Category: Remote Access

Why Araknis is the Best Choice for Business Networks

A reliable and robust network infrastructure is crucial for success. Araknis, a leading provider of networking solutions, offers a range of multi-gig VPN routers that are specifically designed to meet the diverse needs of modern businesses. Let’s explore why Araknis stands out as the top choice for business networks.

Unparalleled Performance

Araknis routers and switches are built to handle the demands of high-speed internet connections, supporting up to multi-gigabit 2.5Gbps throughput from your internet provider and up to 10Gbps throughout the network. This impressive capability ensures that your business network can handle large data transfers, video conferencing, and other bandwidth-intensive applications with ease.

Versatility and Flexibility

One of the key strengths of Araknis is its versatility. Whether you need a wireless solution, a wired setup, or a combination of both, Araknis has you covered. Their product line includes:

Wireless access points with built-in Wi-Fi 6 technology
Wired routers and switches for more traditional ethernet or modern fiber setups
PoE+ enabled ports to power all the phones, cameras, and other network devices
1U rack-mountable options for server rooms

This variety ensures that regardless of your business’s physical environment or networking requirements, there’s an Araknis network that fits perfectly.

Advanced Security Features

Araknis doesn’t compromise on protection. Their routers come with:

OpenVPN support: allowing for secure remote worker connections.
IPsec VPN support: allowing for secure office-to-office or office-to-cloud connection
Embedded firewall: Stateful Packet Inspection (SPI), Denial of Service (DoS) prevention, and WAN Request Blocking
VLAN routing: segment your network for added security
WiFi guest network: keep guest online and separated from business data

Cloud Management

Perhaps one of the most compelling reasons to choose Araknis is cloud management. This powerful management platform offers:

Faster setup and configuration
Robust remote management capabilities including printers and other network devices
Enhanced visibility and access to all network devices
Advanced troubleshooting tools
Real-time system health and diagnostic data

These features significantly reduce the need for on-site visits, saving time and resources while ensuring your network runs smoothly.

Future-Proof Investment

By choosing Araknis, businesses are making a future-proof investment. The routers, switches, and access points are designed to support the increasing internet speeds available today and are ready for the demands of tomorrow. This forward-thinking approach means your network infrastructure can grow and adapt as your business evolves.

Araknis routers offer a compelling combination of performance, versatility, security, and management capabilities that make them an excellent choice for business networks of all sizes. From small offices to medium enterprises, Araknis provides the reliable foundation needed to keep your business connected and productive.

Ready to elevate your business network with Araknis? Don’t wait to experience the difference. Contact Farmhouse Networking today to discuss how we can configure an Araknis-powered network tailored to your specific business needs. Let us help you build a network that drives your business forward.

Security and Encryption Tools to Protect your Business Data

Safeguarding your business data is paramount. Cyber threats are ever-evolving, and data breaches can have severe consequences. To fortify your business defenses, consider implementing the following security and encryption tools:

Operating System Encryption

Encryption is the process where normal data is transformed into something unreadable without the keys unlock it. Windows has encryption built in using BitLocker software in conjunction with modern hardware to keep data safe on physical hard drives. In case a computer is stolen or lost the data is unreadable (assuming the password protecting the computer is strong).

Virtual Private Network / Zero Trust Network Access

Whenever employees are remote or working from home they need to be able to connect to company resources without endangering company data. This is best done through Zero Trust Network Access (ZTNA) which is the next-gen replacement for the older virtual private network connection ZTNA assumes that all connections are threats unless proven otherwise and those who are connecting must have their computers tested to make sure they are safe. This approach also only allows users to connect to the resources that are specifically needed to function.

Antivirus / Extended Detection and Response

One key to staying cyber secure is to recognize and repel threats before they do any damage. Utilizing AI and automation extended detection and response (XDR) is the modern replacement for antivirus. It is able to detect behavior patterns that malicious software and hackers use when attacking your systems then automatically undue any changes they have made.

