Skip to main content

Posts

Showing posts from 2011

New blog location

I am putting this blog to rest.  I will be writing about upcoming ideas, research, and industry happenings on my new work blog located here : http://blogs.gartner.com/jonah-kowall

Of course you can always find more relaxed, less structed Jonah on twitter at http://twitter.com/jkowall

Look forward to having you all follow me over to my new location, and hopefully you will enjoy my writing and insight.

Off to a new adventure

I am just starting a new position with Gartner as a research director in the IT Operations space : http://www.gartner.com/it/products/research/asset_129494_2395.jsp

I am very excited to be making this career change, and I believe I will be able to contribute heavily to the content and direction of the areas that I have a true passion for.

I will be moving my blog to a Gartner blog in the coming month, and writing there instead.  I will post a link to my new blog here once its online.  Please be patient as I move over to the new systems, and get acclimated with my new position.

Patching and updating for home and corporate

We all are well aware of the Microsoft patches and windows update.  Same goes for those of us who use itunes and iOS devices, we know Apple Software Update.  Some of us may even patch our Adobe products, which we should since they have been the largest attack vector (http://goo.gl/bOQ3D) for the past 2 years hands down.  This is just at home.... How do you expect the security experts to keep on top of all of these patches in a corporate environment.  The number of patches for Oracle alone is daunting to understand and analyze.

There are ways to do this, you can use some clever software which I will outline below, or you can read ~25 RSS feeds and analyze vendor security bulletins.  I do enjoy doing some of this, but I don't have time to keep on top of all the releases.  Here is some software for home and corporate use to help manage this.

Corporate Patch Management:

Microsoft WSUS and SCCM - This is free and a no brainer for patching your desktops in a corporate environment.  If y…

Antivirus and Antispyware for the Home and Corporate user

Since endpoint protection is of growing importance in the security industry, you will see some major technical advanced this year.  I expect this to be one of the hot buttons for acquisition as technologies such as whitelisting and more connected heuristics create a more advanced software landscape.

Since I have quite a bit of experiance and I do keep on top of the industry I believe that I should outline some of the tools I recommend in both cases.

One side note, I do not use MacOS so I cannot recommend any software for Macs.  If Apple can apply some of the success they have had with iOS to OSX then I may have to spend more time thinking about them on the PC front.

Corporate AV/Antispyware:

Mcafee - Does a good job with a suite, but ePO is still a bloated tool which is hard to manage effectively without creating gaps.Symantec - I don't recommend the products for endpoint protection, in my experience I see too many missed viruses with the product.Trend Micro - Does a good job at …

Time to move on, and time to learn

Sorry its been a while since I have posted last.  I decided to move on from my previous position.  I learned at a lot there, but it was getting somewhat slow the last 6 months.  My skills are better used for more complex problems that the IT world is facing.  I have had some pretty interesting discussions and interviews in the last week.  I was hoping to enjoy my unemployment a little bit more.... maybe after my offer is signed.

Some non-technical notes, since I have a diverse set of skills I find my resume geared towards one type of career path and not another.  This limited my opportunities to "get in the door" for some positions I think I would be well suited for.  I have started by making some more detailed and targeted versions of my resume which are geared towards some of the other fields that I have experience in.

I wish there was a better way to manage and express all of your skills without having a 15 page resume, or 4 versions that are mostly the same.  If anyone …

Sonicwall 5.8 New Features

I'm very impressed by all the new features that Sonicwall has added to v5.8.  I spoke to Jock Breitwieser and Eric Crutchlow who gave us a nice overview of some of the features.  I wanted to make sure I didn't miss anything as there were quite a few changes.  There are even more NG (Next Generation) Firewall features coming this year in v6.0.  Sonicwall has been a great vendor for us, I am very happy we moved to their platforms.
Here is some of the new features (screenshots) with some explanation above the screen capture.

Before you can turn on the netflow sender (and built in netflow collector) you need to consider the impact this will have on your firewall.  You should keep an eye on your CPU and ensure you aren't running above 50%, or you will probably have CPU contention issues.  You also need to be aware that the memory usage of the netflow database and visualization will reduce your peek connections.  This model is a NSA 3500 (http://www.sonicwall.com/us/products/NSA_…