Loading ...

Category: Disaster Preparedness

Synology Active Backup Restore to Hyper-V

Prerequisites:

  • Make sure Hyper-V Host has CPUs than the combined total of CPUs for all servers being restored as these static until after the VMs are completely restored. If there is not enough CPU resources then the VMs will not boot.
  • Make sure Hyper-V Host has more than the combined total of RAM for all servers being restored as these settings are static until after the VMs are completely restored. If there is not enough memory then the VMs will not boot. 
  • Create a SET NIC Team on the server (if you have multiple NICs)
    • Open Powershell as administrator
    • User the New-VMSwitch command to setup an external virtual switch to connect to for live connections
      • New-VMSwitch -name “SET team” -NetAdapterName “NIC1″,”NIC2” -AllowManagementOS $True
      • The AllowManagementOS is needed if you are using the same NIC team to access the VM host
  • Setup secondary Internal vSwitch to allow for testing before deploying
  • Setup Synology LUN targets for each VM to be restored. Make sure that they are big enough to hold all the full uncompressed size of the entire thick provisioned hard drives for the entire server. 
  • Connect each LUN to the iSCSI Initiator on the VM Host. Make sure to bring them online, initialize them, and give them a drive letter. Synology needs this because it uses the SMB protocol to transfer the files during restore.
  • Make sure to allow the File and Printer Sharing app through the Windows firewall and open port 5986 to allow HTTP traffic for WinRM to allow Synology to query the Hyper-V settings.
  • Add the Hyper-V Host to the Active Backup for Business app.

Synology Active Backup Restore to Hyper-V

  1. Open the Active Backup for Business app
  2. Click on the Physical Server tab on the left
  3. Select the server and click the Restore button
  4. Select the point in time to restore from Graphical user interface, text, application, chat or text message Description automatically generated
  5. Choose Restore to Microsoft Hyper-V
  6. Choose Full Virtual Machine Restore
  7. Change the Restore Name
  8. Select a folder on the Hyper-V Host to place the configuration files Graphical user interface, text, application, chat or text message Description automatically generated
  9. Select a folder on the Hyper-V Host to place each of the restore VHD files
  10. Select a Virtual Switch on the Hyper-V Host to connect the VM to Graphical user interface, text, application Description automatically generated
  11. Confirm the settings by clicking on the Done button.

After:

  • The VMs will boot with a single NIC and no network settings. Keep them offline and add additional NICs as needed to match the original setup. Then configure the NICs as before upon reboot. Make sure to connect to Internal Test Switch for initial steps. 
  • Check hardware configuration of CPUs and RAM to determine if adjustments can be made. In particular, the RAM settings can be changed to startup, minimum, and maximum to allow for distribution of resources to VMs that have heavier workloads.
  • Boot VM to make sure it is functioning correctly.  (first bootup can take upwards of 15 minutes)
  • Convert the VM from Gen1 to Gen2
    • Download Windows 10 ISO – https://www.microsoft.com/en-us/software-download/windows10
    • Add Windows ISO to IDE controller as CD 
    •  Set boot to CD in VM Settings 
    • Boot VM to repair section of CD 
    • Boot to command prompt
      • diskpart 
      • list disk   (Make boot disk is in 0 spot)
      • exit
      • X:\>mbr2gpt /validate /disk:0 (select proper disk) 
      • X:\>mbr2gpt /convert /disk:0 
    • Create new VM with Gen2 setting
      • Give the VM a name and Store in appropriate iSCSI LUN drive then Click Next 
      • Select Gen 2 and click Next
      • Give the VM as much startup memory as needed and Use Dynamic Memory then Click Next Graphical user interface, text, application, email Description automatically generated
      • Select the Internal Test Switch and click Next
      • Select an existing hard drive and point to boot drive that was converted to Gen 2 then click Next Graphical user interface, text, application, email Description automatically generated
      • Click Finish to create
      • Modify to match old VM
        • Check Dynamic RAM settings to make sure the Max / Min is set properly
        • Check Hard drives and add additional as needed
        • Turn off Secure Boot function
  • Boot new Gen 2 VM and configure static IP address.
  • If booting successfully then delete Gen 1 VM 
  • Turn of old server as needed
  • Change Gen 2 VM to use SET Team vSwitch 
  • Test connectivity to network resources. 

If your company is looking to migrate from physical to virtual servers, then contact us to make the transition easy.

