GSEC Gold Paper Accepted: Securely Integrating iOS Devices into the Business Environment

Posted: 15th June 2011 by Josh in Uncategorized
Tags: , , ,
0

This past weekend, I was put on notice that my GSEC Gold paper was accepted and published by SANS. Here is the abstract:

“Driven primarily by the end user, iOS devices continue to inundate businesses at an ever-increasing rate.  Because these devices are housing sensitive organizational data, it is imperative that it is understood what risks to the organization are involved in allowing users to utilize these devices for business.  Ascertaining what the risks are, and what the compensating controls would be, should be a critical component of any business risk assessment. The security features of the device itself, how applications are utilized on the device, and the actual usage of the device needs to be evaluated. Beyond the aforementioned areas, a major consideration that needs to be taken into account is whether the device is personally owned or business owned, as well as how it is managed, as these will be the primary factors by which controls are evaluated to manage the incurred risk.  Finally, users need to be made aware of the risks, and trained in what their responsibility is to reduce the risk to an acceptable level.”

Here is a link to the paper.

-Josh

Websense Policy Server Install & ~High Latency

Posted: 22nd May 2011 by Josh in Uncategorized
Tags:
0

I thought I would document this issue, in the hopes that it might help those of you that run into it:

Working for a client, in the last 6 months, I have rolled out Websense Web Security to 3 remote sites, all pointing to the Websense Policy Broker (think mothership) at the central location.  (Websense Web Security 7.5.1 on Server 2008 SP2 Hyper-V VM)

One of the interesting issues I ran into at the remote sites was that no matter what I did, the installs would error out if I pointed the install to connect back to the central location.

the following components have failed to install correctly;

policy server: package deployment failed; wbsn.policyserver

1:com.websense.conf.exception.ConfigurationRuntimeException:

com.websense.config.exception.ConfigException:

com.websense.config.exception.WebsenseinstallerException;

package deployment failed; wbsn.policyserver

The error message seemed to indicate that it was a firewall or network communication error.  Unfortunately, tech support was not being very helpful, so I started doing some googling, and came across this interesting thread.

“it took a lot of time but this usually happens when the latency time is larger than 30 ms it’s what we noticed anyway… it’s not a lot but if you ping the remote site and the ping time is 30ms> there is a good chance you’ll get this error. everywhere we had 30ms>  we got this error.”

Come to find out, this was the issue, which is pretty bizzare, as 30ms latency is really not that bad….  All I had to do was following these instructions:

Install only the policy server, even when it fails it gets installed, so go look under services to see if you have policy server.

If you don’t have it under services then go in the programfiles/websense/bin you should have a policyserver.exe or something like that now if you do policyserver.exe -i (install) this should install policy server as a service.

so if you go back into services you should see the policy server installed. if not then I can’t help it has worked for me so far with many installs.

Once you have policy server installed you can install all the other components.

-Josh

pfSense 2 Cookbook: A Technical Review

Posted: 27th April 2011 by Josh in Uncategorized
Tags: ,
0

Because of my background in pfSense, about 6 months ago I was approached by Packt Publishing, asking if I would be willing to be a technical reviewer for an upcoming book they were publishing on pfSense 2. No pay, just a couple of free books from their library, and a bio in the front of the pfSense book. Why not, right?

Being the first time I have done something like this, I thought it was pretty good opportunity to get a feel for what it was like to review a pre-published technical book like this.  I was a little surprised at how much input I had, as I felt like my comments were well-received, and that I actually did have a hand in shaping parts of the book,

Well, the long and short of it, is that I enjoyed the experience, and I would recommend the pfSense 2 Cookbook to anyone looking for a practical guide to configuring pfSense 2.

-Josh

Older Entries
Newer Entries