Saturday, February 16, 2019

Tabula Rosa Systems Blog For 2/16/19 - VPN


+++++++++++++++++++++++++++++++++++++


February is Black History Month And Pantone Color Month(Coral in 2019)






Happy Chinese New Year - 2019 Is The Year Of The Pig


The New Year greeting in Chinese is “xin nian kuai le”

+++++++++++++++++++++++++++++++++++++


VPN (virtual private network) via whatis.com
A virtual private network (VPN) is programming that creates a safe and encrypted connection over a less secure network, such as the internet. VPNs were originally developed to provide branch office employees with safe access to corporate applications and data. Today, VPNs are often used by remote workers and business travelers who require access to sites that are geographically restricted. The two most common types of VPNs are remote access VPNs and site-to-site VPNs.
Remote access VPN

Remote access VPN clients connect to a VPN gateway on the organization's network. The gateway requires the device to authenticate its identity before granting access to internal network resources such as file servers, printers and intranets. 

This type of VPN usually relies on either IP Security (IPsec) or Secure Sockets Layer (SSL) to secure the connection, although SSL VPNs are often focused on supplying secure access to a single application rather than to the entire internal network. Some VPNs provide Layer 2 access to the target network; these require a tunneling protocol like the Point-to-Point Tunneling Protocol or the Layer 2 Tunneling Protocol running across the base IPsec connection. In addition to IPsec and SSL, other protocols used to secure VPN connectivity and encrypt data are Transport Layer Security and OpenVPN.

Site-to-site VPN
In contrast, a site-to-site VPN uses a gateway device to connect an entire network in one location to a network in another location. End-node devices in the remote location do not need VPN clients because the gateway handles the connection.
Most site-to-site VPNs connecting over the internet use IPsec. It is also common for them to use carrier MPLS clouds rather than the public internet as the transport for site-to-site VPNs. Here, too, it is possible to have either Layer 3 connectivity (MPLS IP VPN) or Layer 2 (virtual private LAN service) running across the base transport.






Buy the books at

 www.amazon.com/author/paulbabicki
====================================================


























































In addition to this blog, I maintain a radio show on BlogtalkRadio  and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and  Yahoo I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and  PSG of Mercer County, NJ.


Additionally, I am the president of Tabula Rosa Systems, a “best of breed” reseller of products for communications, email, network management software, security products and professional services.  Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.


























































  .
















Monday, February 11, 2019

Netiquette Security Alert 2/11/19 - SB19-042: Vulnerability Summary for the Week of February 4, 2019



02/11/2019 08:37 AM EST

Original release date: February 11, 2019
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
·        High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
·        Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
·        Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.