High Availability Firewall

High Availability Firewall Fail-over cluster Firewall

High availability (HA) is a configuration in which two firewalls are placed in a group and their configuration is synchronized to prevent a single point to failure on your network. A heartbeat connection between the firewall peers ensures seamless fail-over in the event that a peer goes down. Setting up the firewalls in HP pairs provides redundancy and allows you to ensure business continuity.

Please contact us for firewalls that support stateful active/passive or active/active high availability with session and configuration synchronization.

Free and Open Source Network UTM Firewalls

Free and Open Source Network UTM  Firewalls

Endian deliver an open source UTM firewall which consists of stateful packet inspection, application layer proxy for protocols including HTTP, FTP, POP3, SMTP. The UTM firewall also supports anti-spam security, web content filtering and VPN functionality based on OpenSource VPN.

 Moonwall provide a firewall based on FreeBSD and a combination of other software utilities.

pfSense is a free open source firewall and router.

Shorewall firewall is a tool designed to configure Netfilter.

Smoothwall Express is an open source firewall based on a hardened GNU/Linux OS.

Sophos firewalls (formally Astaro) are offered in appliance, software and virtual based platforms. Sophos is a well regarded security vendor and provides complete UTM functionality within their Astaro range of firewall devices. Sophos offer a free version of their firewall where you can deploy the basic firewall in your environment for free. Modules can then be purchased if other features are required such as content filtering and VPN.

StillSecure deliver a software based firewall solution known as Cobia. Cobia can be installed on VMware as well. Cobia includes the ability to perform Routing, DHCP, DNS, Wireless, Firewall, VPN, Content Filtering, Reporting and more. Cobia can use modules provided by StillSecure or other third party organisations and developers. Cobia software comes as a public community license and a commercial use license. Via the StillSecure Community License, users can freely download and modify the source code.

Vyatta Core is an open source firewall offering IPv4 and IPv6 routing, intrusion prevention , stateful firewalling, IPSec and SSL OpenVPN and more.

Zeroshell is a Linux based firewall. The firewall has some good functionality such as the ability to load balance internet connections, integrate with LDAP, captive portal for web login authentication and more.

Zorp is an application layer firewall based on the Python scripting language.

Firewall Management Software Solutions Vendor List

AlgoSec deliver Firewall Analyzer which provides firewall policy auditing, policy cleanup, risk analysis, change monitoring and more. Algosec supports all the major firewall vendors. Algosec also offer AlgoSec FireFlow which is a change management solution.

Athena Security have a solution known as FirePAC that can clean up firewall policies, provide auditing and optimisation. Athena Security also offer a free tool called Firewall Browser which can help you find rules based on certain network criteria and supports Cisco, Checkpoint and Netscreen firewalls.

Secure Passage is a specialist in managing firewalls and offer a solution called Firemon. Firemon will give you visibility to unused rules and which rules are used and the frequency they are used. Firemon supports a large range of firewalls such as Cisco Checkpoint and others. Firemon also supports routers and load balancers. The solution will help you keep in control of your firewall policies, provide PCI DSS assistance, policy cleanup and provides other advantages as well.

 Skybox Security is a firewall management device that helps controlling firewall risks and provides visibility of network topology and firewall device configuration.
Tufin SecureTrak delivers firewall management, auditing and change control and automation.

WatchGuard Firewall

Watchguard Firewall

WatchGuard Next-Generation Firewall

Watch guard best in-class security

 

WatchGuard’s Solutions

Our unique approach to network security focuses on bringing best-in-class, enterprise-grade security to any organization, regardless of size or technical expertise. Ideal for SMB, Midsize, and Distributed Enterprise organizations, our network security appliances are designed from the ground-up to focus on ease of deployment, use, and ongoing managing in addition to providing the highest security possible.

Not only does WatchGuard offer the greatest collection of network security services on a single platform, we do so in a way that has proven to be the most agile, able to adapt to new and evolving threat vectors faster than any other solution on the market.

We are a security company and we want the best protection for every customer, every time. As such, we strongly recommend the adoption of our full security suite. When running our Total Security Suite, our Firebox network security appliances offer the strongest security against network threats. However, every Firebox can be purchased as a standalone NGFW appliance as well, however, we never recommend the deployment of an NGFW without other security mechanisms in place. The best approach to security is a layered approach.

