WRSV4400N Security Appliance For Small Business Networks - Should You Upgrade?

When you build a small business computer network, typically the main concern is having high-performance and secure network. Unlike home computer network where security is the last thing you probably concern, in small business computer network - security must be given a serious attention in protecting your valuable information business assets against any internet threats.

With lack of security expert, one of the easiest and affordable ways to protect your small business network is by implementing a wireless security appliance, or network security appliance, or UTM appliance. Cisco WRSV4400N is one of wireless security appliance available in the marketplace you can consider to deploy in your small business network.

Cisco WRSV4400N is a complete device for your small business infrastructure including wireless and wired network. It's a high-speed and secure wireless security firewall.

Wireless Networking

Cisco WRSV4400N is powered by wireless -N (draft 802.11n) technology with 3 Omni-directional 2-dBi gain external antennas with MIMO (Multiple-in Multiple-out) technology for longer distance range and better performance. The router is compatible with wireless -b/g/n devices. Wireless security connection using industrial Wi-Fi Protected Access (WPA) and Advanced Encryption Standard (AES) WPA2.

Not just wireless encryption, the Cisco WRSV4400N supports up to 4 SSIDs for secure guest access. With secure guest access, you can segregate different security boundaries for different groups of users. With your business partners or business visitors who might frequently come to your office, providing them wireless internet access with their laptop is safer without compromising your system.

Wired Networking

Cisco WRSV4400N wireless security firewall is embedded with four Gigabit LAN Ethernet ports for reliable high-speed data transfer. And the beauty with this router is that it supports up to 4 VLANs you can configure to meet your security policies. You know that communication between VLANs require layer-3 device which is a router. Cisco WRSV4400N supports inter-VLAN communications. Not just that, with your VLANs you can map SSID-to-VLAN with wireless client isolation.

Security Features

Both of multiple VLANs and SSIDs are important features for this wireless security router with regards to the network security. Like other ordinary wireless routers, Cisco WRSV4400N also supports security features such as ACL, MAC address control, Firewall SPI and NAT, content filtering, and Intrusion Prevention System (IPS).

Security is very expensive, regarding content filtering - you cannot just rely on the static URL or keywords blocking because un-healthy and harmful websites out there are growing rapidly each months. You need to have a way to update the black-lists automatically - you cannot do it manually and yet you don't know which ones. This is what Cisco would like to get more revenue not just once but in a yearly basis. WRSV4400N wireless security router supports the optional dynamic filtering through Cisco ProtectLink Web security service. Not all Cisco routers support this ProtectLink security solution.

Cisco also introduces new wireless security router - the RV-120N firewall router. The price between the WRSV4400N and RV-150N is nearly the same. But both security routers have some major differences as follows:

Firstly, the difference between the two is the wireless technology. WRVS4400N is still powered by the draft version of 802.11n technology, but RV-120W is powered by the final version of 802.11n. Some people might thing that this is a big different, but it is not. There are only several options updated from the draft version to the final version of 802.11n standard.

Secondly, the WRVS4400N supports Gigabit Ethernet ports but RV 120W doesn't. If you demand reliable high-speed wired connection, you should choose WRSV4400N.

Thirdly, the number of VPN tunnels the routers can support. If you require more VPN tunnels, you can choose RV 120W (10 remote clients and 10 site-to-site tunnels). WRSV4400N supports only 5 remote clients and 5 site-to-site tunnels.

And lastly is about the optional Cisco Protect-Link services support. WRVS4400N router supports Protect-Link but RV-120W doesn't. Should you require dynamic content filtering services - choose the 4400N router. But you must pay in a yearly basis for the services.

Security is expensive, but it is worth for your valuable business assets protection against any threats.

By Ki Grinsing

Ki Grinsing was graduated from ITS-Surabaya with MCSE and CCNA certifications. You can read the articles here WRVS4400N wireless security router and small business network security.

The Dangers of Unsecured Wireless Networks

In the last few years there has been an explosion of wireless (Wi-Fi) networks in the home. And for good reason: They are inexpensive to implement, avoid the cost and labor of running cable through your walls, allow you to roam merrily around your house and near environs with computer in tow. Plus, they are relatively simple to set up. I say "relatively" because it's far from a matter of commonsense, especially when it comes to setting up wireless home networks "properly."

