. A vendor could offer devices using either term or categorizing them in different segments. The most common segmentation strategy is using UTM to refer to devices aimed at small- to medium-sized organizations and the term NGFW is reserved exclusively for devices aimed at larger enterprises. Since the market and the products keep evolving, it's quite possible that one or both terms will eventually disappear, so perhaps it's more productive to focus on the features and their performance.

 

Things to consider when evaluating NGFW

Regardless of the terminology, these are complex devices and the lack of a standard can make an apple- to-apples comparison of different products very difficult. To determine whether a device with a particular set of capabilities can help you, you must have a thorough understanding of your organization's needs and perform extensive testing:

Architecture: Next generation devices should apply all of their security capabilities on a single inspection, demonstrating true integration of all its components instead of simply bundling different product engines on a single box. A lack of integration could also indicate that there might be trade-offs in security capabilities (it could have reduced IPS detection capabilities for example) in order to compensate inefficiencies or maintain an adequate level of performance.Throughput performance: All the additional capabilities, checks and inspections these devices perform will certainly act as a speed bump to the traffic flow. Make sure that the throughput, once all the security features have been enabled, matches the expectations for your production environment. In your testing also take into consideration that the number and complexity of the policies or rules in the device will also be a factor that can affect its overall performance. Ease of use: A major driver for the adoption of these devices is the promise of reducing the complexity of managing disparate security products. The management interface should reflect this, hopefully being intuitive to use and providing the ability to easily define rules or policies that can be as granular or complex as desired. It's not unusual to find jarring differences in the interface when configuring different capabilities on a device, especially if their integration is lacking.

As with other security products, these new types of firewalls are not silver bullets. Implementing one requires a lot of work in both the initial configuration and its ongoing maintenance. A successful implementation however, could really help in improving your chances against the new generation of network threats.

via Techrepublic.com

Friday, May 16, 2014

How to Clean up the WinSxS Directory and Free Up Disk Space on Windows Server 2008 R2 with New Update

It's finally here! After pages and pages of comments from you requesting the ability to clean up the WinSxS directory and component store on Windows Server 2008 R2, an update is available.

http://support.microsoft.com/kb/2852386

As a refresher, the Windows Server 2008 R2 update is directly related to my previous blog post announcing a similar fix for Windows 7 client

The Windows 7 version of this fix introduced an additional option to the Disk Cleanup wizard that would cleanup previous versions of Windows Update files. KB2852386 adds a Disk Cleanup option on Windows Server 2008 R2, similar to the Windows 7 update. 

What does this mean for Windows Server 2008 R2? After installing this update and prior to being able to perform the cleanup, the Desktop Experience feature must be installed. Why you ask? Disk Cleanup is not installed by default on Windows Server 2008 R2. It is instead a component installed with the Desktop Experience feature. 

Why was the update not included as a DISM switch like Windows Server 2012 R2? 

This was evaluated, however, due to the amount of changes required and the rigorous change approval process, it was not feasible to back port the functionality this way. Knowing that it would be some time before everyone could upgrade to Windows Server 2012 R2 and based on feedback from an internal survey taken of a subset of enterprise customers, it was determined that this update would still be useful in its Disk Cleanup form, even with the Desktop Experience prerequisite. We hope you agree. However, we are aware that for some of you, the Desktop Experience requirement will be a deal breaker, but decided to release it anyway hoping it will help in some instances. 

How can I get the update?

The update is available on Windows Update. It can also be manually downloaded from the Microsoft Update Catalog. The KB article listed above will also direct you to a download link in the Microsoft Download Center.

Let's Cleanup those Old Windows Update Files!

First, let's take a look at our starting point. Looking at my Windows 2008 R2 Server with SP1 installed, according to Windows Explorer, the size of my Windows/WinSxS directory is as follows: 

The size of the WinSxS directory will vary by server. Some of you will have smaller WinSxS directories, some larger.  

Installing the update is just like installing any other update. Just download and double-click on the .msu file: 

Installing the update does not require Desktop Experience to be installed beforehand, but if you check your WinSxS directory again, you'll see there has been no change to the size. This is expected as we need to run Disk Cleanup in order for this to take effect. It also does not require a reboot to install the hotfix. 

But…we can't do anything with what we just installed until we get Disk Cleanup which is installed with the Desktop Experience feature. 

When installing Desktop Experience, it does require additional features. Select the button to Add Required Features and click Next and then Install: 

A reboot is required to finalize the install. 

Click Close and Reboot when prompted. 

