Server

virtual-cloud

Bitdefender have announced that its GravityZone solution is now certified by VMWare and has achieved the VMware Ready status.

What this means?

Organisations can now enable agentless scanning on guest virtual machines via NSX introspection, which eliminates the overheads that can be seen when running a separate instance of the agent in each VM.  It also offers increased resilience against APT's which target the security solution.

Enterprise Customers now have access to a new and proactive approach for securing Datacenters and their Network Virtualisation environments.

From Kirsten Edwards, Director, Technology Alliance Partner Program, VMware

“We are pleased that the Bitdefender GravityZone qualifies for the VMware Ready™ logo, signifying to customers that it has met specific VMware interoperability standards and works effectively with VMware cloud infrastructure. This signifies to customers that GravityZone can be deployed in production environments with confidence and can speed time to value within customer environments,”

Harish Agastya, Vice President, Enterprise Solutions, Bitdefender

“Data centers are the heart of the digital economy, and security is paramount for data center operators across the world. The VMware Ready certification marks another step in our commitment to provide security that is easy to deploy and scale, and meets the unique requirements of today’s highly virtualized environments. Our award-winning security solution leverages NSX capabilities in the software-defined data center to provide automated deployment and orchestration of security services,”

About VMware Ready

vmware_readyVMware Ready is a cobranding benefit of the Technology Alliance Partner (TAP) program which makes it easy for customers to identify partner products which have been certified to work within the VMware Cloud infrastructure.  With thousands of members worldwide, TAP includes best of breed technology partners who bring the highest expertise and business solutions for each individual customer.

About Bitdefender GravityZone SVE

Bitdefender GravityZone SVE provide security for virtual machines, virtualised Datacenters and cloud instances, through the GravityZone On Premise console.

  • Best protection for Windows and Linux virtual machines: enabling real time scanning for file systems, processes, memory and registry
  • Best proven performance in datacenters: up to 20% performance improvement compared to traditional security vendors
  • Works on any virtualization platform: VMware, Citrix, Microsoft Hyper-V, KVM, Oracle, and others on demand
  • Agentless security for VMware NSX

 

Keyboard equipped with a red ransomware dollar button.
Keyboard equipped with a red ransomware dollar button.

There has been report of several companies becoming infected by the Crysis Ransomware and as such we have had a look into what it does and how it can be prevented.

History

First detected in February 2016, this virus has multiple methods of infection typically an email which has attachments using double extensions to make them appear non-executable.  Although it has been seen to also come through SPAM emails and compromised websites.  There has also been reports that it has been distributed to online locations and shared networks disguised as an installer for various legitimate programs.

Description

Crysis Ransomware itself is capable of encrypting over 185 file types across fixed, removable and networks drives and uses RSA and AES encryption, once infected it will also look to delete the computers shadow copies.  Whilst also creating copies of itself into the following locations.

  • %localappdata%\­%originalmalwarefilename%.exe
  • %windir%\­system32\­%originalmalwarefilename%.exe

The virus will then look to create/edit certain registry keys to ensure it is run on each system start.

  • [HKEY_LOCAL_MACHINE\­Software\­Microsoft\­Windows\­CurrentVersion\­Run]
    • "%originalmalwarefilename%" = "%installpath%\­%originalmalwarefilename%.exe"
  • [HKEY_CURRENT_USER\­Software\­Microsoft\­Windows\­CurrentVersion\­Run]
    • "%originalmalwarefilename%" = "%installpath%\­%originalmalwarefilename%.exe"

Finally after encryption there is a .txt file placed in the computers desktop folder, sometimes this accompanied by an image set as the desktop wallpaper.

  • %userprofile%\­Desktop\­How to decrypt your files.txt

There has also been reports of Crysis stealing data and credentials from the affected machines and passing these back to its Command and Control server.  This would then allow the computers and local networks that have been infected to become vulnerable to further attack if the credentials are not changed.

It has also been seen that Crysis will monitor and gather data gathered from IM applications, webcams, address books, clipboards and browsers prior to sending this to the C&C server with the windows variant stealing account and password credentials.