You can get a home wireless network running in a basic way- to access the Internet--by simply hooking up the cables that came with the wireless router device. This is what a lot of people do, and it usually works. But what many people neglect to do is set up wireless security, and this is an extremely risky oversight. In this article I'll explain why.

You Can Get "WarChalked"

"WarChalking" is geek-speak for someone piggybacking or freeloading on someone else's wireless Internet connection, without that person's knowledge or consent.

If you have an unsecured wireless network this is the least that could happen. Your neighbor might be getting free Internet access by connecting to your unsecured broadband router. There is nothing to prevent this from happening if you have not set up your wireless security. At the very least this practice of leaching on someone else's Internet connection can drain the victim's bandwidth, causing sluggish downloads or surfing. If enough people tap into your wireless network your Internet connection could slow down to a crawl.

Your Computer Can Get Hacked

Having an unsecured wireless network can also allow people unauthorized access into your computer and private data. It opens up a "backdoor" even if your network is otherwise protected behind a firewall. Connecting wirelessly to your Internet gateway device (i.e., your Cox, Comcast, or Qwest modem) puts an unauthorized user on the "inside" of your network, just as if they snuck into your house and hooked up to your network with an Ethernet cable.

Pretty scary, right? It gets much worse.

Your Private Information or Identity Can Be Stolen

If you purchase anything online you need to submit very personal information to the website selling the product or service: information like credit card numbers, social security numbers, bank account numbers, usernames and passwords, etc.

Even if the website in question encrypts your private information during the submission process, there's little to prevent an eavesdropper from snooping in on the transaction or installing software on your computer that logs your every keystroke.

Your Home Network Can Be Used to Mask Someone Else's Illegal Activity

Every wireless home network (or more accurately, every wireless gateway device) will have a unique address traceable to its owner and his or her household. This is called an "IP Address"-let's say 71.33.56.166. This number uniquely identifies your home network from the countless others in the world. No two are ever the same.

This IP Address is unique for many reasons, and one reason is that it allows certain authorities to trace online activities back to the individual, household, or company from which those activities originated. Even though you may feel anonymous when you're surfing the Web, you really are not. Any webserver or Internet Service Provider can keep a log that records your IP Address, among other information about your computer and software.

Now, this doesn't bother most people, unless they're privacy advocates, because they're not doing anything criminal on the Internet. But it's a big problem for those who are committing crimes on the Web. How can they get around this?

They can tap into an unsecured wireless network in the neighborhood. This makes it very easy for them to get around being identified by the proper authorities. Why? Because it is you and your home network that will be identified instead! It's your IP Address that will be recorded.

Not many people want to get their doors kicked in by the FBI during a predawn raid due to someone else's Internet activities. Someone could be using your wireless network to download or distribute child pornography, hack into corporate networks, or to commit credit card fraud.

Okay, Now I'm Scared. What Can I Do To Prevent This?

The quick and easy way is to hire a professional computer or network technician to secure your wireless network for you, or at least verify that you have done it properly.

Each wireless router or gateway device can be different when it comes to how to set up its security. The device should come with instructions from the manufacturer or your ISP.

The most important thing is to set up the WEP or Wireless Encryption Protocol. WEP is what encrypts the data stream between your computer and whatever webserver on the Internet you are connecting to, preventing unauthorized interlopers from eavesdropping on your online activities, credit card transactions, and the like.

Just as importantly, it also prevents unauthorized individuals from connecting to your wireless network, either to piggyback on your Internet connection for free or to conceal their identities behind your own. They must have the encryption key to connect.

There are also additional measures you can take to protect your wireless network. For example, you can disable the feature that broadcasts your wireless network ID, for all practical purposes making your wireless network invisible to your neighbors. This is a smart thing to do but is often overlooked.