After we reboot, a Disk Cleanup option can be found under Start --> All Programs --> Accessories --> System Tools:

On launch, Disk Cleanup prompts for the drive you want to clean up: 

After clicking Ok, a scan is performed: 

Several options are provided for cleanup, including a new option for Windows Update Cleanup:

Just like the Windows 7 cleanup, mileage will vary. Also like Windows 7, the actual cleanup occurs during the next reboot. After the reboot, taking a look at the WinSxS directory, it has shrunk to the following: 

Automation

My super knowledgeable scripting cohort Tom Moser wrote a PowerShell script that automates THE ENTIRE PROCESS. Can I get a cheer? Ok. So maybe it is a bit much to expect IT admins to cheer, but can I get an appreciative grunt?  The script certainly beats the alternative of doing this all manually. 

You can find the script on the TechNet Script Center here: 

http://gallery.technet.microsoft.com/scriptcenter/CleanMgrexeKB2852386-83d7a1ae

What does the script do? 

In short, the script does the following: 

1) Installs Desktop Experience, if not previously installed, and performs a reboot. 

2) Sets the appropriate registry keys to automate the cleanup. The script will cleanup not only previous Windows Update files as well as Service Pack files. 

3) The script then initiates the cleanup. 

4) If Desktop Experience was not previously installed, the script uninstalls it.

5) Performs final reboot. 

For more details, read below.  

The script can be run from any directory on the server. It has two parameters: LogPath and a switch called NoReboot. LogPath will allow the user to specify a log location or if none is specified, by default, the script will create a log in the same directory from which the script was executed. NoReboot allows the user to suppress reboots, but will require manual reboots by an administrator. 

Note: Make sure to check the log file to verify the process completed successfully and to verify there is no manual interaction required. If the script has completed successfully, the log will end with CleanMgr complete.

The script has several phases, using a registry key to keep track of progress. After initial run, it inserts itself as a scheduled task, which runs as local system. The final phase removes the task.

Depending on pending reboots, etc, we have found that this phase may generate a few reboots. Do not be concerned if the server reboots a few times. 

Other Options

Aside from the cleanup mechanism included with this fix, if you have applied SP1 and have not cleaned up afterwards, I'd highly recommend doing so by running the following command from an administrative command prompt:

dism /online /cleanup-image /spsuperseded

or 

If you have installed the Desktop Experience feature and thus have the Disk Cleanup utility, you can select the following option to do the same thing: 

Specifying the /spsuperceded switch or choosing to remove service pack backup files will remove the ability to uninstall the service pack. If you haven't done it before, it is certain to free up some space. 

The Origins of this Update (Hint: Windows Server 2012 R2)

I've mentioned a couple of times that this is a back port. What does that mean? Well, it means that this functionality is already built into a later operating system. In this case, that operating system is Windows Server 2012 R2. Not only do we have several mechanisms to automatically cleanup previous versions of Windows Update files like this update does, we even have the ability to more accurately determine the size of the component store (aka the WinSxS directory). 

The command to accurately determine the size of the component store on Windows Server 2012 R2 is as follows: 

Dism.exe /Online /Cleanup-Image /AnalyzeComponentStore

Running this command analyzes the component store to determine the size and whether cleanup is recommended. Notice in the screen shot that it provides you with the Windows Explorer reported size and the actual size: 

Notice that the component store is much smaller than Windows Server 2008 R2 right out of the gate? This isn't because I've used Features on Demand to remove roles and features. It's because by default in Windows Server 2012 R2, we compress all unused binaries. Another win for Windows Server 2012 R2!

Looking at the breakdown of the 5.12GB. We see that Shared with Windows accounts for 3.83GB of the 5.12GB. Shared with Windows refers to the size of the files that are hardlinked between the WinSxS directory and the Windows location of the file. Because these hardlinks appear to take up space, but don't really, we can subtract them from our component store size. Therefore, the actual size of the component store is the total of Backups and Disabled Features plus Cache and Temporary Data or 1.28GB. 

But back to our cleanup. 

In the above screen shot, it's stated that component store cleanup is recommended. We can manually cleanup the component store on Windows Server 2012 R2 by running the following command:  

Dism.exe /online /Cleanup-Image /StartComponentCleanup 

What does this do? When this runs, Windows cleans up the previous versions of the component that was updated. In other words, it is doing exactly what our update does for Windows Server 2008 R2 SP1. It removes previous versions of the files updated by Windows Updates. 

