Friday, November 25, 2016
Wednesday, September 14, 2016
Quick Turnaround from CheckPt - Category issue fixed
So I got the confirmation email today and I was able to get on to the site from work:
From: no-reply@checkpoint.com [mailto:no-reply@checkpoint.
Sent: Wednesday, September 14, 2016 6:51 AM
To: ME!! (Contractor)
Subject: [Non-DoD Source] Check Point URL Categorization Request [2d7a9254-10f5-4862-b04e-
Dear Customer,
Check Point updated its URL categories.
Current categories: Business / Economy,Computers / Internet Former categories: Uncategorized
Request Details
--------------------
ID: 2d7a9254-10f5-4862-b04e-
URL: http://gravitysedge.com
Suggested categories: Business / Economy,Computers / Internet
Comment:
In case you are not pleased with the resolution of your request or would like to escalate the issue, please open a Service Request with Check Point Support <https://usercenter.
1. URL
2. Current category
3. Requested category
4. Reference ID of your request (as submitted in this page)
For more information please refer to sk98489 <https://supportcenter.
Regards,
Check Point Technical Support
From: no-reply@checkpoint.com [mailto:no-reply@checkpoint.
Sent: Wednesday, September 14, 2016 6:51 AM
To: ME!! (Contractor)
Subject: [Non-DoD Source] Check Point URL Categorization Request [2d7a9254-10f5-4862-b04e-
Dear Customer,
Check Point updated its URL categories.
Current categories: Business / Economy,Computers / Internet Former categories: Uncategorized
Request Details
--------------------
ID: 2d7a9254-10f5-4862-b04e-
URL: http://gravitysedge.com
Suggested categories: Business / Economy,Computers / Internet
Comment:
In case you are not pleased with the resolution of your request or would like to escalate the issue, please open a Service Request with Check Point Support <https://usercenter.
1. URL
2. Current category
3. Requested category
4. Reference ID of your request (as submitted in this page)
For more information please refer to sk98489 <https://supportcenter.
Regards,
Check Point Technical Support
Tuesday, September 13, 2016
CheckPoint URL Category submission
I decided to do checkpoint too. I know I have never done this one because they require an account to submit requests.
Hurry up Friday! (In so many ways!)
And because they require an account. You get a confirmation!
Monday, September 12, 2016
Way to go SolarWinds
So ten years ago I was helping a small to mid size company evaluate some remote management and ticketing software. We looked at several things including SolarWinds, SMS, SpiceWorks and a few others. Because of the size of the company, budget nad required features we went with SpiceWorks. (yes they wanted cheap!)
A few year later I was working for the Commissary and they were using TIVOLI NetCool to monitor their equipment. It worked really well because they had a technical admin who really knew his UNIX and custom scripting. It did a lot of cool stuff if you were willing to take the man-hours to configure what you needed. Their online support left something to be desired.
Last year I changed over to another federal agency that was using SolarWinds for remote monitoring. I was nervous at first a large 20,000 device network can be unwieldy. Ah SolarWinds again, I really hoped it had been improved from 10 years ago I thought. Holy Cow, had it! It does all the really cool monitoring with polls, traps, logging , config management and other great features that are completely intuitive and work inside an easy to understand GUI. We use NCM (network Config monitor) and NPM (network performance monitor) to track devices on the network. You do not need a small team of dedicated UNIX engineers to make it work. It seems to do a wonderful job with its modules right out of the box. I have been using for it again now nine months and love the interface and information I have access to. The only reason I cannot monitor something is usually because I fat fingered an IP or credential. We use the IPAM module to keep us honest in that regard, if IPAM can find it, I just have to make sure I can poll it!
Unlike some other venders they have a great support community called Thwack. Find em at: thwack.solarwinds.com You can download the software or modules you want to try out. The updated manuals are online as well as really good geeky tutorials, labs and tuning videos. Way to go SolarWinds, you have made this easy for our network engineers to keep an eye on the network and me as an auditor to collect the information I need. I am looking forward to getting my SCP cert while I continue to learn about the software!
A few year later I was working for the Commissary and they were using TIVOLI NetCool to monitor their equipment. It worked really well because they had a technical admin who really knew his UNIX and custom scripting. It did a lot of cool stuff if you were willing to take the man-hours to configure what you needed. Their online support left something to be desired.
