Matthew Buck’s Blog – Principal Engineer at RatwareUK

Security has always been an important part of computer networks and even more so now. Viruses and Malware are getting more sneaky. We’ve noticed them residing in vulnerable hosts, infiltrating bona fide websites and infecting users when browsing “legitimate” websites – even with more robust browsers such as Firefox.

Recently, RatwareUK changed our Anti-Virus provider from Sophos to ESET. We’ve been partnered with Sophos for a while and had never been fully satisfied with their network deployment routine from a technical perspective.

The Sophos Management Console appears a little too simplistic and with this simplicity comes a large operating directory and a hungry appetite for RAM – which you wouldn’t expect from a tiny interface. Also, when pushing the Sophos AV clients to network machines, we’d noticed that sometimes it just wouldn’t work and the event-logging mechanism doesn’t provide enough detail to diagnose the fault.

ESET, on the other hand, has proven to be superb, time and time again and even on older networks with multi-OS environments and system architecture. The installation procedure is more time-consuming and more in-depth. But it’s this detail and rigour which leaves the system admin thinking; “This is going to work, and if it doesn’t, I’ll understand enough about the procedures to resolve any errors”.

ESET is also cheaper and it claims excellent results in virus defence – http://www.eset.com/business/why-eset .

RatwareUK are now authorised ESET partners, with a range of experience in network security. If you have any questions and would like some consultancy (no obligation) , please contact us.

Could this new Draytek 2820 VOIP product be a further nail in the coffin for conventional telephony methods? Recently I implemented one of these, and at approximately £400 + VAT (including a couple of IP Phones), I have a fully functional local exchange, providing the usual functions such as; auto attendant, voicemail, hunt groups, call-logging, music-on-hold, conference calling etc. On each of the IP Phones you can set the voice compression method and from the IP-PBX you can swiftly implement upstream QOS, governing the VOIP system. After 2 months of constant use, I’m told that there is “no difference” to the quality of a conventional telephone line and no difference in the features of a conventional local PBX.

The Draytek is serviced by a 10Mbps/700Kbps Internet connection provided by Virgin Media, with a failover WAN2 USB Modem providing Orange 3G. It’s in a server room so it’s powered by an existing UPS, just like your conventional phone system should be.

The SIP provider is Draytel. They provide a host of telephony services. In this case; providing 5 simultaneous SIP Trunks (5 lines) including 2500 UK land line minutes for just £19.99 + VAT per month. That’s a better deal than BT and you aren’t tied to their ridiculous local exchange programme, which prohibits you from taking your phone number when moving your office. When this client moves, they’ll simply ensure broadband is present and then plug their Draytek router in. No reconfiguration, no costs, no downtime – phone and Internet moved simultaneously.

This small router provides support for up to 30 extensions, the next model up provides 100. Are products like this going to signal the death of conventional telephony?

I’ve been speechless for a while, because Dell have outdone themselves with their new thin client – the Optiplex FX160. Basically, thin clients don’t need hard drives. They run a local operating system such as Windows XP Embedded from solid state flash media. This flash media may only be around 2GB in size – just large enough to hold the operating system image. This makes the thin client very fast and very robust.

The 160’s are supplied with an embedded image providing a cut-down XP desktop with immediate support for Remote Desktop Connection, VMWare and Citrix. A quick modification to the image via a deployment server and you’re booting straight into your virtual environment. The units are fast, ultra-small and have a really low carbon footprint. Once more, this new thin client and a strategy of virtualisation takes away the need to “rebuild” systems on failure. There’s less to go wrong and no maintenance required. There’s more consolidation, security and control.

Dell Optiplex FX160 is now RatwareUK’s thin-client deployment of choice and a perfect partner when virtualising a network and desktop streaming. At approximately £270 + VAT per unit, this product is extremely cost-effective.

Dell have launched a brand new product range aimed at the serious professional and entrepreneur. It’s the Dell Latitude Z.

Aimed at professionals and equipped with enhanced mobile capabilities, this is the most exciting development from Dell in the last 12 months – I want one. Customers can view an independent article about the product here – V3.CO.UK

RatwareUK are Dell Premier Partners and we’re authorised to quote cheaper than Dell Online! Please contact us if you would like a price.

OK. I thought I’d stop twittering and do a blog post. I’m going to talk about a gateway solution we recently deployed for a customer – Untangle. I’m impressed. In brief, Untangle is a free, open source gateway solution designed to untangle the complex patch work quilt security solution that many network managers find themselves dealing with after a few years of running an expanding domain.

Installation

It’s essentially an out of the box Linux solution which can be installed on a relatively low specification machine with two network cards, bridging your LAN with the internet. In order to implement it on one of our networks, I took an old PC, jammed some more RAM into it, bought two new network cards and began the install:

The installation took approximately 20 minutes on our machine and required no Linux knowledge at all. If you understand the concept of network bridging, you’ll also fly through the setup wizard which asks you which network card is WAN facing, etc.

Configuration & Usability

Like many security devices that sit on your LAN, I expected that setup would be straightforward but that inevitably I would spend about a week tweaking the settings, ironing out all the false positives and getting Untangle running smoothly. This took me by surprise. I wasn’t – it took about 5 minutes and even better than this it has been running itself for a month!

The interface is graphical and the configuration again requires no Linux knowledge. It works on a drag-and-drop concept, where you can download and drop network devices onto a virtual rack. Some components you have to pay for, but the main and most useful ones are free.  I won’t bore you with the list, you can check it out here – Untangle Overview .