Small Office Server Virtualization

Expand Server Storage - Clackmas County, OR

Had a client recently who had a smaller office network (they have up to 6 concurrent users) with a server to process orders from their website using a software called StoneEdge. This software is SQL-based database with a Microsoft Access front-end. It was time to upgrade their server to new hardware and cost was definitely an issue based on their size and order volume. In this case we chose to use a Synology device to act as the virtual machine host and create a new virtual server on the host. Here are some details:

Server Build Specifications

  • Synology RackStation RS1221+
  • Synology M2D20 – M.2 SSD Adapter Card
  • 2x Synology SNV3410-400G – 400GB NVMe M.2
  • 2x Synology D4ECSO-2666-16G – 16GB DDR4 2666 MHz ECC SO-DIMM Memory Module
  • 4x Seagate 4TB IronWolf Pro 7200 rpm SATA III 3.5″ Internal NAS HDD

Picked the Synology based on the expandability of RAM to 32 GB, the capability to use cache drives, and storage growth over time. It also has a 4-core 2.2 Ghz Ryzen processor which was plenty based on their old servers CPU usage.

Basics of Setup

  1. Assembled parts
  2. Installed Synology OS
  3. Setup HDDs in Synology SHR2 RAID
  4. Added M.2 drives as cache
  5. Installed the Virtual Machine Manager app
  6. Created a VM with the max CPU available and max Memory available
  7. Uploaded the ISO for the server OS
  8. Installed the server OS
  9. Setup the StoneEdge application
  10. Migrated data

This build did not increase performance dramatically, but it did allow them to spend about half the cost of a full server to accomplish the same purpose. It also reduced costs by using the Synology for backup of the server locally and into S3 storage in the cloud for redundancy.

If your company is looking to move their servers to a virtual environment or into the cloud, then contact us to start the process

Zero Trust – Software Patching

This is the seventh in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on software patching. 

Software Patching

Software patching is a neccesity because no person who writes code is perfect and hackers are actively looking for these mistakes. The hackers find the mistakes and then develop ways of using these to exploit the software, computer, or whatever else they can gain access to. The only way to combat both the mistakes and the exploits is to discover them before the hackers do and patch the hole in the software. This patch can however lead to unforseen consequences to the software, so a plan for testing and deployment of patches is needed to avoid unexpected downtime to businesses.Here are some questions to ask:

  • Do you know all of the hardware and software on your network?
  • Do you check for hardware, operating system, and other software regularly?
  • How do you check for updates, patches, or upgrades to software?
  • How do you install these patches? Is it automated?
  • Are these patches tested before installation?
  • What happens if a patch causes problems?
  • Do you have a log of all installed updates?
  • Are any systems or software on your network no longer supported for updates?

If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.

Surviving a Flood

Had a client walk into their office to find it flooded with an inch and a half of water on the ground and it got me thinking about what could be done to mitigate the risks associated with this sort of “Act of God” at the office.

Can’t Stop the Flood

It goes without saying that there is no way to realistically prevent a flood besides the usual preventative building maintenance that most businesses are not in control of anyways. It makes sense then to choose an office space where the owner is into proactive repairs on the building, even if it costs a little extra per month. It would also be good to talk to your business insurance provider to make sure that such Acts of God are covered. Clean-up and recovery though usually covered by the building owner can get expensive if your contract doesn’t cover it. 

Prepare for the Worst

Practically speaking it may not be possible to keep computers out of the water in a flood. At this particular client we did have the computers up on blocks just in case of this very thing. All network equipment should also be in a safe place, ideally in a locked cabinet high off the ground.

Recovery can happen

If the worst does happen, the first thing to do is shut off the electricity to the building. After that take careful inventory of all that is plugged in and remove it from electrical outlets. If equipment is wet, keep it unplugged for a couple days in a dry environment to make sure it is free from moisture. Once sure it is dry, plug in the equipment and test whether it will come back online. If anything was submerged in water, it is best to plan on replacing it as most water has minerals in it that will stick to components in the computer and could cause and electrical short.

If your company is not ready for the worst, then contact us for assistance.

Zero Trust – Trusted Vendors

This is the second in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on the vendors you purchase network equipment from. 

Trusted Vendors

Trusted vendors are those who supply workstations, servers, routers, switches, power protection, software, and anything else connected to your network. Here are some questions that you should be asking yourself:

  • Do you know who makes your network equipment, servers, computers, and software?
  • Do you know the way to contact their support and have current account access information?
  • Do you have current warranties / support contracts on hardware and software?
  • Is the hardware able to perform at the level needed?
  • Are you purchasing software from those who meets industry standards?
  • If a subscription, how much are you paying and are you on the correct plan for your needs?
  • When is the last time you upgraded your software and hardware?
  • Have you budgeted for the next upgrade?

Take time to think about these questions and decide where changes can be made to better protect your IT investments, or contact us to do the thinking for you.

Zero Trust – Physical Security

This is the first in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on the physical security surrounding your network. 
 