Prevention

To reduce the risk of infection we recommend the following

  • Ensure you are using an upto date AV product
  • Ensure any specific Ransomware prevention tools in the AV are used
  • Ensure you have a regular tested backup of the data
  • Educate users in the dangers of opening attachments from an unknown source

 

 

Bitdefender have updated their GravityZone cloud console with some new features over the weekend and here at Blue Solutions we are happy to guide you through these changes and how they will affect you and your customers.

Anti-Ransomware

The big news is that Bitdefender has now incorporated Anti Ransomware vaccine to all its cloud customers, and will be rolling this out through the on-premise version on Tuesday 27th Sep 2016.  This module is activated through the policy section  Antimalware --> On Access settings

Gravityzone Ransomware Vaccine Policy Setting
Gravityzone Ransomware Vaccine Policy Setting

By activating this module, machines will be protected from all currently known forms of Ransomware.

Other New Features

Update Rings - this feature allows Administrators of the program to  chose when in the validation cycle an update is received.

Anti-Exploit Techniques - a new set of powerful techniques which further enhances existing technologies to fight targeted attacks.  These are integrated into the existing Advanced Threat Control module.

Web Access Control Rules - The categories list has been updated with multiple new categories added.

Exchange Protection - This can now be enabled/disabled when editing a customer with a monthly license subscription.

 

The above features are now in place for all current users of Bitdefender Gravityzone in the cloud and will be rolled out to Bitdefender Gravityzone on-premise users from the 27th Sep 2016.

For more details on the above features and a look at the other features included please click here

logo     bs-logo

BD Banner for blogOriginally published by Bitdefender

I came across an interesting article reported by The Register. In a survey, half of companies will still have Windows Server 2003 somewhere in their environment after the support cut-off date of July 14th passes. While purchasing a custom support agreement with Microsoft is an option, it’s one that will quickly get quite expensive ($600 per server per year, doubling each year).

An often complicated, and critical, application, is the endpoint security management suite. Traditional management relied on applications installed on Windows servers, most often leveraging a SQL database running on other servers. This very quickly creates a series of dependencies. Does the security management support a newer Windows version? If so, which databases does it support, and which Windows versions do those supported databases run on? If the management application uses a web server, which versions, and on which operating systems are those supported? How does the migration work, is there downtime, is the data migrated, can it be done in stages, or is it a forklift upgrade.

Much of this complexity can be avoided. Of course, custom-built, in-house applications are still tricky, but off-the-shelf solutions should be very simple, including endpoint security management.

For example, GravityZone can be delivered in two ways that avoid this complexity. The most straightforward is a GravityZone management console hosted by Bitdefender or a partner. In that case, the organization leveraging GravityZone never has to deal with any complexity underlying the management application.

The second option is hosting GravityZone on-premise. In this case, complexity is minimized because GravityZone operates as a self-contained private cloud. The deployment consists of a Linux-based virtual appliance. Multiple instances can be deployed, each playing one or more roles. The roles encompass all required functionality, including the database (often the source of most upgrade woes).

In this way, complexity of GravityZone is not exposed. Bitdefender builds and tests the virtual appliance, while the customer simply updates it. Everything from the web server to database is contained in the virtual appliance.

While adopting an endpoint security management solution that lowers operating system upgrade complexity won’t solve all of your problems, it certainly takes quite a bit of complexity – and therefore risk – off the table for a critical part of your environment. If you’re struggling to move your current solution off of Windows 2003, consider the advantages of a self-contained, flexible, and scalable solution like GravityZone, because it’s only a matter of time before you’ll begin the next round of operating system upgrades!

Want to know more about Bitdefender solutions? Contact our sales team today at 0118 9898 222 and they'll help with your queries or arrange a free trial.

 

Need some urgent help?

In only 28 days, your current version of Windows Server 2003 will expire, meaning you will no longer receive regular system updates, security patches, or hot fixes from Microsoft; which could leave your IT infrastructure exposed to serious security threats and compliance failures. If you would like to learn more, get in touch through emailing our friendly SMB team.

It's time to say goodbye to Windows Server 2003.

Call the Blue Solutions team on 0118 9898 222 for advice and help with upgrading your systems.