After running /StartCompomentCleanup, upon analyzing the size again, we see it is as follows: 

So no notable difference really. Largely because we've been running this cleanup all along. This same command is run every 30 days as a scheduled task with a time limit of 1 hour. 

With the scheduled task however, the task will wait at least 30 days after an updated component has been installed before uninstalling the previous versions of the component. This scheduled task can be found in Task Scheduler under the Task Scheduler Library\Microsoft\Windows\Servicing\StartComponentCleanup directory: 

More information on this can be found here:  http://technet.microsoft.com/en-us/library/dn251565.aspx  

If you're in all out spring cleaning mode and want to perform super deep cleanup, you can use the /resetbase command with the /startcomponentcleanup to remove all superseded versions of every component in the component store: 

Dism.exe /online /Cleanup-Image /StartComponentCleanup /ResetBase 

This removes the ability to uninstall any updates applied until this point in time. 

And don't forget the ability to completely remove any role or feature which also reduces the size. Take a look at one of my earlier blogs for more details on Features on Demand:  http://blogs.technet.com/b/askpfeplat/archive/2013/02/24/how-to-reduce-the-size-of-the-winsxs-directory-and-free-up-disk-space-on-windows-server-2012-using-features-on-demand.aspx  

Here's a handy table showing when we introduced the various different cleanup and WinSxS size reductions by operating system: 

Operating SystemCompress Unused WinSxS BinariesCleanup Previous Windows Update FilesAutomatically Clean Up Previous Windows Update Files Cleanup All ComponentsFeatures on Demand
Windows Server 2008 R2With KB2852386
Windows Server 2012 With KB2821895 xxx
Windows Server 2012 R2x xxxx


Download VPNium v1.7 Premium Crack Keygen Patch Free Full Version


Download VPNium v1.7 Premium Crack Keygen Patch Free Full Version
Introduction: VPNium v1.7 Premium
Free Download VPNium v1.7 Premium Full Version Crack– anonymous VPN- client.Manypeople at work is forbidden to use social networks, and so want. Out there – putting yourself VPNium you at work to check my account on any social networks.
Use simply free VPN service.256 – 2048 bit protection, browse anonymously, browse without censorship, browse securely, free of charge. Isn't it awesome?

No registration
This is true. You do not need any kind of registration to use VPNium. This means that you can start using your VPN connection in seconds – just download and start.

Browse Anonymously
Nobody will know your real ip-address. You are behind of our servers.

Hide your location
Servers in different countries are available for you. Connecting to different servers you're changing your location for everybody.

Is it really free?
Really free. Please use the main features without any obligations. It is absolutely enough for usual activity – browsing, mailing, etc. Activate 'boooost' option if you need extra services.

Do I need VPN?
Security, anonymity, no censorship – the main advantages of using VPN service.

Public WiFi Security
You are very vulnerable when you use open hot-spots. Phishing, snooping, hacking – the main threats. Encrypt your connection with VPN to avoid the risks.

Why people use VPNium?
VPNium is the best way to get all benefits of quality VPN connection if you need it from time to time. Just keep VPNium on your computer and use when you need it. No subscriptions, no monthly costs – available at any time.

Uncensored Access
Facebook blocked in your office? Any sites blocked in your country? Use VPN and avoid censorship.

Download Links:



--

Saturday, May 10, 2014

Using Group Policy Editor to Tweak Your PC

We should note right up-front that the Group Policy editor is only available in the Pro versions of Windows – Home or Home Premium users won't have access to it. It's still worth learning about though.

Group Policies are a really powerful way to setup a corporate network with each of the computers locked down so users can't mess them up with unwanted changes, and stop them from running unapproved software, among many other uses.

In the home environment, however, you probably won't want to set password length restrictions or force yourself to change your password. And you probably won't need to lock down your machines to only run specific approved executables.

There are many other things that you can configure though, like disabling Windows features that you don't like, blocking certain applications from running, or creating scripts that run during Logon or Logoff.

Understanding the Interface

clip_image002

The interface is very similar to every other administration tool – the treeview on the left allows you to look for settings in a hierarchical folder structure, there is a list of settings, and a preview panel that gives you more information about the particular setting.

There are two top-level folders to be aware of:

  • Computer Configuration – holds settings that are applied to computers regardless of which user is logging in.
  • User Configuration – holds settings that are applied to user accounts.

