The Tech Break

When you purchase enterprise class technologies, there are few manufacturers that will sell products directly to the customer. Much like a dairy farm selling milk through a supermarket, manufacturers like Cisco Systems, Palo Alto Networks or Dell Compellent sell products through technology partners also known as value added resellers (VAR). The term “VAR” gets tossed around a lot in the tech industry, but is the VAR you’re working with truly adding value to your organization? 

Often times when we meet with new customers they have an existing technology partner that they are working with. Some are happy, some are unhappy and others are somewhere in between. The most common response we hear why customers are unhappy with their existing VAR are:

-          Poor response time to issues and requests

-          Slow turnaround time on quotes a proposals

-          Lack of technical expertise

-          Bad customer experience

-          Lack of response and attention because of company size

-          Sales aggressive

It is important to partner with a VAR that you can trust that cares about your business and solving problems. Working with the right partner enables IT to resolve issues quickly, optimize technology and add solutions to the business that will help save time, money and deliver a competitive advantage.

In this series we will talk about what we see as important qualities and values to look for in choosing the right technology partner.

PART 2: Choosing a Partner That is Loyal to Customer Success

As you may know by now, Palo Alto Networks is a relatively new network security company. Its next-generation firewalls (NGF) provide granular visibility and control of applications and content. In addition to traditional firewall criteria, these firewalls can identify applications regardless of port, protocol, evasive tactic or SSL encryption. This is a lot of functionality packed into one box.

In November 2011, Palo Alto Networks extended network security to combat targeted malware with a WildFire cloud-based engine. WildFire submits EXE and DLL files to their cloud-based, virtualized environment for automatic analysis of malicious activity. It runs the files in a vulnerable environment and watches for malicious behaviors and techniques, such as modifying system files, disabling security features, or using a variety of methods to evade detection.

What’s so great about this, you may ask? Malware is distributed by a wide variety of web applications, in addition to the traditional HTTP web-browsing and email. The ability to detect, remediate and investigate unknown malware has become a practical part of a threat prevention strategy, like IPS and URL filtering.

Scenario #1: You’re inspecting email attachments for malware but do not have the ability to scan other applications. Applications that tunnel within HTTP or other protocols can carry malware that will be invisible to a traditional anti-malware solution.

Scenario #2: You have a firewall with integrated cloud-based malware analysis. This will expand your view to other applications, pull the traffic apart and go a level deeper, and addresses the challenge of modern malware.

How does it work? Unknown and potentially-malicious files are executed in a cloud-based sandbox. If the files are confirmed to be malicious, it automatically generates new signatures for both the file and for any traffic generated by the malicious file. These signatures are distributed with regular signature updates. Plus, you get an actionable analysis of exactly how the malware behaves – who was targeted and what application delivered the threat.

That sounds great, but how do I use it? At this time, WildFire is a free feature included with PAN-OS 4.1 or newer. If you already own a Palo Alto Networks firewall, enable it!

1. Login to your firewall and go to Device > Setup > WildFire
2. Go with the defaults settings, or make changes based on your requirements.
3. Configure file blocking profiles (PE file type) to include the “forward” or “continue-and-forward” action.
4. Incorporate file blocking profiles in security policies, just like other file blocking profiles.

That’s all you need to do on the firewall. Now login to the WildFire portal:

1. Go to https://wildfire.paloaltonetworks.com, and login with your support credentials.
2. Optional: Change your time zone and/or email notification settings.
3. The initial screen is the dashboard, similar to the following:
4. Click the ‘Reports’ button to see details of the potential and actual threats that have been processed in the cloud:

Do you have any interesting stories about WildFire, or thoughts about this article? Please chime in with a comment.

What is The Tech Break? 

The Tech Break is a Bird Rock Systems technology blog site. We know that, working in IT, it can be challenging to break away from the daily fires and projects, but when you do have free time, thetechbreak.com is a great place to learn about technologies, best practices and get the latest tech news. In addition, we encourage you to participate and contribute to our community of technology professionals by posting comments on our discussions.

Who is Bird Rock Systems?

Bird Rock Systems is an award winning San Diego, California based technology solutions provider.

What kind of technologies will you talk about on thetechbreak.com?

This website is dedicated to datacenter technologies for medium to enterprise businesses in the areas of:

-          Security

-          IP Communications

-          Network Infrastructure

-          Wireless

-          Network Management

-          Storage

-          Performance Computing (Servers)

-          Virtualization

-          Racks, cooling and power protection

-          IT Design and Engineering

What kind of topics can I expect from this site?

There's a lot of technology information on the web, from the latest IT solutions to the most recent security breaches; buzz words like cloud computing and virtualization. We steer clear of the marketing and focus on what’s most important, the technology.

In this blog we will share what we see as useful information for IT professionals based on the feedback from our customers. Our goal is to provide information that will make your job easier and help you solve problems and in turn will save you time and money.

Discussions coming soon…

Deconstructing Security Breaches and How Not to be an Easy Target

Tips and Guides for Configuring Next Generation Security

How to plan for a storage/virtualization/backup project

Attack of BYOD (Bring Your Own Device): The Management Challenges and Security Vulnerability it Posses to Your Organization

5 Things Every IT Person Must Know About Modern Malware Threats

Thetechbreak.com is an opportunity for us to give back to the IT community and provide a forum where we address real world IT challenges and how to solve them. To receive regular updates, please subscribe to our RSS feed.

If you would like more information about Bird Rock Systems visit http://www.birdrockusa.com/ .

Thanks for stopping by!

In an interview with the San Diego Business Journal, CEO of Bird Rock Systems Jim Mateo breaks down the first steps on how to protect your company data. When looking into the access and security of confidential data, especially sensitive data, he says that security and access may call for “two-factor authentication,” requiring a person to submit two forms of proof that they have permission to look at the data. This might be a password coupled with biometric information such as the user’s fingerprint.

Matteo displays a different security device used in two-factor authentication: A plastic token about the size of a house key. The device, from EMC Corp. subsidiary RSA, contains a liquid crystal display which shows a code number. The number changes every 60 seconds according to a mathematical pattern. To gain access to sensitive information, a computer user might key in their personal password as well as the number from the SecurID device.

Mateo continues on to talk about how to employ basic security techniques by describing how businesses need appropriate electronics, such as a firewall or a universal threat management device, to make it harder for hackers to get in.

“Next generation firewalls that are application aware are a great tool for businesses of all sizes,” Matteo said. These might uncover software that a computer owner was previously unaware of its presence.

For the full story visit: http://www.sdbj.com/news/2012/jun/25/down-dark-alleys-data/?page=2