WatchGuard's Solutions

WatchGuard Firewall Price

Watch Guard Firewall Price
WatchGuard Firewall Firebox T10 with 1-Year Total Security Suite
( For 5 User )
Rs. 43,520/-
WatchGuard Firewall Firebox T30 with 1-Year Total Security Suite
( For 20 User )
Rs. 86,020/-
WatchGuard Firewall Firebox T50 with 1-Year Total Security Suite
( For 35 User )
Rs. 1,36,000/-
WatchGuard Firewall Firebox M200 with 1-Year Total Security Suite
( For 60 User )
Rs. 1,81,220/-
WatchGuard Firewall Firebox M300 with 1-Year Total Security Suite
( For 150 User )
Rs. 2,58,060/-

For more details just call or email us on
Phone:+91 120 649 8887 Email: sales@itmonteur.net

After being fired, this sys-admin used VPN to hack and plant his own software and cause a $1.1 million loss to his employer

Getting a pink slip is a bad news for anybody. Some take it in the stride while others take to Twitter and Facebook to rant about it. Very few are likely to go to an extreme and cause loss to their ex-employer. Brian Johnson, 44, of Baton Rouge, Louisiana, US is one such system admin who didn’t lightly to his employer sacking him and decided to make a big mess of it before being caught and landing in prison for 34 months.

The Register reports that Johnson was working in a paper making factory called Georgia-Pacific for several years. On the fateful Valentine’s Day of 2014, the company decided to fire him. Johnson did not take the company’s decision in the right spirit and decided to get even with it.

Johnson hacked into Georgia-Pacific servers using VPN once his employment was terminated. Once back inside the corporate network, he installed his own software and targeted the paper factory’s Port Hudson branch, which produces paper towels and tissues 24 hours a day. Johnson caused a $1.1 million loss to Georgia-Pacific during his two-week hacking campaign.Johnson’s vendetta was going well but somehow raised eyebrows at Georgia-Pacific who called in FBI to investigate into the matter. After a detailed investigation, FBI raided Johnson’s home exactly thirteen days after he was fired. They seized a laptop in which they found a VPN connection which Johnson used to log into company’s servers. Further investigation of Johnson’s laptop and his broadband router got FBI enough evidence to bust him.

Johnson pleaded guilty to hacking and willful damage charges last year. On Wednesday, a Louisiana district court judge sentenced Johnson 34 months in prison. Johnson was also penalized $1,134,828 for damages to his employer, which he must repay over and above the prison term.

Ramnicu Valcea aka Hackerville, a town in Romania is full of hackers

ow would you react if your town or city is better known for something dark? Well, there is a town in Romania known just for its hackers. It is full of hackers and scammers so much so that it has become world famous as the global centre of cybercrimeRamnicu Valcea which is also known as “Hackerville” rose to prominence because almost half of its population are EBay and Craigslist scammers. Ramnicu Valcea is just three hours drive from the Romanian capital, Bucharest but it seems to get more attention than the capital city.f you thought Ramnicu Valcea was run of the mill town from a Eastern European country, you are wrong! The town is filled with BMWs and Audis and most of the townsfolk seem to be making a killing indulging in some bit of cyber scam.According to a Wired article, “Expensive cars choke the streets of Ramnicu Valcea’s bustling city center—top-of-the-line BMWs, Audis, and Mercedes driven by twenty- and thirtysomething men sporting gold chains and fidgeting at red lights.”Only a few citizens of Ramnicu Valcea are actual hackers though a majority of the town is involved in some sort of cyber scam. They “steal thousands of dollars per transaction from foreign buyers.” Many of the young men who have become rich from hacking spend their money on luxury cars.

Nobody knows how the first cyber crime started in Ramnicu Valcea. Many think that after the 1989 revolution, people had access to sophisticated tools and PCs, which may be the reason for the cyber crime. The cyber crime business grew really fast in 2002 after a mini tech revolution in Romania. Cybercafés offered cheap Internet access, and cyber criminals in Ramnicu Valcea started posting fake ads on eBay and other auction sites like Craigslist to lure victims into remitting payments by wire transfer.

The town then come to the notice of FBI sleuths who started keeping tabs on big cyber criminals from Ramnicu Valcea. However, nothing much has changed in the town, people go on scamming and phishing to make easy dollars while the authorities look the other way.

Security Awareness Training to Explode in Next 10 Years

Security awareness training is the most underspent sector of the cybersecurity market, but it’s poised to become a multi-billion-dollar industry in 2017.That’s according to a report from Cybersecurity Ventures, which also said that the market will top $10 billion by 2027.

