Rules to Better Internet and Networks

If you have a Remote Access VPN, it is important to ensure that the VPN is secure. VPNs are a common point of attack in cyber security incidents - if a bad actor can get into your VPN, they're in your network.

If you are going to install a service pack on a machine, moving a virtual server to another drive or doing any critical system level changes, make sure you back up your machine first. For virtualized machine, make sure you back up all related files, including vhd, avhd etc.

w3dt.net supplies a DNS report tool which can help administrator to troubleshoot DNS issues with domains, name servers, SOA, and other information. We need to get all green ticks except for:

Keeping networks and VLANs separated is an essential aspect of a robust security strategy. This is particularly true for less secure networks such as automation and HVAC systems, which are often targeted by cybercriminals looking to gain unauthorized access to the network.

Have you ever faced a scenario where an unauthorized device is discreetly connected to an open port on your network switch, potentially intercepting sensitive data or disrupting critical services? This situation isn’t just theoretical - it can lead to serious security breaches, data theft, and system downtime if you do not restrict the MAC addresses allowed to connect.

The goal is: No one is stressed thinking their backup is not working.

Follow up your team to back up their PCs, then their mobile phones.

Microsoft Update is a service that allows for the periodic patching of system files to address known issues with Microsoft products. Originally called Windows Update, it was specifically focused on Operating System patches for Windows but has been expanded to include all Microsoft products and the name has changed to Microsoft Update, allowing the automated patching of non-OS software such as Internet Explorer and Microsoft Office.

When we configure networks we give all computers in the company a naming theme like:

• Buildings
• Cars
• Countries
• Colours
• Fruits
• Vegetables, etc

Having a very popular website is great. The only problem is where to host it. If you host it in your local country then it is very fast for your local market but what about the market on the other side of the world? The solution to this is to use a Content Delivery Network (CDN).

When you are connected to the company's network, you should complete the following procedure if you want to setup a printer server.

When an employee leaves or a domain account expires, disable the account, never delete it, as:

• Some LOB application such as CRM maintain a reference to the AD domain user GUID
• During the migration or restoration of CRM, users stored in the database are verified against AD and problems may occur if they no longer exist

We've seen this happen too many times - a user wants to do something on a network server machine, and because the user hasn't got a profile setup on that machine, he end up using the Administrator password to log on as administrator.

This is how you free up more disk space on servers:

You should use virtualized standalone servers because:

• If one server goes down it does not affect other servers (e.g. a centralized SQL server fails and brings down: CRM, TFS, Reports, Web Server)
• You can just copy the VPC to another computer and it just works, no need to worry about reconfiguring the SQL connection string or web services
• You can just backup the VPC

However, you should scale out your servers if:

• You want the best performance (e.g. A different server for SQL backend and Web frontend)

Some of the network services, like TFS/Exchange/Database are essential for our business and people will not be able to work if any of these services is down or inaccessible. When such thing happens, the first thing you need to do is to send notification to SysAdmins so they can start investigating the problem, and you should cc your project manager because those issues will stop you getting tasks done.

ANAME record (also known as A record) is an alias record that allows you to map the apex record or any other record within your domain to a target host name, essentially a CNAME record for the apex record.

The ANAME record is especially useful for when you have multiple domain names and your website is hosted by a provider that changes it's IP Address, this does happen quite regularly with WPEngine. Many DNS service providers do not support ANAME record, however, DNSMadeEasy has made this service available.

Cisco's FirePower module is able to automatically get a list of suspicious IPs from Cisco, however the IPs that are attempting to break into your network may not be the same as Cisco's recommended Blacklist. That is why it is important to have your own IP Blacklist.

When purchasing new network hardware you should always choose the most reliable option.

We have discovered that:

To help with automation (e.g. SophieBot) you can use the MAC address of your mobile device to match when it joins the company Wi-Fi. This allows you to:

• Automatically log when you come in or out (See Do you know the best way to see if someone is in the office?)
• Announce your presence to the rest of the office
• Get statistics and analytics: E.g. Who travels the most? Or which city uses In-And-Out the most?

Here is how to find your MAC address:

Network Intrusion Prevention Systems (IPS) can assist with network security by automatically detecting network attacks and stopping them before they become an issue.