Week 9 - Hardening A Network

There are many ways to harden your network against potential cyber attacks. Hardening a network means protecting it from outside threats. Many companies have been forced to fork out millions of dollars in settlement fees because of not protecting consumer data. These days, almost every electronic device has some sort of WiFi or Bluetooth capability. The Internet of Things (IoT) devices are estimated to reach nearly 75 billion by 2025, and that means people are even at more of a risk for a cyber breach. Protecting your data is more important than ever before. Here are some ways you can harden your network (home or office).

1. Educate employees on how to protect/backup their data. Make sure they complete annual/semi-annual training on network security. Conducting exercises or simulations of cyber attacks or phishing attempts will help employees be more vigilant and aware of suspicious activity. More often the security breach happens from an internal source, so it's vital that employees receive the proper training.

2. Adopt a zero trust culture. Authenticate first/connect second. Traditionally users would connect to the internet first before authenticating. This reverse process is great for protecting the network. It works best against DDoS, man-in-the-middle, and advanced network attacks.

3. Combine on-site and cloud based storage solutions. Having this strategic combination will make it harder for an attacker to access the entire system of files.

4. Use out-of-band remote access controls. Use out-of-band methods where possible for remote access rather than opening up your firewalls to inbound network attacks.

5. Automate configuration management and firmware updates. Leaving platforms prone to configuration mistakes or open to known vulnerabilities can be mitigated by automation.

For more tips on hardening a network, visit https://www.networkcomputing.com/network-security/5-tips-harden-network-security-connected-enterprise

Week 8 - Basics of Virtualization

What is Virtualization? 

Virtualization is the process of creating a virtual version of something, such as an operating system, a server, a storage device or other network resources.

Virtualization describes a technology in which an application, guest operating system or data storage is eliminated from the true underlying hardware or software. A key use of virtualization technology is server virtualization, which uses a software layer called a Hypervisor to act as the underlying hardware. This often includes the CPU's memory, input/output, and network traffic. Hypervisors take the physical resources and separate them so they can be utilized by the virtual environment. They are able to sit on top of an OS or they can be directly installed onto the hardware. The latter is how most enterprises virtualize their systems.

Below are the basic steps of virtualization:

1. Hypervisors detach the physical resources from their physical environments.
2. Resources are taken and divided, as needed, from the physical environment to the various virtual environments.
3. System users work with and perform computations within the virtual environment.
4. Once the virtual environment is running, a user or program can send an instruction that requires extra resources form the physical environment. In response, the hypervisor relays the message to the physical system and stores the changes.

The virtual environment is often referred to as a guest machine or virtual machine (VM). The VM acts like a single data file that can be transferred from one computer to another and opened in both; it is expected to perform the same way on every computer. 

Reference: https://searchservervirtualization.techtarget.com/definition/virtualization

Week 7 - Wireless Internet

Wireless network connections have replaced the traditional wired connection as the more popular form of internet. They are considered faster, cheaper, and more reliable. When it comes to wireless, there are many different configurations to consider and it all depends on how you will be using it. Each type of wireless network connection has a specified range for the wireless signal and certain standards to follow. They are also configured a little differently. The format of a wireless network follows closely to the traditional wired formula, there is just the wireless concept added. 

The chart below explains a WPAN, WLAN, WMAN, and WWAN.

There are a number of things that can cause degradation to your wireless internet. The below graphic provides some helpful information and tips on how to stop your internet from slowing down.

Week 6 - IPv6

IPv6 is the newest Internet Protocol (IP) standard created to replace IPv4, the protocol many Internet services still use today. Every computer, cell phone, and any other device connected to the Internet needs a numerical IP address in order to communicate with other devices. 

IPv4 uses a 32-bit addressing scheme to support billions of devices. Computer engineers realized that eventually there wouldn't be any unique address left, so they created a new standard. In 1998, IPv6, a new protocol that uses 128-bit addressing, was introduced. Instead of the IPv4 address method of four sets of 1 to 3 digit numbers, IPv6 uses eight groups of four hexadecimal digits, separated by colons.

So how do you know if you are using IPv6? You can check out this list to see if your ISP pr device is on it. You can also visit one of many free websites that test your IPv6 connection.

test-IPv6.com is an open-sourced web site dedicated to helping end users identify whether or not their IPv6 is working; and whether specific detectable errors are found. This is meant to be useful both to end users (with reasonably friendly terminology and explanations); as well as useful to help desks.

I decided to check my own IPv6 connection, and here is what I found:

I discovered that my ISP (COMCAST) is in fact using IPv6. I can also see what my IPv4 and IPv6 addresses are on the public Internet. It also says that my readiness score for IPv6 stability and readiness is a 10/10.

Under the Tests Run tab, I see what tests were run to determine my compatibility for when other websites start using IPv6. All of these tests came back "ok."

There is also a "For the Help Desk" tab on the right that has specific information you would need to give to your help desk technician if you were experiencing any issues. This information can help them troubleshoot the problem.

What sources have you found helpful for IPv6? And is your ISP using it yet?

Week 5 - TCP/IP Applications

TCP/IP, or Transmission Control Protocol/Internet Protocol, is a group of communication protocols used to connect network devices on the internet. The entire Internet Protocol set -- a set of rules and procedures -- is commonly referred to as TCP/IP. TCP and IP are the two main protocols. These protocols work between internet applications and the routing/switching fabric.

What do people use their computers for? There are several applications that run on the TCP/IP protocol. Checking email, searching for a website, downloading and saving files... computers are used for many different functions, and it’s the applications that run on TCP/IP that allow people to use these functions and ultimately make your computer useful. Below is a list of common applications and what they are used for. Which ones are you familiar with?

TCP/IP applications from https://microchipdeveloper.com/tcpip:common-tcp-ip-applications