What is SD WAN Infrastructure?

What is SD WAN Infrastructure?

SD WAN stands for Software Defined Wide Area Network. It is a virtual architecture that allows businesses to combine transport services including MPLS, LTE and broadband internet to securely connect users to applications. Delivered through the cloud SD WAN reduces capital expenditure and simplifies network administration. A centralised control function intelligently directs traffic across the WAN delivering higher performance and a better user experience. The agility inherent in an SD WAN environment makes it a more cost-effective solution reducing ongoing IT operating costs and improving connectivity to branch offices and the cloud.

How does it differ from a traditional WAN?

A typical WAN uses conventional routers that were not designed for the cloud. They typically route all traffic including cloud traffic to a hub or data centre causing a delay that leads to poor application performance. Traditional WAN solutions use MPLS to assign preference and timelines for delivery of traffic and they usually leverage internet-based backup as a secondary transport should the designated path be unavailable. A traditional WAN may hinder growth and agility needs. For example failover is dependent on the state of the link which may be up or down and this can lead to outages and dropped video or phone calls. Configuration is distributed across each individual router making changes difficult to manage. New sites can take a long time to set up due to the complexities of the network.

How does an SD WAN work?

An SD WAN is designed to securely support applications in the cloud, on premise and SaaS services whilst delivering a high level of performance. An SD WAN delivers application aware routing across the WAN that is managed and administered from a centralised point. With single pane of glass management, policies can be set and maintained centrally and then pushed out across each SD WAN node. This hands off configuration makes it much quicker and easier to administer. Once the policy is set links are intelligently monitored and traffic is routed accordingly.

Why would you need an SD WAN?

Nowadays enterprises are using cloud and SaaS applications more frequently. A traditional WAN does not support a cloud first model as all traffic, including that destined for the cloud, is diverted from branches to the HQ resulting in lagging and poor performance. Traditional WANs are no longer meeting the needs of today’s modern digital business, that coupled with easier administration and lower capital expenditure makes SD WAN a more attractive solution. IT teams can quickly and easily define rules to prioritise the most important network traffic, such as voice and critical applications. SD Wan also allows new sites to be added to the network very easily.

The Benefits of SD WAN

  • Lower Networking Capital Expenditure
  • Improved Application Performance
  • Enhanced Agility and Responsiveness
  • Advanced Control
  • Robust Security

What business is suited to SD WAN

SD WAN adoption is seeing significant growth across sectors and company size. Any business accessing cloud services would benefit but especially those with distributed locations, individuals and devices. Financial Services, Retail and Education sectors are seeing an uptake in SD WAN deployments as they increasingly need cloud services to function. Other needs such as secure networks to process sensitive financial information, fast and reliable access to databases to service customers, the ability to prioritise traffic and applications, lower costs and higher bandwidth makes SD WAN an attractive solution.

Fortinet Secure SD-WAN delivers true Security-Driven Networking

Our partner Fortinet have been named a leader in the 2020 Gartner Magic Quadrant for SD WAN Infrastructure. FortiGate SD-WAN tackles the most difficult challenges of secure SD-WAN deployment and was the only Next-Generation Firewall (NGFW) security vendor to receive a “Recommended” rating in NSS Labs’ first-ever software-defined wide area networking report.

We bring Fortinet SD WAN solutions to businesses across Ireland. Learn more about Fortinet SD WAN solution.

Contact an Infrastructure Expert

To request a call from an expert on SD WAN send us an email.
Improve Security for Home Workers with Multi Factor Authentication

Improve Security for Home Workers with Multi Factor Authentication

Multi Factor Authentication (MFA) also known as Two factor Authentication (2FA) is one of the key measures to protecting home or remote workers from cyber attack. Many businesses were ill prepared for the sudden move of significant portions of their staff to a remote working environment. Their infrastructure was not designed to support remote staff. In the rush to move people to home working cybersecurity tended to get overlooked.

What is MFA?

Multi factor Authentication is a security system that requires a user to identify their identity using multiple credentials. It requires a user to provide 2 or more verification factors to gain access to a resource like an application, VPN or an online account. Rather than just providing a username and password MFA requires the input of one or several additional pieces of information – often a numeric code sent by SMS or/and a fingerprint scan – to enable access.

M

Why is MFA Advisable?