The interface is accessible from either the Untangle computer or via HTTP.  I’ve found it works much quicker via the web interface and obviously you’ve got full control over it from anywhere. I’m finding the Spam Blocker and Web Filter the most useful components, however this is because our requirement for these features is greater than anything else. Logging in today, the spam blocker has scanned 22,286 emails in 24 hours. 21,210 of these were rejected connection, some were quarantined and only 81 were passed through to mailboxes.

Users on the domain have also taken to their new spam quarantine like a duck to water. Each day, they receive an email digest linking to their Untangle quarantine. From there they can control their own whitelist/blacklist and release legitimate email caught up in the system. As Spam Blocker uses Spam-Assassin, Untangle learns automatically as it goes along. The process is so simple, out of approximately 70 users, I’ve had 2 queries on how to use the quarantine.

Conclusion

A very powerful, easily deployable and manageable security solution suitable for any SME network. I’m so impressed I have ditched Sophos Pure Message, providing the network with a better solution, with a saving of over £1,500 per year in subscription costs. It’s so good, I’m even thinking of decommissioning the networks hardware firewall, a Draytek 3300v.

Untangle is free (most of the components) and Untangle provide free updates. It is well worth some time to test it out.

It’s not often I recommend a company! RatwareUK have been dealing with BarTel for some time now through several of our clients and we’ve been extremely impressed with both their level of service and results. BarTel are a well established business, based in Bolton and are one of the only few remaining, independent telecoms companies in the UK.

Because BarTel buy wholesale from BT, they can provide cheaper business call rates, saving companies around 20-30% on their business calls! BarTel also provide:

• Business Broadband standard or guaranteed
• Line Installation copper, ISDN or fibre
• Low Cost Calls
• Telephone Systems

In our experience, it has been far more reliable, cheaper and a better level of service dealing with BarTel compared to BT. For more information:

Contact Chris at BarTel: chris.hinde@barkertelecoms.co.uk / 0800 195 9011.

OK, so this weekend I find myself in the situation whereby I’ve got a POP3 account that I need to check regularly whilst I’m on the move. At RatwareUK we’ve got a BES solution, so I thought about creating a forwarder on the target email server to my principal email address which would push it through MSExchange and via BES to my blackberry. I hate email forwarding though – and it’s probably unwarranted – but I’ve got hangups from dealing with companies whose email aliases are setup on an unfathomable web of forwarders. I guess I’m biased but I try to avoid them at all costs! Using my Blackberry, I wanted to connect directly to my additional POP3 mailbox:

Introducing LogicMail – free, open source – I’m impressed. Implementation took around 2 minutes and I did it directly from their website on my Blackberry. I’ve now got a fast and reliable POP3 client which allows me to relay out through an SMTP server of my choice. The client also integrates with my Blackberry address list and has a host of settings to customise identity etc.

Pull technology will never be as fast or reliable as Push and we all know BES is the best at this. However, LogicMail provides a really good and painless alternative solution. It got me thinking about future blog posts. I think one day I’ll have to do a post detailing BES vs Windows Mobile.

Sec52 provide active network security for companies concerned with the vulnerability of their network, servers or data.

Their standard host assessment consists of a monthly scan of a pre-defined IP/Server or subnet. The scan is performed via an automated and manual assessment of all the ports, services and web scripts that are present. A security report is then available detailing all the vulnerabilities and a suggested remedy to secure them. The security report also indicates statistics and a vulnerability trend from month to month!

For companies that have a strong brand to protect or process sensitive data, Sec52 can really help establish a security culture among developers and prevent successful attacks. For more information, find out the benefits of vulnerability scanning and take a look at Sec52’s superb sample security report .

I’ve been using Ubuntu 8.04 LTS on my personal laptop for sometime, I also have a 9″ Dell Netbook which is running a remix version of Ubuntu. I’m primarily a Windows user, but over the last couple of years I’ve used Linux on and off generally because it looks nice and costs nothing. I’m writing this blog entry because I’ve just upgraded my Dell laptop to Ubuntu 8.10 and I’m astounded.

With Ubuntu 8.10, they’ve made a fantastic operating system. This is coming from a Windows Professional. The upgrade from 8.04 to 8.10 was seamless and instantly the new Ubuntu 8.10 came to life, correcting its own upgrade issues and cleaning up files. It even indicated to me that some icons had changed in the upgrade and where I could find them in 8.10 . Ubuntu 8.10 even includes a fix allowing <h> tags to finally display properly in Firefox. Browsing is now very very smart.

I also noticed that now my WiFi connection LED flashes on and off when it’s transceiving data. This is a smart and useful feature which was never available when my Dell laptop was under the control of Microsoft Windows XP (which apparently it was designed for).

Is it that Ubuntu 8.10 is actually controlling my laptop’s hardware better than Windows? With Ubuntu 8.10 I can use Remote Desktop to communicate with my Windows terminals, connect to my office via a VPN and I can even use Outlook Web Access inside Linux’s Evolution mail client.

Enough said, see for yourself: Download and try Ubuntu on a LIVE CD

I was doing some research for a third party in relation to accounting software, when I came across this gem. It’s called LessAccounting and it’s a web based accounting package for small businesses. They’ve got a neat CSS website and the product looks packed with functionality such as :

Customer Relations Management
Reporting
Invoicing etc..

It supports multiple users and as it’s web based you can securely access it from any machine. Less Accounting also handles all the backups and support. I thought it was worth a mention when I saw it, as it appears to be a niche in a corner market. If you’re a small company who basically just invoice and account, this is definately a cheaper and more efficient alternative to Sage – that’s worth considering.