fudgit2016

Comments

  • Perhaps I'll give a contrary view. When considering infrastructure and security architecture as a whole (my skillset), the hypervisor is assumed, as opposed to specified - this makes it a commodity from my perspective. I generally recommend most - not all - services are virtualised, but what hypervisor they are running on,…
    in Is the Hypervisor Truly a Commodity? Comment by fudgit2016 May 2016
  • Why worry about https being open - you can slow data stream using ICMP if you want (yes it is very slow - but a very effective way of keeping under an IDS radar). How many organisations block outbound ICMP ? ...
    in thwack Monthly Mission - April 2016 Comment by fudgit2016 April 2016
  • Apologies to the SW admins as this is going well off topic on their competition. There are many different opinions on blocking ICMP, and I'm not sitting in either camp really - but I thought I'd link an interesting article (and by far better educated people than me) :…
    in thwack Monthly Mission - April 2016 Comment by fudgit2016 April 2016
  • Unfortunately no ping access, as services are located in a locked down DMZ for payment services (hence the use of agent as opposed to snmp / WMI). Latency being reported is 180ms where it should really be a few ms as in the same DC as the poller. I'm guessing further investigations needed - struggling to find any reference…
    in Agent - high latency Comment by fudgit2016 June 2016
  • Fully agree that switch performance and capabilities have to be reviewed to ensure support - however it is an alternative to a potentially high cost tap (which can be disruptive in their own right). Are there any documented advisories as the recommendation you received from Cisco, I haven't seen this before - and over the…
    in NTA Deployment Comment by fudgit2016 April 2016
  • Hi there - I'm experiencing this on a SAM 6.2.1 release - however the service teams manually installed the agent, and I'm wondering if they used a previous version. What version of the agent should be expected ?
    in Agent - high latency Comment by fudgit2016 June 2016
  • An alternative to a commercial network tap, is to use a SPAN port with an "nprobe" enabled server. With a decent Linux OS (and custom drivers as per the nprobe documentation) you can definitely scale up to 10Gbps interfaces (haven't tried going beyond that - in theory doable, but ensuring no packet drops in the pfring…
    in NTA Deployment Comment by fudgit2016 April 2016
  • Very interested in this thread, but with a slightly different tack .. How about sending alerts to a Skype for Business persistent chat room ? I've been looking at this for a current project, where I'm sorting out a neglected Solarwinds platform. In theory you can use the new(ish) Web SDK for clientless transactions to…
    in Monitor Skype for Busines / Lync client side? Comment by fudgit2016 May 2016
Avatar