In recent years, we were associated mainly with Cisco Systems solutions. After introducing Aruba Networks solutions to HPE offer, Cisco is no longer a lonely leader on the market of enterprise-class networking solutions. In the Gartner report from September 2015, HPE significantly exceeds Cisco in terms of Completness of vision. On Concerns About HP's Purchase of Aruba Networks I wrote in March 2015, however, despite the threats, HPE was able to efficiently complete the merger of the two companies.

If we can offer our clients good solutions at a much better price, why not do it ?!

Source: Magic Quadrant for the Wired and Wireless LAN Access Infrastructure, September 1, 2015

At present, the HPE Aruba Networking offer includes:

• Switches - modular devices and devices with a fixed number of ports addressed to data centers, campus networks, company branches and the small and medium-sized enterprise sector,
• Routers - modular devices with a fixed number of ports as well as virtual and wireless devices for use in branches.
• Access Points and Controllers - The offering covers the full line of Aruba devices.

Continue ...

Evolution of threats

Malware threats have changed radically over the last several years. Viruses, which at the end of the 20th century took the form of pranks displaying funny messages and sound or visual effects, have become a tool in the hands of organized crime groups. Behind today's malware is a thriving black market, where you can choose from offers to sell 0-days, exploits, exploitpacks, backdoors and even ready-made botnets consisting of thousands of hijacked computers. All of this makes it easier for organized crime groups to run large-scale phishing campaigns or infection with TeslaCrypt, CryptoLocker or CryptoWall ransomers.

Approach to protection

Unfortunately, the evolution that has taken place in the field of threats has not yet been accompanied by a change in our mentality in our approach to protection. If you asked a statistical administrator how his approach to securing IT infrastructure has changed in recent years, he would most likely reply that he replaced the floppy MKS with a network, centrally managed antivirus and a simple firewall with a "next generation" device. More aware administrators would boast about taking local administrator rights from their users and using GPO policies enforcing a secure password policy. Continue ...

IPv6 - Opportunity, Necessity or Threat?

A few years ago, counters presenting the diminishing pool of available IPv4 addresses were very popular on the Internet. The closer to zero the value on the numerator approached, the more it aroused interest in the new version of the protocol - IPv6. Producers of network devices, operating systems and Internet providers quickly intensified their activities aimed at preparing them to work in the new reality. Their homework was to a greater or lesser extent done by them. The IPv4 counters have reached zero and… nothing has changed practically. In both home and business applications, hardly anyone thought about IPv6. While IANA distributed the last available pools of IPv4 addresses to regional registries (RIR), it was not a major problem for end users. The regional registers had some reserves of address space for the following years. With time, however, these also began to melt and reach zero. The situation repeated itself, but this time the role of the buffer with the backup address space was taken over by local registers (LIR), which are mainly large Internet providers. This resulted in a tightening of IPv4 address allocation policies at the level of regional registries. For example, the European RIPE has stopped registering new ASs (Autonomous Systems) for clients applying for PI (provider independet) in version 4 addresses. offer their own addresses from the pool assigned to them as LIRs. This state of affairs has continued since 2012. Although this is really the last stage before the actual exhaustion of IPv4 addresses, few people are interested in the implementation and, above all, the proper protection of the infrastructure working on IPv6. Continue ...

In the period from September to November, UpGreat takes part in three IT conventions (Wielkopolskie, Mazowieckie and Śląskie) - cyclical events organized for employees of offices and public institutions. During these meetings, issues related to the adaptation of local government institutions to the requirements of legal regulations concerning, inter alia, computerization, personal data protection or the National Interoperability Framework. The meetings are also attended by UpGreat experts in the field of ICT security, personal data protection, audits and security policies. Our consultants advise IT specialists from public institutions on how to adapt their systems to the requirements of the KRI regulation related to, inter alia, with the implementation of the Information Security Management System. We discuss issues related to the implementation of information security policies as well as risk estimation and analysis. We also answer questions regarding the amended Personal Data Protection Act and the obligations of the Information Security Administrator.
We pay special attention to security audits and penetration tests, which are an indispensable element of security management in any organization.

Televisions, portals and experts warn all of us against various types of cyber threats. The topic is media attractive and often discussed. However, in the sheer volume of information, these warnings are relegated to the background as relating to other people and not ourselves. We assume that, because we are careful, no one will steal our access data and empty our bank account. Anyway, in order to make their offer more attractive, banks offer various types of insurance that provide reimbursement of lost money in the event of unauthorized withdrawals from the account.

However, there are threats not only to individuals but also to larger communities. In recent months, we have dealt with our clients several times with attacks consisting in encrypting data belonging to the enterprise. The criminal undertook to decrypt the data after paying the ransom. In this case, the threat concerned the entire company / organization.

Continue ...

Technology is not everything.

When talking about security and security, we first think of advanced technologies and expensive devices: intruder detection systems, active prevention systems, data protection against leakage, secure authentication, authorization and sharing of resources. In order to feel safe, we spend a lot of money and surround ourselves with barriers, scanners, probes, tokens, fingerprint readers or the iris of the eye. We install systems that scan and filter traffic for viruses, worms, Trojans, attack signatures or other anomalies. To process data from so many systems, we launch new ones, used to log events, correlate them, analyze and warn us about threats. It would seem, therefore, that by doing so much, with so much resources, we have the right to feel confident about the security of our systems and the data processed with them. The reality is unfortunately very brutal. While doing so much, we forgot about the essential thing - the level of safety, just like the strength of a chain, is not determined by the sum of all its links, but by the strength of the weakest of them. The question "what is this link?" will not lead us to an answer. For we should ask not "what" but "who" is.
Continue ...

Sending confidential content by e-mail is a fairly common practice. Unfortunately, not always people exchanging information with each other are able to take advantage of such facilities as encrypted e-mail communication, encryption keys or certificates. If sending confidential data is incidental and is not systematically resolved by the IT department, users often resort to the simplest measures in the form of office suite files protected with a password or compressed with a password-protected program such as winzip or winrar. Such solutions, although they seem safe, are characterized by a high level of risk. For the sake of compatibility, the most popular document formats are saved using low-security algorithms. There is a whole range of tools available to help crack passwords for files in the .doc, .docx, .xls, .xlsx or .zip formats.

So how to deal with a situation when the data we want to send must be quickly and securely delivered to the recipient? Continue ...