Under each of these folders there are a couple of folders that allow you to drill down further into the available settings:

  • Software Settings – this folder is meant for software-related configurations and is blank by default on client Windows.
  • Windows Settings – this folder holds security settings and scripts for logon/logoff and startup/shutdown.
  • Administrative Templates – this folder holds registry-based configurations, which are essentially a quick way to tweak settings on your computer or for your user account. There are a lot of available settings.

Tweaking Security Rules

If you were to double-click on the "Prevent access to the command prompt" item from the screenshot above, you would be presented with a window that looks like this one – in fact, most of the settings under Administrative Templates are going to look similar.

This particular setting would allow you to block access to the command prompt for users on the PC. You can also configure the setting inside the dialog to block batch files as well.

clip_image003

Another option in the same folder allows you to create a setting for "Run only specified Windows applications" – you would configure the setting to Enabled and then provide a list of allowed applications. Everything else would be blocked from running.

clip_image004

In this case, if you were to run an application that isn't on the list, you would get an error message like this one.

clip_image005

It's worth noting that messing with rules like this could lock you out of your PC if you do something wrong, so be careful.

Tweaking UAC Settings for Security

clip_image006

Under the Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options folder, you'll find a bunch of interesting settings to make your computer a bit more secure.

The first option can be found in that folder as the item "User Account Control: Behavior of the elevation prompt for Administrators", and if you choose "Prompt for credentials on the secure desktop", it will force you (or another user) to enter your password anytime you try to run something in administrator mode.

This option makes Windows work more like Linux or Mac, where you are asked to provide your password any time you need to make a change, and since the Secure Desktop doesn't allow any other applications to mess with the dialog, it's a lot more secure.

clip_image007

Other useful options:

  • User Account Control: Only elevate executables that are signed and validated – this option prohibits applications that aren't digitally signed from running as administrator.
  • Recovery console, allow automatic administrative logon – when you need to use the recovery console to perform system tasks, you generally have to provide the administrator password. If you happened to forget that password, this would allow you to get in to reset it more easily. (And since you can easily wipe a Windows password, it isn't really less secure).

One thing that's worth noting is that many of the policies in the list don't actually apply to every Windows version. For example, in the screenshot below, the "Remove My Documents Icon" setting is only available for Windows XP and 2000. Certain other policies will say "At least Windows XP" or something like that, which would mean they will continue to work on all versions.

clip_image008

There are an enormous number of settings in the Group Policy editor, so it is definitely worth spending some time looking through them if you're curious. Most of the settings allow you to disable Windows features that you don't particularly like – very few give you functionality that you didn't have by default.

Setting Up Scripts to Run at Logon, Logoff, Startup, or Shutdown

clip_image009

Yet another example of something you can only do using the Group Policy editor is setting up a logoff or shutdown script to run every time you reboot your PC.

This can be really useful for cleaning up your system or making a quick backup of certain files every time you shut down, and you can use batch files or even PowerShell scripts for either. The only caveat is that these scripts must run silently or they will lock up the logoff process.

There are two different types of scripts that you can run.

  • Startup / Shutdown Scripts – these scripts are found under Computer Configuration -> Windows Settings -> Scripts and will be run under the Local System account, so they can manipulate system files, but won't be running as your user account.
  • Logon / Logoff Scripts – these scripts are found under User Configuration -> Windows Settings -> Scripts and will be run under your user account.

It's worth noting that the logon and logoff scripts won't let you run utilities that require administrator access unless you've got UAC completely disabled.

For today's example, we'll make a logoff script by heading down to User Configuration -> Windows Settings -> Scripts and double-clicking on Logoff.

clip_image010

The Logoff properties window allows you to add multiple logoff scripts to run.

clip_image011

You can also configure PowerShell scripts instead.

clip_image012

The really important thing to note here is that your scripts need to be in a particular folder for them to work properly.

Logon and Logoff Scripts will need to be in the following folders:

  • C:\Windows\System32\GroupPolicy\User\Scripts\Logoff
  • C:\Windows\System32\GroupPolicy\User\Scripts\Logon

While Startup and Shutdown Scripts will need to be in these folders:

  • C:\Windows\System32\GroupPolicy\Machine\Scripts\Shutdown
  • C:\Windows\System32\GroupPolicy\Machine\Scripts\Startup

Once you've configured your logoff script, you can test it out – we setup a simple script that created a text file on the desktop, and then logged off and back on. But you could make it do anything you wanted.

clip_image013

And of course, if you were doing a logon script instead, it could actually launch applications.

One important thing to note is that if your script prompts for user input, Windows will hang during shutdown or logoff for 10 minutes before the script is killed and Windows can reboot. This is something you should definitely keep in mind when designing your script.