Chris Brehm
Tucson Computer Repair Service
Chris@Smbaz.com
http://www.TucsonComputerRepairService.com

Secure Government Networks - 5 Points For Success in Gaining Compliance and Connection

"The world is changing around us at an incredible pace due to remarkable technological change. This process can either overwhelm us, or make our lives better and our country stronger. What we can't do is pretend it is not happening." Prime Minister Tony Blair on commissioning the Transformational Government strategy.

To survive in this era of accelerating technological change, and to implement the edicts of the Transformational Government strategy, every public sector organisation will have to undergo fundamental technology-enabled change. This article provides a five-point check list for senior managers responsible for developing and delivering a successful Transformational Government change programme.

Ensuring that an organisation can satisfy the necessary information security requirements to enable it to be a component part of joined-up government, requires consideration that will inform budget and strategy, reshape organisational process and procedures, and redefine culture and working practices.

As a guide to those responsible for their organisation's information assurance and implementation of the Transformation Government agenda, this article provides a five-point check list to provide a basis for ICT-enabled organisational change.

Point 1 - Be fully appraised of current Government policy and strategy

Current UK Government policy and strategy is leading public service organisations through a significant period of change to achieve efficiency gains through streamlined citizen-centric, ICT-enabled, secure shared services.

Understanding current UK Government policy and strategy will assist you in:

Understanding measures you should take to deliver ICT enabled business change

Identifying expected business benefits

Identifying costs

Identifying scope of change

Identifying risks.

A list of the key sources of UK Government policy and strategy can be found in the thought leadership section of the VEGA website.

Point 2 - Ensure board level buy-in and understanding

A board level information assurance champion should be appointed to act as Senior Information Risk Owner (SIRO) for your organisation. This recommendation meets mandatory requirement 3 from the HMG Security Policy Framework (SPF) V1.0.

Your SIRO should agree to terms of reference which clearly define their role and responsibilities with regard to the information assurance of your organisation. Additionally, your SIRO should meet regularly with your organisation's security staff to discuss security policy and discuss a risk managed approach to information assurance. This ensures that information assurance and governance is a recognised board level responsibility which includes the protection and utilisation of all of your organisation's assets (information, personnel and physical).

Point 3 - Manage your stakeholders

Obtaining stakeholder buy-in to your organisation's information assurance strategy is critical to its success. Good stakeholder management creates awareness, provides the framework for supporting delivery and assists you secure budget where resource is scarce and competition is fierce.

A communications plan should therefore be developed to identify:

Desired buy-in outcomes

Audience of stakeholders (internal and external)

How to best engage stakeholders

How messages are to be communicated

Ownership of responsibility for maintaining communications

Frequency of communications.

Stakeholders should subsequently be plotted on a stakeholder map prioritised by power and interest. This will assist you in grouping them. Your communications strategy can then focus on key stakeholders whilst ensuring other stakeholders are engaged to the level required.

Failure to gain buy-in from key stakeholders has sealed the fate of many information assurance projects.

Point 4 - Involve the experts

When pursuing an information assurance strategy, you should seek advice from recognised Government and industry experts. These organisations have faced the same challenges as you and have valuable information and knowledge to share. This will save you time and money, whilst ensuring that the information assurance solutions you plan to implement are fit for purpose and proven across Government.

The organisations you may wish to contact include:

Office Government and Commerce Buying Solutions (OGCBS)

Communications-Electronics Security Group (CESG)

Government Computer Emergency Response Team (GOVCERT)

Central Sponsor for Information Assurance (CSIA)

Centre for the Protection of National Infrastructure (CPNI)

Warning, Advice and Reporting Point (WARP)

Information Commissioners Office (ICO)

Public sector organisations similar to your own

Consultancies with expertise in enabling Transformational Government change programmes

Point 5 - Achieving and evidencing compliance

Recent data losses across Government have placed an increased focus on information assurance. Public sector organisations must comply with centrally released security policy (e.g. HMG SPF) which defines mandatory minimum security measures.

To connect to a secure network, your organisation must comply with mandatory security controls. Depending on the security impact level of the secure network, your organisation will either have to complete a Code of Connection (CoCo) or produce a Risk Management and Accreditation Document Set (RMADS).