According to Steve Morgan, founder and editor-in-chief at Cybersecurity Ventures, Fortune 500 and Global 2000 corporations will consider security awareness training as fundamental to their cyber-defense strategies by 2021, with small businesses following shortly thereafter.Organizations of every size are starting to recognize that inside threats are as significant as outside threats, the research postulates, and users will be a crucial part of any organization’s information security program. So, training those users to recognize the overtures of malicious actors will be critical to hardening the “people layer,” also known as the last line of defense against cyberattacks.Awareness training that combines interactive training in the browser with frequent simulated phishing attacks straight into the user’s email inbox has “proven to be very effective in creating a human firewall, a company’s last line of defense,” said Stu Sjouwerman, CEO of report sponsor KnowBe4. “New-school security awareness training has by far the best ROI of any security layer. Users see phish-prone percentages go from an average of 15 to 20% down to 1% or 2% after a year.”

 

FBI Is on the Hunt for 123 Cyber Criminals

At now, the FBI is trying to bring to justice about 123 people who are accused of various cyber crimes, in hope to put them to trial in the United States.

Unit chief of the International cybercrime coordination cell, Steven Kelly spoke at the RSA Conference, IT News. According to a statement given by him, this number is from a recent fugitive apprehension initiative which seeks to understand who all of these charged individuals in cyber crime cases are across the FBI.

Kelly said, “I think it is a massive number. It’s a lot of people that who are not brought to justice just because they are across the world. They are in a place where we do not have an extradition treaty, and that is a problem.

The FBI unit chief, alongside representatives from European Cybercrime Centre and US Department of Justice, has taken the opportunity to express their concerns about a large number of cybercriminals on the loose. “We’re not going to build a deterrence model for the cybercrime if we can’t get our hands on these people,” Kelly pointed out.

According to him, spending two years making a case, bringing it to a grand jury and getting charges is not going to do much if they can’t actually get the people responsible and other criminals will continue acting just as before, with impunity and from safe havens where the FBI can’t reach them.

New “Fileless Malware” Targets Banks and Organizations Spotted in the Wild….

More than a hundred banks and financial institutions across the world have been infected with a dangerous sophisticated, memory-based malware that’s almost undetectable, researchers warned.
Newly published report by the Russian security firm Kaspersky Lab indicates that hackers are targeting banks, telecommunication companies, and government organizations in 40 countries, including the US, South America, Europe and Africa, with Fileless malware that resides solely in the memory of the compromised computers.

Fileless malware is a piece of nasty software that does not copy any files or folder to the hard drive in order to get executed. Instead, payloads are directly injected into the memory of running processes, and the malware executes in the system’s RAM.

Since the malware runs in the memory, the memory acquisition becomes useless once the system gets rebooted, making it difficult for digital forensic experts to find the traces of the malware.The attack was initially discovered by a bank’s security team after they found a copy of Meterpreter — an in-memory component of Metasploit — inside the physical memory of a Microsoft domain controller.The cyber crooks also used Microsoft’s NETSH networking tool to set up a proxy tunnel for communicating with the command and control (C&C) server and remotely controlling the infected host.

Secure your website From Hacking – Over 700 government websites hacked from 2013 to 2016

NEW DELHI: More than 700 websites of central ministries/departments and of state governments were hacked between 2013 and 2016, Lok Sabha was told on Tuesday.

As per information reported to and tracked by the Computer Emergency Response Team (CERT-IN), which works under the IT ministry, as many as 199 websites of central ministries/departments and state governments were hacked in 2016, compared to 164 in 2015, 155 in 2014 and 189 in 2013. This information was shared with Lok Sabha by minister of state for home Hansraj Gangaram Ahir in a written reply.

Of the 8,348 persons arrested under different provisions of law relating to cyber crime, only 315 were convicted during 2014-15, the government said.
In a recent cyber attack, the website of National Security Guard (NSG), a paramilitary force comprising anti-terror crack commandos, was partially defaced and abusive messages posted on the home page by unknown hackers on January 1. The website was blocked immediately.

Ahir said the government had initiated several policy, legal and technical measures such as audit of the systems and networks, increasing awareness in area of cyber security, sharing threat-related information with stakeholders, issuing advisories on such threats through CERT-IN and National Critical Information Infrastructure Protection Centre (NCIIPC), and capacity development to address the issue of cyber hacking.

Source – Times of india

Firewall Training

Firewall Training & Workshops

Cyberoam Certified Network & Security Professional (CCNSP)

CCNSP is the certification for security professionals from Cyberoam firewall. The only Identity-based security certification available globally the course prepares individuals to recognize insider threats and user-targeted external threats while giving them expertise in networking and security fundamentals in addition to the deployment and configuration of Cyberoam identity-based UTM. The course is comprehensive, yet easy to follow, with real world scenarios, delivering practical value to aspiring security professionals.