Email Encryption and SPAM Filtering

When sending sensitive data via email it is now the standard to send it via encrypted channels with each message also being encrypted. Most companies that provide encryption also provide SPAM filtering which keeps phishing, spoofing, and malicious emails from targeting employees. This is often the most effective means hackers use to gain a foot hold in networks.

Backups

There will inevitably be times when hackers are able to breach even the best defenses, so the only recourse at that time is to have good backups in multiple locations to recover once the attacker is repelled. Without good backups many companies have had to pay ransoms and hope for a response or go out of business.

Remember, data security is an ongoing process. Combine these tools with user education and strong password practices,. Stay vigilant, adapt to new threats, and invest wisely in protecting your digital assets and reputation. Call Farmhouse Networking to advise you on how to best secure your business.

Our Pricing Explained

We have received numerous inquiries from potential customers regarding our pricing structure. Specifically, they want to know if we offer monthly contracts or if we charge an hourly rate. The answer is Yes.

Hourly Rate

For customers who require a one-time fix or need a project completed, we offer a service based on an hourly rate. Our rate for remote or on-site work that is not covered under a contract is $150 per hour. We bill in 15-minute increments and take pride in our efficiency. For clients with more than 2 service requests per month, we highly recommend signing up for a contract to save money and benefit from our expert oversight.

Monthly Contracts

There are three types of monthly contracts:

Remote Maintenance Contract

This is the package that most of our clients choose. It includes automated maintenance, cyber security protections, and unlimited remote support. Since most problems and questions can be handled remotely, this package offers real value.

Full Service Maintenance Contract

This package is for clients who want complete peace of mind. It includes all services, whether remote or at their offices. Additionally, it provides some additional benefits, such as top priority in our support queue.

Co-Managed IT Contract

This special package is designed for companies that already have a full-time IT employee or IT service companies in need of extra help. It provides them with the necessary automations and tools to make their jobs easier, allowing them to focus on what matters. This package also includes a discount on our remote and on-site services.

All contracts are based on a per-device model, taking into account the number of workstations, printers, servers, switches, etc. on the client’s network. We use this model because the other popular model, per user, is too vague and can easily hide excessive profit margins. Contracts can be month-to-month or a yearly commitment. The difference is that with a yearly commitment, you are protected from price increases for the entire year. We also offer many optional add-ons for our clients, such as Office 365, Employee Security Training, Penetration/Vulnerability Scanning, Mobile Device Management, Compliance, Secure Remote Access, and Security Operations Center.

Are you looking for reliable IT support that suits your business’s unique requirements? Look no further! Our flexible pricing options cater to businesses of all sizes. Whether you require one-time assistance or ongoing support, we have the right plan for you. Ready to take your business IT support to the next level? Contact us today to discuss your needs and find the perfect plan for your business.

How to Safeguard Your Mobile Workforce with Zero Trust Security

Remote work and mobile devices have become the norm, so ensuring the security of your workforce and sensitive data is paramount. Traditional security measures based on perimeter defense are no longer sufficient to protect against the sophisticated cyber threats that target mobile devices and exploit vulnerabilities in the network. This is where the concept of zero trust comes into play. Zero trust is a security framework that challenges the notion of “trust but verify” and instead adopts a “never trust, always verify” approach. By implementing a zero trust model, organizations can establish a security infrastructure that provides continuous authentication, authorization, and monitoring to safeguard their mobile workforce and sensitive data.

Understanding the Concept of Zero Trust

The concept of zero trust is rooted in the recognition that a one-time authentication and authorization process is not enough to ensure security in today’s dynamic threat landscape. Changes in user behavior, location, and other factors should radically impact access decisions. Zero trust takes a proactive approach to security by enforcing minimal access to resources, requiring continuous security monitoring, risk-based access control, and real-time authentication and authorization based on up-to-date information. Unlike traditional security models that rely on perimeter defense and trust users and devices within the network, zero trust challenges the idea of inherent trust and verifies the authenticity and integrity of every user and device, regardless of their location or network connection.

