Engineer Net security

The Fortigate100D firewall & MPLS networks

Fortigate100DI find it profitable to sit around the development teams. Someone always says “hey Tref come and see this”. On this occasion it was a couple of Fortigate100D firewalls.

Now the cynics amongst you will say so what? A firewall? What’s so interesting about that? I realise that there can be few readers of this blog of that disposition and those that are have probably only stumbled upon it by accident, never to return.

I also realise that it’s not quite the same as saying “hey Tref come and see this Cisco CRS-3 322 Tbps router”. Well we don’t have such a beast at Timico, yet (although it is is surely just a question of time before we need routers of that capacity, Cisco or otherwise). It’s unlikely that the Cisco CRS-3 would have been lying around the lab anyway as it takes up three racks and no doubt a DC hall full of power.

In fact the FortiGate100D is not a particularly high spec firewall at least compared with what you can get. It is however more than adequate for the job it is lined up for which is a network refresh of one of our customer’s MPLS implementations.

It is in the lab being set up and tested prior to roll-out sometime over the next few weeks.  These things don’t want rushing, they want careful planning. That’s probably the single biggest difference between us as an ISP now and when we first started off with just a few hundred ADSL customer and a few Ethernet connections. Planning and project management is a far bigger proportion of the network engineering job now that the straight setting up of the noughts and ones. It’s a discipline that leads to fewer tears later on and I’m all for cutting down on the time spent weeping by engineers.

These particular firewalls are destined for separate London locations on our core network. Once in they won’t see the light of day for a few more years. TTFN.

PS thanks to that fine person Gareth Bryan for this snippet.

Business datacentre security

It’s all about Security, Security, Security

I enjoy this business so much because of the wonderful diversity it provides me in terms of issues, problems and successes. The latest is the fact that the firewall at our corporate headquarters has been the subject of a number of attacks by some unfriendly person.

These attempts to break into corporate networks happen millions of times daily around the world, which is why businesses need to be on top of their security strategy. What interested me here was the fact that this was the same attack coming from a number of different places around the world.

The sources were in China, the USA, Poland, Australia and a couple of other countries whose names escape me. The same common username and password combinations were used each time from each different source (lesson here – never use “admin” and “password”) .

Of course the same individual or organisation is almost certainly involved in all of them. That person will have systematically hacked into a certain type of server whose operating system and security patches has not been kept up to date. It is likely a company server hosted at a datacentre somewhere.

Our course of action, if the attack persists, is to look up the owner of the IP address from which the attack is coming and ring the business up to let them know they have a problem. In the case of the Chinese source we send them an email – only because they will almost certainly be in bed. 🙂 Usually this sorts the problem out and indeed the recent spate of attempted break ins has abated. No doubt there will be more.

We know what to do in these cases but it is a lot to ask of a business that is not and ISP or doesn’t have a highly skilled IT department, which is why it very often makes sense to outsource your security management.