Last year I changed over to another federal agency that was using SolarWinds for remote monitoring. I was nervous at first a large 20,000 device network can be unwieldy. Ah SolarWinds again, I really hoped it had been improved from 10 years ago I thought. Holy Cow, had it! It does all the really cool monitoring with polls, traps, logging , config management and other great features that are completely intuitive and work inside an easy to understand GUI. We use NCM (network Config monitor) and NPM (network performance monitor) to track devices on the network. You do not need a small team of dedicated UNIX engineers to make it work. It seems to do a wonderful job with its modules right out of the box. I have been using for it again now nine months and love the interface and information I have access to. The only reason I cannot monitor something is usually because I fat fingered an IP or credential. We use the IPAM module to keep us honest in that regard, if IPAM can find it, I just have to make sure I can poll it!
Unlike some other venders they have a great support community called Thwack. Find em at: thwack.solarwinds.com You can download the software or modules you want to try out. The updated manuals are online as well as really good geeky tutorials, labs and tuning videos. Way to go SolarWinds, you have made this easy for our network engineers to keep an eye on the network and me as an auditor to collect the information I need. I am looking forward to getting my SCP cert while I continue to learn about the software!
Sunday, September 11, 2016
Submitting for categorization
So in this case we want to make sure McAfee web filters are updated for gravitysedge.com. EasyPeasy!
Now we wait...
I will keep ya posted on any new info!
I will keep ya posted on any new info!
Uncatagorized DB in conflict...
On the #Mcafee site it is uncategorized. So the databases have a conflict and the one we are reading at work is where the block comes from. Seen below:
To correct this, request a categorization from this site...
We will continue this next time
We will continue this next time
Uncatagorized Website Catch 22
OOoo, this was kinda cool. On BlueCoat, the site was catagorized!
These means the uncatagorized rating comes from a different db. The categorizations have not merged. Lets look at the other site...
Uncatagorized Websites continued...
To read more check out these links:
Catagories
https://www.forcepoint.com/master-database-url-categories
https://community.mcafee.com/docs/DOC-4825
https://www.forcepoint.com/master-database-url-categories
https://community.mcafee.com/docs/DOC-4825
There are two ways to get categorized. By the local web protection mechanism ( a setting on the proxy server) or globally by asking the powers that be to assign your site a category with a request on their websites. The last method takes longer but works better because there is a masterlist that many of them share. Once your site gets on the list and propagated, this will no longer be an issue. Here are two of the main players that you can go to to have your site evaluated. It takes a day or two for the request to get looked at. If you sign up at the sitesand give them your email, they will respond back and let you know what categories your site request were given. In 4-7 days the lists will be propagated and the site will become available to those security conscious networks (provided it is not given a category that is being blocked by the proxy server’s web filter.)
Here are two of the major players:
#Change Catagories
https://www.trustedsource.org/?p=mcafee
http://sitereview.bluecoat.com/sitereview.jsp
https://www.trustedsource.org/?p=mcafee
http://sitereview.bluecoat.com/sitereview.jsp
I will go and help out my friends at Gravitysedge.com in the next post.
Blocked Website Because a site is Uncatagorized
Here is the next topic from #ACyberLife. I am browsing internet from workplace and I get an error that says the site is blocked because it is #uncatagorized. A similar situation may occur because your site is assigned a #catagory that IS being blocked and you think it should not be. In this case I know the site has been around for at least 10 years though it might not have been hosted by the same company the whole time. The site belongs to my friend Ian who does not know it is blocked. ( I sent him email after starting this post so he can see it too!)
All government agencies and anyone else following security best practices will block sites that have not been catagorized. Most new sites or sites that do not receive a lot of traffic will be blocked by web protection servers initially until the receiving a #catagorization. This prevents new sites that might be pornagraphic or have other objectional material be blocked until catagorized. Here is what that looks like if it happens:
Saturday, September 10, 2016
Hello there fellow nerds!
Hi all. Just call me M for now. I started in IT 30 years ago when I used to “sneaker net” a 8 inch floppy disk for a pilot records keeping project called MIMMS. Marine Corps Integrated Management System. We were keeping maintenance records in a database for the first time in 1985. We used a nasty old portable PC we called the Green Machine that was supposed to be portable. Portable like a small steamer trunk! I think it was portable because it had handles but don’t drop it on your foot cause weighed about 45 pounds and would crush your foot.
That seems old but I used to go with my dad to Langly AFB and watch him mount drives with white silk gloves and a wrench. Nothing was portable in 1970. Then he would let me go “play” on the card punch machine afterwards we would go to a local TV repair shop to test vacuum tubes and get a Slurpy on the way home.
I have seen computers come a long way! For the last 20 years I have worked in IT as Windows Admin, router\switch guy and most recently doing network security archetecture.
I will be posting stuff at least weekly, more often if things are hopping. I hope I can pass on some good info about things I have picked up over my career.
Enough about me, lets learn some cool stuff!
Subscribe to:
Posts (Atom)