To answer the requirements of a CoCo you should treat each control like an exam question (answer the question with relevant evidence), and sell your strengths, if you comply with standards such as ISO/IEC27001:2005 or PCI DSS.

The completion of a RMADS is much more involved. Unless your organisation has significant experience, you should involve a CESG Listed Advisor from the CESG Listed Advisor Scheme (CLAS).

Connection to a secure network will only be permitted once the relevant governing security authority is content that your organisation meets the information assurance requirements of the network you wish to connect to. This ensures that the risk your organisation poses to other organisations on the network is managed.

Once your organisation's connection is authorised, you should expect regular audits which ensure the level of information assurance your organisation has achieved is maintained and improved.

These five points will hopefully act as an aide memoir� when your organisation starts to consider its connection to a secure government network. The most important thing to understand is that information security is not just about technology; it is the catalyst for organisational change that encompasses people, training, policy and procedures.

VEGA is a member of the CESG Listed Advisor Scheme (CLAS), as well as a registered CHECK service provider. VEGA has an established track record of working across Government providing strategic advice and technological expertise to help secure public sector information through the implementation and use of secure Government networks.

By Damian Schogger, Communications Manager, VEGA

About VEGA VEGA is a professional services company that delivers technology-enabled change in complex environments, often where security and resilience are key. We have an in-depth knowledge and experience to support organisaitions planning to gain connnection to secure government networks, gained from working on several major UK government projects in this area.

Please contact us for further information. Connecting to Secure Government Networks

VEGA

UAVs Hacking Wireless Networks - Latest Threat, Military Strategy, or Surveillance Tool?

At the famous hacker convention in Las Vegas, some of the computer security industry professionals there have created a UAV which can fly around and break into computer systems via their wireless connections. Is this a new scheme? Is this an innovative idea? I would submit to you that it's not a new original thought, as I had written an article about this a year or so ago on such a concept, and there are old tales of UFOs flying over missile silos containing ICBMs during the Cold War, and shutting down the entire system.

Yes I know, talking about UFOs, or unidentified flying objects, seems a little bizarre. But, whether or not those stories are true, hardly matters, because the stories go back to the 1970s and really this new hacking technique, which will probably be used by the US military is not a new thought, we can trace its origins back over four decades. Nevertheless, it is interesting new technology, and perhaps we should discuss this.

There was an interesting article in Physorg [dot] com recently on August 6, 2011 titled; "Hacker drone launches airborne cyber attacks," written by Glenn Chapman which stated;

"Computer security specialists built a small MAV drone aircraft that can launch airborne cyber attacks, hijacking mobile phone calls, or even delivering a dirty bomb. It is loaded with software to attack Wi-Fi, Bluetooth, and GSM cell networks. The MAV grabs packets of data sent on wireless networks or unsecured hot spots as gateways to get in to computer systems. It can get GMS mobile phone IDs used to bill outgoing calls. Hackers can impersonate cell phone towers and eavesdrop on people's calls."

Perhaps, this is a good reason for people to secure their Wi-Fi at home, or in their businesses, and not leave open networks, because hackers can break in. It's also a good reason for government computer systems, and large corporations to think twice about having any sort of wireless communication too accessible, or allowing too much information to flow through them, which is of high value, proprietary, secret, or involving financial transactions.

We've always known that someone can park a Van near a Wi-Fi connection, and attempt to break into the computer system. In Silicon Valley there were computer professionals which did this quite often to test the security of various corporations. Flying a small model airplane or micro air vehicle, or even a military UAV over a location to get into the system might indeed help the cyber warfare division of the US military. We can also expect that our enemies will try to do this to us too, and unfortunately we can also expect criminal hackers to try to break into our personal information in this way.

Indeed, just when you thought it was safe to use your mobile phone, Wi-Fi, or wireless network - someone has invented a new way to get in. Be careful out there folks, indeed I hope you will please consider all this and think on it when you are devising a strategy for Internet security and safe mobile phone transactions.

Lance Winslow is a retired Founder of a Nationwide Franchise Chain, and now runs the Online Think Tank. Lance Winslow believes writing 24,444 articles by September 4th at 4:44 PM will be difficult because all the letters on his keyboard are now worn off now..