Passwords can be fraudulently attained, MFA increases security in the event that a hacker gets hold of a username and password rendering their attempts ineffective. This significantly reduces the likelihood of a cyber criminal gaining access.

How Does MFA Work?

With MFA a user is required to enter additional information to confirm their identity. This additional piece of information (factor) is unique to them and known only by them. If a criminal attempts to gain access to an account using a stolen username and password they will be denied entry without this additional piece of information.

Types of Authentication

The most common MFA factor used is a One Time Password (OTP) which is a 4 to 8 digit code usually received by SMS or email or generated by a smartphone app. A new code is generated periodically or each time a request for authentication is submitted. Other factors include biometrics like fingerprint or voice recognition or something you possess like an access badge or fob or a piece of information such as an answer to previously submitted security questions.

MFA during COVID 19

With the increase in use of cloud technology and workers accessing accounts remotely MFA is more important now than ever. Additional security is needed to ensure that hackers are not able to access systems. MFA can help prevent bad actors gaining access by prompting for additional authentication factors that are difficult for imitators to produce. This in turn significantly reduces the frequency of unlawful access.

MFA for Microsoft 365

Many cloud operating systems such as AWS and M365 have their own MFA offerings. However it is critical that MFA is deployed correctly and this requires expertise. If your business for example has more granular sign-in security needs, conditional access policies give more control. Risk base conditional access can also be configured. To be sure that MFA works as best it can for your business it is best to consult with an IT Services company. Their experts will ensure that all the features available to you are utilised and mapped to your business’s operational needs. They will also advise if additional measures should be taken.

Get in touch with us and we can ensure that MFA is switched on and properly configured for your business. Learn more about HCS IT Security services.

HCS awarded SME Security Partner of the Year

HCS awarded SME Security Partner of the Year

We were delighted to receive the SME PARTNER OF THE YEAR AWARD for Security from Exertis Ireland and Fortinet Ireland. It has been a challenging year in many ways and to have the hard work of the HSC team recognised by our partners is much appreciated. We have worked closely with Exertis and Fortinet on several Security projects this year. We look forward to more in 2021 and to hopefully celebrating our joint success together in person.

Thanks again to all the team at HCS, EXERTIS and FORTINET. Below is Dan Hegarty, Director accepting the award.

Webinar: Fortinet Security Fabric Managing Risk and Reducing Complexity

Webinar: Fortinet Security Fabric Managing Risk and Reducing Complexity

Organisations are rapidly adopting digital innovation (DI) initiatives which often involve moving applications and workflows to the cloud, deploying Internet-of-Things (IoT) devices on the corporate network, and expanding the organisation’s footprint to new branch locations. More recently the move to a remote and distributed workforce has meant some organisations have had to rapidly adapt their infrastructure.

With an evolving infrastructure  comes security risks. Organisations must cope with growing attack surfaces, advanced threats, increased infrastructure complexity, and an expanding regulatory landscape.

On Wednesday Nov 18th at 12pm we will be hosting a webinar with our partner Fortinet who are the world’s leading IT provider of Enterprise Security Solutions. In this webinar we will explore how The Fortinet Security Fabric enables desired DI outcomes while effectively managing risks and minimising complexities.

Last few places available. Book a seat here https://buff.ly/3pjteeg

Fortinet Security Solutions

HCS in the Business Post: Making Security a Priority

HCS in the Business Post: Making Security a Priority

Dan Hegarty, HCS Director was interviewed by The Business Post on why businesses must make security a matter of undivided attention. Dan explains how HCS, as Ireland’s leading Select Partner for Fortinet, delivers not only world class security solutions but the expertise to build on every deployment to make the most of the right technologies for different situations.

In his article Dan suggests that for organisations looking to respond to evolving challenges effectively, there can be a financial barrier to invest in professionals with security skillsets. Managed services can offer an alternative route to achieving comprehensive security, compared with the need to invest in individuals.

“Covid-19 has seen businesses face a steep learning curve to secure productivity and that extends to providingscalability for growth in an unusual time. Providers like HCS are well-positioned in the industry to address these evolving needs.”

To read Dan’s article click here. 

Learn more about our Security Solutions and Services and Contact Us to speak to one of our team.