Physical Security

Physical security can include the locks on the doors, where things are placed, and how they are protected from the unpredictability of the environment. Here are some questions that you should be asking yourself:

  • Do you know where your network equipment is located?
  • Is the server / network in a separate area from where work is done?
  • Is this separate area behind a locked door?
  • Is the equipment in a locked rack or cabinet?
  • Is there a separate air conditioning zone for this area (servers like it cold)?
  • Is there a separate alarm zone for this equipment?
  • Who has the codes?
  • Is there a security camera watching this area (we don’t install these)?
  • How long is the recording for?
  • Who has access to the recordings?
  • Are computers located in areas where customers can physically touch them?
  • Are unused USB ports on the computer turned off or locked?
  • Are all systems protected by battery backup devices?
  • Are all systems off the floor in case of a flood?

Take time to think about these questions and decide where changes can be made to better protect your IT investments, or contact us to do the thinking for you.

US Takes Action Against Russian Cyber Threats

We caught wind of two separate actions the US has taken against Cyber Threats from Russia over the weekend:

Kaspersky

The first is news that the US Federal Communications Commission has added Russian cybersecurity company Kaspersky Lab to its list of entities that pose an “unacceptable risk to US national security,” according to a report from Bloomberg. This company has been banned from use by government agencies since 2017 when a bill was signed due to the companies ties to the Kremlin. 

Russian Hackers

The second article was a press release from the FBI stating that:

“The Department of Justice unsealed two indictments today charging four defendants, all Russian nationals who worked for the Russian government, with attempting, supporting and conducting computer intrusions that together, in two separate conspiracies, targeted the global energy sector between 2012 and 2018. In total, these hacking campaigns targeted thousands of computers, at hundreds of companies and organizations, in approximately 135 countries.”

This hacking activity should be another wake-up call to American businesses to harden their defenses and remain vigilant against cyber security threats. These people are nationally sponsored criminals and we must protect ourselves. 

If your company is currently using Kaspersky or any other Russian based vendors, then it is time to carefully consider whether to continue being connected with them and contact us for assistance migrating to a trusted source.

Hackers Penetrate 93% of Company Networks

Hacked - Grants Pass, OR

Security researchers performed penetration testing on the networks of 45 various mid-sized companies and found that in real life scenarios 93% of those networks were able to be compromised to the point of business disruption. Here are the details:

The Target

The 45 companies were polled to determine what would be an unacceptable business interruption. They decided that the following met that criteria:

  • Disruption of production processes
  • Disruption of service delivery processes
  • Compromise of the digital identity of top management
  • Theft of funds
  • Theft of sensitive information
  • Fraud against users

These became the target for the penetration testers. 


The Process

In order for the penetration tester to achieve their target, they followed the following process:

  • Breach the network perimeter – This was done by the use of compromised passwords found on the Dark Web and know vulnerabilities on devices that were directly connected to the internet
  • Obtain maximum privileges – In 100% of the networks, once an attacker was inside the network
  •  Gaining access to key systems – With maximum privileges, the testers are able to gain access to other areas of the network including databases, executives computers, and production servers
  • Develop attacks on target systems – Once key systems are compromised the testers then figured out how to create the unacceptable business interruption. Although they could have created these interruptions, they only gathered proof that they could to present the data to the companies. 


How to Defend 

There are a couple main ways to defend against these kinds of attacks:

  • Security Controls / Segmentation – Creating least privileged access to key systems and segmenting the network will keep hackers from traversing the network once inside
  • Enhanced Network Monitoring – Modern cyber security tools watch activity and traffic on the network to find indicators of compromise. They pool this information into an attack history that can be used to remediate and further protect. 


Your company is not as safe as you think, so contact us for free initial cybersecurity evaluation and risk report.  .

Did I see your Indicators of Compromise?

Nobody wants to be hacked, breached, compromised, or whatever else they are calling it now. Here is a quick list of things to think about to keep your company safe:

Compromise Prevention

  • Keep track of your inventory, both software and hardware.
  • Make sure to properly dispose of these things (recycle or responsible destruction)
  • Scan your network for vulnerabilities
  • Patch or remediate everything you find
  • Manage your antivirus & keep it up-to-date
  • Keep your passwords complex & safely stored
  • Remove all users / accounts when no longer in use
  • Look at best practices to harden your computers / network to attacks
  • Monitor your network for strange activity (indicators of compromise)

If your company is concerned about security, then contact us to take care of it for you.

Archives

Categories

Plant a Seed 541-761-9549
233 Rogue River Hwy #873 Grants Pass, OR 97527
Mon-Fri: 9:00am-5:00pm
support@farmhousenetworking.com
© 2016-2022- Farmhouse Networking. All rights reserved
Terms and Conditions Privacy Policy

Evaluation Signup

[contact-form-7 id="452" title="Free Network Evaluation"]