Ryuk ransomware was discovered in August of 2018. Since then, over 100 US organizations have been affected. Knowing more about how Ryuk ransomware operates can help us to better protect our network.Read more
I recently worked with a customer who wanted to report on AWS flow logs within Scrutinizer. Scrutinizer requires only a bit of information in order to report on AWS flow logs; however, an S3 bucket needs to be configured with the right permissions within AWS. We walked through the process of creating an S3 bucket and the type of reports that can be viewed from within Scrutinizer. In this blog, I’ll share what that process is like.Read more
FaceApp is another selfie service that allows you to share aging and other filtered photos with your friends. It has been downloaded by millions of users since its introduction in January 2017 and seems harmless enough. But like with any new social media application, I was suspicious and rightfully so.Read more
Citrix NetScalers provide a feature called AppFlow. AppFlow allows Netscaler devices to export flow data to collection tools, often to be used for network/security analysis. Citrix offers a UI for AppFlow configuration, but if you are not familiar with it, the UI can be strange to navigate, causing mistakes. After helping a customer with an AppFlow configuration using the UI, I decided to look for another way and I’ve found one! Buried in some of Citrix’s documentation, there is a guide to configure AppFlow from the CLI. Today I’m going to walk you through that process.
I’ve heard Azure used quite a bit lately as a place to host and manage virtual machines. Azure launched console access in March of 2018. Since then, deploying VMs that require initial setup has become much easier. Now, even though Azure is not a Scrutinizer supported platform, our customers have been able to successfully deploy the new VM from within Azure.Read more
Gigamon uses GigaSMART for most of its NetFlow configurations, but some of us just love working from within a CLI. With a bit of direction from a Gigamon representative, we were able to document the process of configuring IPFIX for Gigamon devices from—you guessed it—the command line! Here we’ll walk you through an example IPFIX configuration for Gigamon devices.
Gigamon has a web interface called GigaSMART that it uses to configure NetFlow on Gigamon devices. But GigaSMART can be limiting; through working with many Gigamon and Scrutinizer users, I’ve found that most users are far more comfortable configuring NetFlow through the command line. This blog will explain how to configure NetFlow for H Series Gigamon devices through the CLI.Read more
Why am I seeing SNMPv1 and SNMPv2 attempts when I’ve only got SNMPv3 enabled? It appears some of Extreme’s switches handle their SNMP configurations a bit differently. Here, I’ll answer the above question as well as discuss how to configure, enable, and disable Extreme Networks SNMP.
I’ve recently had a couple of people reach out to me about the deployment process of our Scrutinizer Virtual Appliance (VA). I wanted to create a quick reference guide for those who are new to Scrutinizer. This guide will review both what is required for the deployment as well as the steps you’ll need to take to successfully complete the deployment.
We’ve seen a lot of coverage regarding the growth of Extreme Networks lately. Between their recent acquisition of Brocade and Avaya, it would appear that they are serious about expanding their product lineup to increase performance and network visibility; by means of the type of NetFlow exported by their devices.