Loading ...

Month: May 2023

Basic Setup of Cisco Wireless Controller

This is the first in a series that document the Tier 3 / Co-Managed IT work we did to setup a wireless test bed for a Linux based scientific device. The testing environment included two different wireless network hardware types (Ubiquiti and Cisco). There was also a Synology device used for various purposes including hosting the Ubiquiti controller inside a Kubernetes container, providing certificate services, providing LDAP authentication, and providing RADIUS authentication. Each article will detail a separate piece of the project. This article shows the basic setup of Cisco Wireless Controller.

Setup of Cisco Wireless Controller

  1. Plug -in ethernet of Computer to port 2 on controller
  2. Boot controller and wait for SYS light to go solid
  3. Open web browser to http://192.168.1.1
  4. Create admin username
  5. Create password
  6. Fill in the needed information:
    1. System nameManagement IP Subnet MaskDefault Gateway
    1. Click Next
  7. Fill in temporary information for wireless
    1. Network BSSIDCreate PassphraseEnter local DHCP server address
    1. Click Next
  8. Click Apply and wait for reboot
  9. Click on Commands tab
  10. Click on Set Time on the left-hand menu
  11. Change needed values
  12. Click Set Date and Time
  13. Click Save Configuration at the top

Compliance Requires Penetration Testing

Compliance is and always has been a complicated matter. Here are the quotes from the three types of compliance – CMMC, HIPAA, and PCI:

CMMC – Risk Assessment L2-3.11.2 – VULNERABILITY SCAN: Scan for vulnerabilities in organizational systems and applications periodically and when new vulnerabilities affecting those systems and applications are identified.”

HIPAA – § 164.308 Administrative safeguards. (a)(1)(ii)(A) – Risk analysis (Required). Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the covered entity or business associate.”

PCI – 11.3: External and internal vulnerabilities are regularly identified, prioritized, and addressed”

To summarize what this all mean – compliance requires penetration testing and vulnerability scanning. Networks have to be tested regularly to make sure that there has been nothing missed which would allow a hacker to breach the network and steal the treasure of information. Our recommendation is to scan at least quarterly, if not monthly, to find these vulnerabilities and address them before the hackers find them.

If your company has compliance requirements that you need consulting for, then contact us for assistance.

A Medical Office’s Journey to the Cloud

Today we tell the story of a medical office’s journey to the cloud. This particular client was facing their server operating system reaching end of support (a HIPAA violation) in the near future. They had begun by looking at their electronic medical records software company’s online offering, which didn’t have all the functionality of their on-premises software and was very expensive (this is typical).


They next decided to look into moving their current on-premises software into the cloud and we were asked to help with the testing. We determined that it would be best to move the file portion of the server to SharePoint / OneDrive to increase their mobility and flexibility. We also determined that it would be best to move them away from on premises Active Directory into Azure Active Directory / Intune to allow authentication and security policies. Finally we began testing the on-premises software hosted on a server in Azure with a VPN connection to their office.


The SharePoint / OneDrive and Azure Active Directory portions went through with little issues. The server, however, was not as we had hoped. The Azure VPN connection was expensive due to it always being on and no way of turning it off outside of business hours. The performance of the SQL database that the on-premises software used was basically unusable. The other option would be to create virtual desktops on Azure for this purpose but the cost and functionality was not what the customer was hoping for.


This has lead them back to searching for an online EMR software that will meet all their requirements. This will be tough because most companies are good at some things, but not all things and compromises usually have to be made. Our hope is that this story is a lesson to other companies. The cloud may sound like the newest and best way to work, but the costs and functionality are often worse than expected.

If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.

Archives

Categories

Plant a Seed @ 541-761-9549
233 Rogue River Hwy #873 Grants Pass, OR 97527
Mon-Fri: 9:00am-5:00pm
support@farmhousenetworking.com
© 2016-2023- Farmhouse Networking. All rights reserved
Terms and Conditions Privacy Policy

Evaluation Signup

[contact-form-7 id="452" title="Free Network Evaluation"]