Network Security - UTM
-
@Dashrender said:
@JaredBusch said:
@Dashrender said:
@JaredBusch said:
ownCloud does not protect you from Crypto, because the file will be encrypted locally and then synced up to the server and back down to everyone that has access to it.
One huge reason why offline sync clients are a bad thing.
Perhaps a needed thing, but still a bad solution.
It might be better if the files could be saved in a webapp instead through a sync client just dumped into the filesystem.
Entirely possible, but not likely a default setup for someone using ownCloud (or any other solution) in replacement of foldershares.
Really? For folder shares? I don't know anyone who by default syncs folder shares (a network share used by many people) to their local system. Sure it's possible, and I know JB has the situation where his techs need to maintain copies of their technical manuals while offline, but would you call that common?
Yes, because they expect the files to be available. We are discussing this form the point of veiw of replacing shares on a LAN. You would add a LOT of steps to these users to access files before they can open them. Users would quickly start using local files and emailing copies around.
-
While I agree that using OwnCloud/SharePoint, etc through a web portal is many more steps... without those steps... you're really no better off than you are with standard file shares, other than possibly a better sync engine.
You're just as much at risk for crypoware as you are with traditional file shares.
So Scott tells me - the reason you aren't (at least when it comes to SharePoint) is because you stop opening the shares themselves - be they SharePoint or OwnCloud, instead you open the app which has a plug in that gives you direct access to the storage, making it easier for the end user.
While I personally almost never open Word to go and find a Word document (Instead I open Explorer, go to my network location and double click on the file in question, when then launched the correct application). Assuming I know the correct application for the file I'm search for, It would be a tiny bit faster for me to search for the file from within the application itself.
Also, by using the application, you pull the user one step further from the storage because hopefully the default location for storing things is your storage solution, so it's not really a question of where to find things for them.
-
@Dashrender said:
While I agree that using OwnCloud/SharePoint, etc through a web portal is many more steps... without those steps... you're really no better off than you are with standard file shares, other than possibly a better sync engine.
You're just as much at risk for crypoware as you are with traditional file shares.
So Scott tells me - the reason you aren't (at least when it comes to SharePoint) is because you stop opening the shares themselves - be they SharePoint or OwnCloud, instead you open the app which has a plug in that gives you direct access to the storage, making it easier for the end user.
While I personally almost never open Word to go and find a Word document (Instead I open Explorer, go to my network location and double click on the file in question, when then launched the correct application). Assuming I know the correct application for the file I'm search for, It would be a tiny bit faster for me to search for the file from within the application itself.
Also, by using the application, you pull the user one step further from the storage because hopefully the default location for storing things is your storage solution, so it's not really a question of where to find things for them.
If you stay in the MS world, you can use OD/ODfB/SP via Word and Excel directly form the open dialog without needing the files synced locally.
ownCLoud does have webdav connectivity so it is entirely possible that something could be done, but I have never looked into it.
-
Right, and MS is adding more cloud providers to the list. I heard last week that Dropbox and Box were both being added to O365 for storage options, just like OD or ODfB currently are.
-
@Breffni-Potter said:
@hobbit666 Did someone say PCI? Hold everything!
What level of PCI compliance are you working towards? Or has the goal not been set yet?
No idea its a "buzz" word i've been hearing from meetings that i've not been attending. Most coming from the Credit Control dept and our CRM person
-
@Dashrender said:
@hobbit666 said:
OK what abut from a PCI/Data protection standpoint.
Shouldn't we be doing everything we can to secure all ways into the network no matter how remote the chance a hacker will try is?
You can, by not trusting the local network at all.. not making it important in any way.
What I mean is no more file shares that are just open, logons for anything that is accessed.
Basically treat your local network as if it's the internet, and then you don't have to worry about it as much.
I think you can still use Active Directory in a setup like this.
Thats also something i'm lookign into securing the LAN, when i arrived most people had a simple password that never expired and all the same. All logged into there machines as a local Admin user.
Now 90% of machines are domained joined and have AD users with complex password policy in place. The File shares are work in progress, we have been moving everything to a Netgear NAS and setting up permissions, but having see on other threads people saying Mapped Drives are out i need to look at alternatives (Sharepoint/OwnCloud maybe?? Or OneDrive as we are migrating to Office365 for E-mails and CRM)
-
What do you for email? If it's O365, you already have SharePoint (most likely) as part of that.
-
@Dashrender said:
What do you for email? If it's O365, you already have SharePoint (most likely) as part of that.
I don't think that most people with Hosted Exchange have SharePoint, too. It's in the first upgrade, but the percentage of people on pure Hosted Exchange is pretty high, I think.
-
@scottalanmiller said:
@Dashrender said:
What do you for email? If it's O365, you already have SharePoint (most likely) as part of that.