Microsoft logo

Chances are, they may not be – according to estimates, there are still millions of servers running Windows Server 2003. It was the workhorse of choice for many years, but the time has come for customers to migrate to a newer, fully supported platform. That’s where you come in. It’s a great opportunity for you to ramp up your business and support your customers through a major technology change. They’ll appreciate the help, and you’ll appreciate the way your business will grow.

Find tools to help. 

Access our extensive set of resources to learn more about:

  • Talking with your customers about the importance of migration.
  • Ways to assess a customer’s current environment by categorising applications and workloads.
  • Migration options, either in the datacenter or in the cloud.
  • How to develop a migration plan.

Visit the Windows Server 2003 end of support partner page

You’ll also find customisable ModernBiz marketing materials that highlight Windows Server 2012 R2, including partner readiness materials, pitch decks, email templates, brochures, and copy blocks. Use these to show your customers the importance of migrating from Windows Server 2003, and the migration paths that are available.

Helpful tools like the Microsoft Assessment and Planning (MAP) Toolkit which makes it easy to conduct a migration assessment for a customer's current IT infrastructure, are also available. Get started migrating your customers

Call our Sales Team today on 0118 9898 222 to upgrade to Windows Server 2012 R2.

A study by Node4, data centre and communication specialist, found that up to 70% of UK SMBs expect larger IT budgets next year.  80% of the IT decision makers that were interviewed during the study agreed their expectation was for better business performance in 2014 and as a result they are considering how IT can be applied to automate processes and increase efficiency in their business.

The last recession cycle saw some serious spending cuts in IT departments but as faith in the UK economy is increasing, SMBs are once again looking at IT investment. However, spending habits have changed and decision makers want IT solutions that help them to drive down costs, be more efficient and win more business. SMBs now realise that even the most talented and expensive IT resources can't help the business to grow when they are distracted by mundane tasks like troubleshooting, monitoring and day-to-day support. 

Labtech LogoThis has brought new attention to the importance of automation and the features and benefits of products like Labtech 2013 - Click Here.  LabTech is the ultimate solution for recurring IT tasks to SMBs and their clients. Designed to extend and automate IT services, LabTech 2013 will improve IT process automation with enhanced visibility and automation which will free up IT resources to focus on more strategic projects. LabTech will also increase levels of service quality and achieve IT service excellence with 99.9% uptime.

Click here  to read more about LabTech 2013 and how it can improve an IT solution provider’s service offering through remote support that results in improved technician efficiency, added flexibility and dramatic cost reduction while driving IT automation into your business.

Successful IT is more than just on-site management of workstations, servers, printers, routers and mobile devices. It is about remote management and control, seamless software deployment without end-user disruption and fixing issues before they even occur. It is about staff efficiency and customer satisfaction and it is about making the purchasing decisions that will empower businesses to achieve that in the new year.

Regardless of the purchasing intentions, plans or budgets for next year, 80% of IT decision makers in the SMB space are preparing to be automated and reap the associated business benefits in 2014! Are you?

Small Business Server 2011After many years of faithful service to the channel, Microsoft will be retiring Microsoft Small Business Server 2011 on June 30th 2013 within the Open Licensing Program. Retail and OEM SKUs will continue to be available until December 2013.

Windows Server 2012 Essentials will be the only replacement within the Microsoft portfolio. This can be deployed on a server with up to 2 processors and supports up to 25 users and 50 devices. No CALs are required and there are no virtualisation rights.

Alternatively customers can opt for Windows Server 2012.

With Cloud providers maturing all the time this may now be the time to move to the cloud. Hosted Exchange is a mature technology and with employees demanding access to their data from many devices including mobile devices, a hosted solution may be the correct way forwards. Hosted solutions remove the cost of the hardware along with the ongoing support and maintenance costs. Security and backup are typically bundled for free. Employees will benefit from greater uptime and the ability to access their data and applications from any device, as long as they have access to an Internet connection. Solutions may also provide synching functionality for offline work.

Blue Solutions has just launched a hosted Desktop offering which enables users to have a virtual Windows 7 Desktop with cloud storage, Microsoft Office Applications, along with Exchange mailboxes. There are also upgrade options for dedicated virtual servers to host line of business applications.