Tag: Firewall

Reading Time: 5 minutes

Introduction

Intrusion detection systems (IDSs) are an ever-present requirement in a cybersecurity infrastructure to ensure a server or internal network is protected. An intrusion detection system is either a hardware device or software program that actively monitors a server or group of servers for network policy violations or malicious activity. Any suspicious activity, attempted attack, or policy violation is reported and logged to a centrally located security information and event management (SIEM) system database, or directly to a security administrator for further review. This article explores Liquid Web’s intrusion detection product called Alert Logic Security and Compliance Suite.

Continue reading →
Reading Time: 5 minutes

Introduction

This article will review some of the more technical aspects of F5 Distributed Cloud AIP. F5 Distributed Cloud AIP is a platform-independent intrusion detection system (IDS) designed to provide users with a unique view into various integrated server security functions. It monitors both Linux and Windows servers as well as Kubernetes or other container-based server infrastructures to observe behaviors and detect malicious, uncommon, and risky activity.

Continue reading →
Reading Time: 4 minutes

Introduction

Microsoft Exchange Security Update
   

In this article, we provide updated information concerning the ongoing threat posed by the malware directed at Microsoft Exchange Servers noted in CVE-2021-26855. We also furnish the steps needed to update and secure your Microsoft Exchange Server. In a recent post, the Cybersecurity & Infrastructure Security Agency posted a priority security advisory regarding the recent Microsoft Exchange Server vulnerability. They state:

Continue reading →
Reading Time: 4 minutes
SIEM 2

Security Information and Event Management (or SIEM) is a subset of the computer security field, where applications and services join forces with security event management and security information management. When united, these disciplines provide significantly improved real-time statistical data and threat analysis of alerts generated by the related applications. The 2021 Internet Security Threat Report from Sophos denotes that are not only the number of attacks on the rise but also the diverse nature of methodologies and vectors of incursions used. This necessitates the fact that adding a SIEM is especially warranted at this time.

Continue reading →
Reading Time: 6 minutes

Introduction

Zabbix is an open-sourced tool used to monitor various IT components such as servers and hardware that they are running, cloud services, whole networks, etc. Zabbix can monitor the network health and integrity of your servers. All monitoring can be done through Zabbix’s web-based frontend. This means that you can quickly check the status of your servers from anywhere! This article describes how to install the Zabbix monitoring tool, create a database, and configure the frontend on Ubuntu 20.04.

Continue reading →
Reading Time: 13 minutes

What is ClickHouse?

clickhouse.logo

ClickHouse is an open-source column-oriented DBMS (or database management system) primarily used for OLAP (or the Online Analytical Processing of queries). It is capable of blazing fast generation of real-time analytical data and reporting utilizing SQL queries. It is fault tolerant, scalable, highly reliable and contains a feature rich tool set.

Continue reading →
Reading Time: 3 minutes

While there are many ways to make sure your server is as secure as possible, there are some basic steps that we can take to increase security. Users with a Linux server can change their SSH port to something other than the SSH default port (22). The steps listed below outline how to change SSH port numbers and enable the change.

Continue reading →
Reading Time: 6 minutes

Zero Trust security is the concept, methodology, and threat model that assumes no user, system, or service operating within a secured internal environment should be automatically trusted. It put forward that every interaction must be verified when trying to connect to a system before being granted access. This concept uses micro-segmentation, and granular edge controls based on user rights, application access levels, service usage, and relation to the location to determine whether to trust a user, machine, or application seeking to access a specific part of an organization.

Continue reading →
← Older postsNewer posts →
Have Some Questions?

Our Sales and Support teams are available 24 hours by phone or e-mail to assist.

1.800.580.4985
1.517.322.0434