I don't think that most people with Hosted Exchange have SharePoint, too. It's in the first upgrade, but the percentage of people on pure Hosted Exchange is pretty high, I think.
Until you posted about the ability to purchase pure hosted Exchange from Microsoft, I was under the impression that all that could be purchased was O365 the SMB levels or E1 - both which include SharePoint.
Has NTG sold a lot of Hosted Exchange only?
And even if you have, of course you've always know about this option, so could easily steer your clients to the correct purchase.But I wonder how many SMBs just buy it direct, never even talking to a company like NTG, and therefore don't know about the hosted only solution?
-
@Dashrender said:
Has NTG sold a lot of Hosted Exchange only?
Yes, and of companies that I have spoken to just in general, it is far and away the popular product. As it is the only one used for price comparisons I feel like it is talked about something like 90% of the time.
-
@Dashrender said:
But I wonder how many SMBs just buy it direct, never even talking to a company like NTG, and therefore don't know about the hosted only solution?
The Hosted Exchange solution is so common that I think there is just some confusion about why a few companies are not aware of it. I see it talked about constantly in the SMB space.
-
Just doing the easiest search for Office 365 Exchange, it is hard to miss...
-
Given that all the talk and price comparisons are via the $4 Hosted Exchange option, wouldn't it be weird for someone not to find it or look for it? It's like every discussion around hosted email services. The things that are always said are...
- Rackspace is $2 rack and $1 if you know about the deals.
- Amazon and Office 365 are $4
- Google is just over $4
Those are the details of pricing for the entire enterprise email market.
-
@scottalanmiller said:
Given that all the talk and price comparisons are via the $4 Hosted Exchange option, wouldn't it be weird for someone not to find it or look for it? It's like every discussion around hosted email services. The things that are always said are...
- Rackspace is $2 rack and $1 if you know about the deals.
- Amazon and Office 365 are $4
- Google is just over $4
Those are the details of pricing for the entire enterprise email market.
The fact that the pricing was splashed around everywhere that I knew something was wrong everytime I was looking at O365, because the cheapest thing I could find was $5/u/m.
To me the confusion comes in many places, not the least of which is the fact that MS does NOT include it in the pricing lineup with O365, as if it does not exist.
Sure it's not hiding, but it's not in plain site either.
-
@Dashrender said:
To me the confusion comes in many places, not the least of which is the fact that MS does NOT include it in the pricing lineup with O365, as if it does not exist.
Comes right up when I looked for it. Did you see the screenshot? Search for Office 365 Exchange pricing, that's what comes up second.
Office 365 is a subscription license model, like VL. So looking for O365 pricing alone would be just as weird as looking up the price of "Volume Licensing." Or what is the price of "retail boxes"?
Retail boxes of... what?
I think that is the problem, searching for a licensing model rather than the product sought. The people who are looking for email hosting I suspect find it immediately.
-
For example, here is the most generic search that I could think of... "hosted email." Not looking for Exchange, not looking for O365, not looking for Microsoft... just someone hosting my email.
First two hits are Rackspace's $2 option and Microsoft O365 Hosted Exchange for $4. No hint of other Office 365 products at all.
Someone looking for email, I think, would be as oblivious to the SMB MS Office packages via O365 as you were to the hosted email ones.
-
That's definitely true - I never did a google search.
In this case I knew to much and it was biting me in the ass.
I knew that O365 included Hosted Exchange - so stupid me figured, well, the base package should be JUST Hosted Exchange, which of course it's not.
-
@Dashrender said:
I knew that O365 included Hosted Exchange - so stupid me figured, well, the base package should be JUST Hosted Exchange, which of course it's not.
Well, it is. The base email package is Just not the base MS Office package. There is one base package that is only Visio.
I can't look at the Office 365 site from here. No matter what you tell it, it displays in Greek and since there isn't even Latin letters there, I can't find any way to set it to English. Another total failure of geographic IP detection. I'm "in" Greece but did not request a Greek site. I even typed in the language code where they put the Greek code but because it is detecting me in Greece it changes back to Greek when rendering the page. Pretty basic website error for a company like MS. They simply work hard to block non-Greek speakers in Greece.
-
Yes we only have Mail boxes at the moment but will be moving tenants once all have been migrated (don't ask ... f**k*ng CRM!!)
We do plan on looking more closely at SharePoint and OneDrive over the next 12 months to get rid of file shares on the server and network. I'll then use the NAS for backups
-
I just thought.........
If we take the Citrix for example and I want to "publish" to all the sites via the internet. Wouldn't I need something to "secure" the inbound/Outbound traffic to prevent it being a point for hackers??
Or would something like a Ubiquiti Edge Router be enough? or am I missing something here?
Excuse the silly questions but as I mentioned this is the largest company I've worked for so my mind still thinks in LAN terms lol.