 

Prerequisites:
While the course does not have any pre-requisites, security professionals interested in enrolling need to be familiar with networking concepts, including network topologies, networking infrastructure and application protocols:

Operational OS knowledge
Basics of Networking
Knowledge of Protocols
HTTP, HTTPS, IMAP, POP3, SMTP
TCP/IP Protocol Suite
Network Security Fundamentals
Operational Familiarity with Featured Modules
Firewall, VPN, IPS, Anti-virus, Anti-spam, Content Filtering, Bandwidth Management, Multiple Link Management, Reporting

Who Should Attend:
CCNSP has been designed for technical professionals providing support or performing deployment and administration of Cyberoam solutions, including System, Network, and Security Administrators.

CCNSP training is divided into the following modules –

Module 1: Cyberoam Product Overview
• Cyberoam UTM overview
• Cyberoam Central Console Overview
• Cyberoam on-cloud management overview
• Cyberoam iView Overview
Module 2: Deploying Cyberoam
• Prerequisites for deployment
• Network Diagrams & Scenarios
• Deployment Scenarios (Transparent/Gateway/Mixed) Mode
• Failure of Security Device & it’s Consequences
• Proxy Scenarios
• Managing connectivity with multiple ISP’s
• Manage 3G and Wi-Max connections
• Labs
Module 3: Firewall
• What is a Firewall?
• Types of Firewall
• How to Control Access
• Identifying Each Machine on the network
• Managing the Firewall
• NAT
• DoS (Denial of Service)
• Fusion Technology based Unified Control
• Firewall – as a single solution to identity, security, connectivity, productivity, and logging Labs
Module 4: User Authentication
• What is Authentication?
• Requirement to Authenticate
• How can Authentication be done?
• Types of Authentication (Single Sign On, Local, and External)
• Group Authentication
• Traffic Discovery
• Authenticating from Servers (AD, LDAP, or RADIUS)
• Labs
Module 5: Web Filter
• Need for Web Filtering
• Web 2.0 Filtering
• Filtering with Keywords
• Filtering with URL
• Filtering by Categories
• Filtering Web Traffic
• Labs
Module 6: Application Firewall
• Evolution of Application Firewall
• File Filtering
• Application & P2P Filtering
• Instant Messaging Filters
• Custom Filters
• Compliance based filtering
• Labs
Module 7: Network Threat Protection
• Functioning of Anti-Virus & Anti-Spam
• Basics of Virus, Spyware, Malware, Phising, and Pharming.
• Web/Mail/FTP Anti-Virus
• Gateway level Anti-Virus/Anti-Spam
• Instant Messaging Anti-Virus
• Virus Outbreak Detection
• Recurrent Pattern Detection
• RBL (Realtime Black List), IP Reputation
• Understanding of Intrusion
• Signature based detection
• Statistical anomaly based detection
• Stateful protocol analysis detection
• Network Based IPS (NIPS) & Wireless Based IPS (WIPS)
• Network Behaviour Analysis (NBA)
• Host Based IPS (HIPS)
• WAF
• Labs
Module 8: VPN
• What is VPN?
• Why use VPN?
• Advantages of VPN
• Types of VPN based on protocols
• Types of VPN Based on Tunnels
• Need of firewall in VPN
• Threat Free Tunneling
• VPN Bandwidth Management
• VPN Failover
• Identity based authentication in VPN
• Labs
Module 9: QoS
• What is QoS?
• Why QoS?
• Traffic Queuing
• Traffic Prioritisation
• Bandwidth Allocation
• Scheduling, and sharing bandwidth
• Guaranteed bandwidth
• QoS implementation on user, group, firewall, application, web category.
• Labs
Module 10: Network High Availability
• High Availability, LAN Failsafe?
• Clustering of devices
• What is link load balancing?
• Why undertake balancing?
• Link fails scenario
• Why failover?
• Multilink Manager
• Load balancing
• Active – Active load balancing and gateway fail over
• Active – Passive configuration and gateway fail over
• MPLS failover to VPN
• Automatic ISP failover detection
• Labs
Module 11: General Administration
• Setup Logging
• DNS Management
• DHCP Management
• Upgrading Device Firmware
• Backing Up
• Restoring
• Diagnostic Tools
• Troubleshooting Tools

• Labs to provide hands on to deal with maintenance

Module 12: Logging & Reporting
• Cyberoam iView Introduction
• Types of Reports
• Data Management
• Report Management
• Compliance reports
• Searching within reports
• Identity based reporting
Currently Firewall Training & Workshops done only Sundays 10am to 4pm
Cyberoam Firewall Training & Workshops Course duration is 3 months
Course Fees is Rs.36000