 

5 easy steps to secure your remote workforce against costly cyber attacks

5 easy steps to secure your remote workforce against costly cyber attacks

With tens of thousands globally working from home and likely to for the foreseeable future IT Security is more important than ever. The FBI have reported a staggering 400% increase in reports to their cyber division since the pandemic began. Cyber criminals use a variety of methods to gain trust and entry into inadequately protected networks. Hackers frequently exploit Office 365 via known weaknesses in the out-of-the-box security configuration and with more sophisticated and convincing phishing emails they can lure people to enable their attack attempts.

Cyber protection measures are varied and can be overwhelming. This guide simplifies what you need to do to step up your IT Security. First here are some real life examples of how attacks happen:

Scenario 1. A hacker sends a cleverly compiled email with an attachment or link to a file loaded with Malware and before you know it, you’ve been hit with Ransomware!

Scenario 2. A hacker sends a very official looking branded email, containing a link for you to login to Office 365, but it wasn’t Office 365. Now they have your login credentials and they can login to your account from anywhere in the world. We have seen hackers setup inbox rules to forward emails containing IBAN etc. out to a Gmail account. This can go completely undetected.

Scenario 3. Once a hacker has access to your Office 365 account, they can intercept routine emails e.g. for accounts payable invoices and then change the target bank account numbers to their own and seek payment.

Here is how to reduce your risks by 99%!

1.SETUP ADVANCED THREAT PROTECTION EMAIL FILTERING

Bad actors are constantly finding ways to get in front of your users. You need an email filtering system that evolves as the threats do and filters out all of the bad emails before your users even lay eyes on them. The best email filtering systems use “sandboxing” so that if your users open attachments or links they are first opened or “detonated” in a safe environment before actually opening for the user on their screen.

Advanced Threat Protection should be added to each Office 365 user subscription.

2. SET SECURITY POLICIES & MONITOR COMPLIANCE

It’s worth sitting down thinking about who needs access to what, from where and when. Segregate your users into logical groups e.g. Static Office User & Mobile Users. Then create policies for each logical group. Once these are configured in Office 365, we can monitor them and report on them and be alerted of any changes to them. Unfortunately, it’s not a case of “set and forget”. Settings can change for various reasons and you can’t be sure your policies are enforced if you don’t audit them frequently.

Restricting access to Office 365 from within Ireland and/or setting up multi-factor authentication are two of the most effective things you can do to eliminate hacked accounts.

365 Protect is a management tool that enables us to manage, monitor and report on your Office 365 tenancy as well as enabling us to respond to preconfigured alerts.

3. BACK UP YOUR OFFICE 365 MAILBOX, ONEDRIVE & SHAREPOINT DATA

Many people assume that saving their data into their personal OneDrive means it’s backed up. But that’s not strictly true. Even though it’s in the cloud, Microsoft only replicates your data for availability purposes. This means that it takes the most recent file version and saves a copy. If your files were locked for ransom or they were infected with malware, the replicated copies may not be retrievable, or at best, it could take up to 6 hours or more to retrieve just one file. Think about how that may affect your business.

HCS Managed 365 Backup automatically backups up data in your mailbox, your OneDrive and SharePoint.

4. PROTECT YOUR ENDPOINTS

Once the perimeter has been breached, your last line of defence is generally the anti-virus software running on your desktop and server. Traditionally, these solutions work from a known list of virus signatures and rely on a central database for updates. Such solutions have been poor at preventing ransomware attacks and result in significant disruption and cost.

Modern Endpoint Detection and Response solutions are an upgrade from traditional antivirus and incorporate Al learning to detect abnormal activity on each Endpoint. They also incorporate features to “rollback” a ransomware attack and automatically disconnect a PC/Laptop from the network.

5. TRAIN YOUR USERS IN CYBER SECURITY

The bad actors are always looking to be one step ahead. They do this by exploiting the habits of your users and vulnerabilities in the software systems. There is always a chance that they will circumvent the security measures you have in place. Therefore, making your users cyber security aware, is an important part of your strategy to catch what all else fails to.

In addition to all this above you should setup internal controls to follow before making payments online.

Our team of security experts can help you determine what solutions you need to put in place. They will review what you currently have, identify where the gaps are and make easy to digest recommendations to reduce your cyber risk. We speak your language, we don’t over do the tech talk. We understand what businesses need and we partner with the best in IT Security to bring enterprise level, tried and tested solutions that fit businesses of all sizes within their budgets.

Contact us today to have a no obligation conversation with one of our team.