The Evolution of Zero Trust

The concept of zero trust has evolved over time in response to the increasing risks and challenges posed by mobile devices and remote work. The rapid adoption of mobile devices and the proliferation of internet-connected devices have expanded the attack surface, making traditional perimeter-based security measures inadequate.

Key Security Technologies for Mobile Devices

To enhance the security of mobile devices and implement zero trust, organizations should leverage key security technologies designed specifically for the mobile environment. These technologies include:

Enterprise Mobility Management (EMM): EMM ensures that mobile devices have the necessary policies and configurations in place, including mobile device management for security settings and configurations, as well as remote user access policy implementation. EMM provides a foundation for enforcing security controls and managing mobile devices within the organization.

Mobile Application Vetting (MAV): MAV ensures that applications comply with enterprise policies and do not contain known exploitable vulnerabilities. By vetting applications, organizations can reduce the risk of malicious applications compromising the security of mobile devices and accessing sensitive data.

Mobile Application Management (MAM): MAM focuses on ensuring compliance in deployed applications. It enables organizations to enforce security policies and manage the lifecycle of mobile applications, including app distribution, updates, and revocation. MAM helps organizations maintain control over the applications used by their mobile workforce.

Mobile Threat Defense (MTD): MTD solutions detect and mitigate threats from suspicious user behavior, network activity, and malicious attacks. These solutions leverage advanced analytics and threat intelligence to identify and respond to potential security threats in real time, providing an additional layer of protection for mobile devices.

Secure Containers: Secure containers provide isolation techniques to prevent organizational and personal data from commingling. By creating separate containers for different types of data, organizations can ensure that sensitive information remains secure, even if the device itself is compromised.

The Role of Intelligent Authentication

Intelligent authentication, powered by advanced rule sets and artificial intelligence, can significantly enhance the security of mobile devices in a zero trust environment. By combining biometrics with user behavior analysis, intelligent authentication systems can provide adaptive authentication that adapts to each user interaction, ensuring precise security measures. Integration between EMM, mobile threat defense, and existing logging, monitoring, diagnostic, and mitigation systems further enhances security capabilities.

Developing a Mobile Zero Trust Strategy

Implementing zero trust in the mobile environment requires a tailored approach that aligns with an organization’s specific goals, risks, and infrastructure. Businesses should develop their strategies based on a comprehensive assessment of the risks they face, with granular policies to mitigate those risks. The granularity of continuous authentication should be carefully determined to strike the right balance between security and usability. It’s important to note that technology is only one part of the solution; organizations must also review their mobile use policies and ensure that processes and human factors align with zero trust principles

With an intelligent authentication approach and a tailored mobile zero trust strategy, organizations can safeguard their mobile workforce and data from advanced cyber threats. Farmhouse Networking can make this a reality for your organization.

What every business has in common?

Every modern business has one thing in common – the internet.

Businesses are using computers, smart phones, tablets, etc. to connect to the internet for research, shopping, advertising, or any number of things. With a connection to the internet comes the need for routers, switches, wireless, and other network hardware to distribute internet connectivity across the company. There are malicious people on the internet that are setting traps and trying to break into companies which necessitate the use of tools like antivirus, internet filtering, spam filtering, and other protective measures. There are also people who work from their homes and need to have a way of tunneling safely into the network to use the resources there.

All of this has to be managed by someone in the company or you can contract with a managed IT service provider.

If your company needs help managing all the things connected to your internet, then contact us for assistance.

Using an Old Teamviewer Makes You Vulnerable

Looks like the trusted remote access / remote support tool has an exploit that could allow an attacker to figure out your network password.

Please take the time to update your Teamviewer software to the latest version or contact us to setup our free remote access software on your systems.