Group Policy Doesn't End Here

We just scratched the surface for what Group Policy can really do, and in a corporate domain environment it is one of the most powerful and important tools at your disposal. Since this series isn't about IT users, we won't go into all of the rest, but it's worthwhile to do some research on your own.

[via howtogeek.com]

Friday, May 9, 2014

Download any b/m Telecom Tool/Software


If you want to Download any b/m Telecom Tool/Software. Just Check this link:http://lnkd.in/bG9gYhH All Software Fully Functional (Crack/Patch Available) and it's free :)



Sunday, May 4, 2014

12 Tips For Improving Gmail Search

  1. 1. Find Emails With The Sender's Name

    You can find emails from a particular person using the from: operator. Just add from: in front of the person's name, like from: Hemant, which will return all the emails sent by Hemant.

    from: Hemant

    You can also use the email address in place of the name of the sender. It will display results only from the exact email address (more precise).

    from: mstoic@outlook.com

  2. 2. Finding Email Messages By Size In Gmail

    If you are unfortunately nearing the Gmail account limit of 15 GB, then try deleting some emails with larger size (with big attachments). But doing that can be very difficult if you receive tons of emails. This is where the larger: operator comes into play. Just perform a search in Gmail like larger:30M which will return only the emails that are greater than 30 MB.

    larger: 30M

    Similarly, you can also use smaller to find messages that are smaller than a certain size.

    smaller: 2M

  3. 3. Find An Email That Does Not Have A Particular Word

    If you want to find an email that does not contain a certain word, then try adding the (-) sign before the word that needs to be eliminated. Searching for Google -Search will list all the emails that have the word Google but not the word Search.

  4. 4. Filter Emails By Date

    If you know the date of the email you are looking for, then you can filter out the emails by date using the after and before keywords.

    before: 2014/04/16

    Searching with the above phrase will give you all the emails that were received before April 16, 2014. You can also use both after and before operators together to get the emails between a specified time period, as in the example below.

    after: 2014/04/16 before: 2014/04/24

    Filter Gmail Emails Before After

  5. 5. Searching The Emails Containing The Exact Term

    Adding a plus (+) sign before a string will show the emails containing the exact term. Like searching for +force will give the results that have force in them and not forces or forcing.

  6. 6. Get Only The Emails That Have Attachments

    If you are looking for an email that you remember has an attachment, then try searching for has:attachment to get only the emails with attachments. You can also combine multiple operators together to get more precise results in Gmail.

    from: John has:attachment

  7. 7. Get Emails That Have All The Words You Specify

    By default, Gmail returns all the messages that match any word you search for. If you want to get emails that have all the words in the search box, then wrap them in round brackets ().

    (Google Search)

    The above query will return only the emails that have both Google and Search in them.

  8. 8. Search For An Exact Phrase In Gmail Emails

    If you are looking for an exact phrase in Gmail, then try wrapping the phrase in double quotes("phrase") and search that in Gmail.

    "Schedule an interview"

    The query will give you only the emails that have the exact phrase that you specify.

  9. 9. Search Emails Everywhere

    When you do a search in Gmail, it searches in all the folders except the trash and the spam folder. If you want to include these folders too, then try adding in:anywhere in your search query.

    in:anywhere Searching Everywhere

    Similarly, if you want to search in specific Gmail folders, then use the "in" in your query as stated below.

    1. Search in the Inbox – in:inbox
    2. Search in the trash folder – in:trash
    3. Search in the SPAM folder – in:spam
  10. 10. Get Only The Starred Messages

    If you are looking for a particular message from someone that you know was starred by you, then try adding the is:starred string to your search query.

    from:Hemant is:starred

  11. 11. Use The OR Operator To Get Messages That Match Either Of The Query

    You can use the OR operator to get results that match the query at either side of OR operator.

    from:Steve OR from:John

    The above search query will return all the emails from both the senders – John and Steve.

  12. 12. Finding Emails With The Name Of Attachment

    If you are searching for an email that had an attachment, and you remember the name of the attachment, then you can search like so.

    filename:scienceProject.pdf

    If you just know the format of the file, then try typing the extension only.

    filename:pdf

These were the most useful search operators for Gmail. To see the full list, check out Google's official page on Gmail search operators.

[via mistoc blog]

Get Thousands of Visitors for Your Website

autosurf

Get Free Dot Tk Domain

Earn Money by Just Shortening URL