In one of our past articles we showed how to implement two-factor authentication in a simple (local) script via the StoreFront.
 
 
It looked like this:
 
 

 
 
The user with the JaCarta electronic key connects, the system asks for the smart card and the public key on it, the user enters the PIN code. The card is unlocked, to check the user the service asks to sign a ChallengeResponse certificate, which is stored on the card. After validating the credentials, the user is granted access or denied service.
 
 
Recently we together with colleagues from Citrix and the training center "Zvezdy and S" conducted ...

I did not want to write an article about tuning vpn, because they are without me on the Internet thousands - choose the taste and color.
 
 
I just wanted to recall just a few simple things that cause a lot of misunderstanding and questions. I understand that the article does not pull, but I really want to get through to you, but there are no other ways in RuNet.
 
 

1. VPN client can be installed on almost any access point

 
Even at the old point there is often a possibility to update or deliver the desired package. For example, for my old Zyxel Keenetic Ultra there was an unofficial update ...[/h]

is being built.In large companies, there are people who only deal with the fact that they control the state of information security and wait for the problems to begin. It's not about the guards in front of the monitors, but about the dedicated people (at least one in the shift) in the information security department.     Most of the time the operator of the SOC-center works with SIEMs. SIEM-systems collect data from various sources throughout the network and, together with other solutions, compare events and assess the threat-individually for each user and service, and in general for groups of users and nodes ...

Do we generate a lot of data using information systems every day? Great amount! But do we know all the possibilities for working with such data? Definitely not! In the framework of this article, we will describe what types of data we can load for further operational analysis in Splunk, and also show how to connect the download of Fortinet logs and non-standard log files that need to be divided into fields manually.
 
 

 

 
Splunk can index data from various sources that can store logs locally on one machine with Splunk-indexer, or on a remote device. To collect data from remote machines, they are assigned ...

infrastructure.And again, hello. The cycle "SOC for " continues its movement and development. We have already covered the first layer of the internal kitchen of the monitoring and incident response centers in previous articles, so let's try to go a little deeper into technical details and more subtle problems.  We have already several times indirectly touched on the topic of asset management: and in article about the security control , and in issues of automation and artificial intelligence in SOC . Obviously, without monitoring the infrastructure of the customer, the monitoring center will not ...

This week we fulfilled another long-standing request of our users - added to the list of supported cloud platforms Microsoft Azure! Now you can add to your Azure services and the 3CX business telephony system in a couple of minutes. This will be especially convenient for organizations that already deploy their resources to Azure. Technical specialists will be able to use their experience with Azure, without the need to develop new platforms.
 
 
As you know, 3CX - it's not a classic cloud, and so-called. cloud-ready automatic telephone exchange. The main advantage of this approach is that you do ...

is presented.The company for certification in the field of safety engineering Underwriters Laboratories (UL) presented a new standard for assessing the reliability of data centers - UL 3223. It describes the criteria that will allow owners of data centers to reduce the risk of failures in the work of the enterprise. More details about the standard - we will tell you further.     /photo Christina Xu CC   UL 3223 is directed to to ensure the reliability and security of the data center and contains parameters for assessing key components of the company's IT infrastructure. Developers ...

 
Spot-instances - is essentially the sale of free at the moment resources with an excellent discount. At the same time, the instance can be turned off and taken back at any time. In the article, I will talk about the features and practices of working with this proposal from AWS.
https://github.com/opszero/seespot ). In short, the daemon looks at both /spot /termination-time and, optionally, in the healthcheck url of your service. Once AWS is ready to remove the instance, it is marked as OutOfService in ELB and can optionally perform the final CleanUP task.
 
So, we figured out how to handle the shutdown ...

When implementing ITAM solutions, you often have to deal with different myths. For the project to be successful, it is important to understand the nature of these false representations of the client, remove all open questions, get rid of unnecessary misconceptions or make sure that this is not a myth.
 
 
In the previous article I have considered several questions-myths:
 
 
on the guarantee of up-to-date information on IT assets due to automatic inventory;
 
optional communication with the ITSM-system;
 
on the absence of the influence of IT asset management on the Catalog of Services, etc.
 
 
Today I ...