Can Passwords Be Strong & Easy To Remember

The COVID-19 scare and ensuing rush to remote access has us thinking security. What is more basic to security than passwords. In an effort to find a way to make passwords both secure and easy to remember, I have found a website that seems to fit the bill:

https://xkpasswd.net/

A Secure Memorable Password Generator

The concept is surprisingly simple and is said to be based on a cartoon:

XKCD - Password Strength

I have played with the settings and found the following to generate some good password settings. Here they are for those who are interested:

The only other option would be to use random passwords stored in a password keeper. This also allows secure sharing of passwords throughout the organization.

If your company is using remote access, then contact us for assistance to make it secure.

Small Business Information Security: The Fundamentals

NIST is the National Institute of Standards and Technology. It acts as the defacto baseline that all other security and compliance organizations use to construct their standards. Reading their publications is like reading any other government document – extremely long and not interesting. Farmhouse Networking recently became aware of one such document called NISTIR 7621 aka Small Business Information Security: The Fundamentals. We took the time to distill out the main points here:

The Fundamentals aka Best Practices

Identify: Who has access to the network, who has access to the data, and what do they have access to. This includes background checking employees during the hiring process, taking an inventory of data to see who needs access to what, requiring that each user have their own login, and company policy creation.

Protect: Protection starts with separating data into shares then giving access only to those who really need it. It also includes protecting hardware with uninterruptible power supplies (UPS) and protecting software with regular updates. Protecting the network includes setting up a proper firewall, separate wireless for guest access, and VPN only access for remote users. Web filtering, SPAM filtering, file encryption, proper disposal of old equipment, and employee training are also mentioned.

Detect: Having a centrally managed antivirus software on each workstation is a must. This includes the ability to look back in time via log files or monitoring system to find the root of the security breach.

Respond: Have a disaster recovery plan and security incident response plan in place.

Recover: Need full backups of all important business data, invest in cyber insurance, and regularly access your technology to find timely improvements.

If your company does not meet these fundamentals, then contact us for assistance.

Remote Desktop Network Printer Redirection

Found myself setting up a client with a remote desktop connection to a local workstation from a remote site to use their Client Management System (CMS). Even after successfully getting them connected to the local workstation and warning them there would be issues with using their network printer at the remote office, they stated it would be just fine. Found out later indeed they were not able to use the printer successfully due to the inherent issue with network printers across a Remote Desktop Connection. Found this little workaround to provide Remote Desktop network printer redirection in the Microsoft forums:

Remote Desktop network printer redirection workaround

Click on the Start button and open Control Panel then open “Devices and Printers”
Right click on the network printer that needs to be redirected and choose “Printer Properties”
Click on the Ports tab and put a check next to “Enable printer pooling” and next to the “LPT1:” in the list then click the OK button to finish.
Click on the Start button and open Remote Desktop Connection then click on the “Local Resources” tab.
Click on the “More…” button at the bottom then put a check next to the Ports item then click the OK button.
Make sure to go back to the General tab and click on save before clicking on the Connect button.
Once connected download and install the needed print driver but do not create the printer itself yet.
Inside the Remote Desktop connected computer click on the Start button and open Control Panel then open “Devices and Printer”
Click on the Add Printer button at the top then click on the “The printer that I want isn’t listed” link at the bottom of the window that opens.
Click on the radio selection next to “Add a local printer or network printer with manual settings” then click on the next button.
Click on the list “Use an existing port” and choose “TS001:” which usually corresponds to the LPT1: port redirection, but it may take some trial and error going through this list later to figure out which one it is.
Search through the list of drivers to pick the one associated with the one being connected then click on the Next button.
If requested, choose to “Replace the current driver” and click on the Next button.
Change the name as needed and click on the Next button.
Choose “Do not share this printer” and click on the Next button.
Test the printer by clicking on “Print a test page” then click the Finish button.

If the printer does not print then open the printer properties on the Remote Desktop connected computer and change the port to TS002: on the Ports tab, click Apply then click “Print a test page” on the General tab to test again. Repeat down the list until the correct port is found. If your company is using Remote Desktop Network Printer Redirection or need help getting the network connected printers working properly, then contact us for assistance.