30 Jul 2013

Adding IP Reputation to increase efficiency and effectiveness of your IPS

If you have read our previous blog post, you know that we are big fans of using IP reputation.  But, you might still be asking yourself, “Why?”  The answer is simple, increased efficiency and effectiveness.  Today, many (probably most) organizations use a Unified Threat Management (UTM) appliance to protect their organizations; however, the same increases apply even if you are using standalone components (i.e. firewall, Intrusion Prevention System (IPS), etc.).

All of these security components (UTM, firewall, IPS, etc.) are sold based on throughput; costs increase as device throughput increases.  Complaints about the cost per throughput are quite common; see these comments on Fortinet and Palo Alto.  Adding IP Reputation can help keep costs down as packets to/from known hostile IP addresses are dropped before they tie up precious CPU resources on UTM, firewall, IPS, etc.

In addition, since packets to/from known hostile IP addresses are dropped before they tie up precious CPU resources of the UTM, firewall, IPS, etc., your security administrators can be more effective, because they are not wasting time sorting through UTM, firewall, IPS, etc. logs cluttered with packets to/from known hostile IP addresses.

If you are interested in adding IP reputation to increase the efficiency and effectiveness of your security initiative, please call (804) 798-4444 Option 2 or email sales@computer-business.com.

Share this
15 Apr 2013

Business, not just technology, is important

This past weekend, I met the owner of an Investment Advisory firm.  While talking to him, he mentioned the brand of VoIP phone system that he had purchased for his company.  I found it very ironic that the owner of an Investment Advisory firm had purchased a phone system from a manufacturer that has yet to show a profit in 14 years of existence.  To top it off, this phone system is based on proprietary technology.  You can imagine the look on his face when I told him about this.

In CBSi’s almost 25 year history, we have resold many technology products.  When we evaluate prospective vendors, we always make sure that they have good technology – reliability, scalability, standards-based, and appear financially solvent.

However, as my story above points out, financial stability (not just technology) is important to our customers.  CBSi goes the extra mile and does research on the financial viability of our prospective vendors.  We invest this time and effort so that our customers buy a product that will be there to service their business for a period of time.

If a slick sales guy lands in your office and tries to sell you something like the phone system mentioned above, please call (804) 798-4444 Option 2 or email sales@computer-business.com. We would love to guide your business to purchase a system that has both great technology and is from a financially stable company.

Share this
26 Mar 2013

disconnecting networks from the “bad parts” of the Internet

For years, CBSi has been connecting enterprise networks to the Internet.  As you likely realize, Internet connectivity is a requirement for almost every business to function today.  Unfortunately, there are a lot of “bad guys” on the Internet trying to do a lot of bad things to enterprise networks.  Just read up on botnetshackers, keyloggers, spyware, Trojansviruses, zombies, etc.

A long time ago, we decided that it was best to start disconnecting enterprise networks from the “bad parts” of the Internet.  Our original approach was to block the most problematic countries.  Our internal list was known as the “dirty dozen” country list.  Maintaining this list became a full-time job.  Often times, we had to call in a geopolitical specialist to determine if a country should be considered hostile.  This approach was not scalable so we started looking for new solutions.

After much research, CBSi decided that partnering with ThreatSTOP was the best approach.  This partnership provides a number of benefits to our joint customers:

  1. We can block “bad” countries with a single mouse click.  For example, if your business doesn’t need to do business with China, we can simply drop all packets from and to China.
  2. We can keep track of the geopolitical posture of all countries.  For example, we can drop all packets from and to all ITAR countries with a single mouse click.  Of course, we can also do this for all OFAC countries, etc.
  3. We maintain a reputation database down to the IP level.  So, our customers can block all traffic from and to hostile sources, such as botnet command-and-control (C&C) servers, as well.
  4. We maintain application-specific reputation databases.  Our customers can block all IP addresses that are seen initiating SIP attacks, etc.
  5. Because our customers are dropping these packets, they can get more performance from their other security devices (firewalls, intrusion prevention systems, etc.) as the devices are not busy processing known hostile traffic.

If you are interested in disconnecting your enterprise networks from the “bad parts” of the Internet, please call (804) 798-4444 Option 2 or email sales@computer-business.com.

Share this
Email us
804-798-4444
Live chat with us

© 2018 CBSi Hosting. All rights reserved.

Click Me