Tag Archives: Security

Oct
12
2012

Desktop Virtualization: What is it and is Your VDI Environment Secure?

Posted on October 12, 2012 by Karen Spencer

Many of you are probably already aware that virtual desktop infrastructure (VDI) is the practice of hosting a desktop operating system within a virtual machine running on a hosted, centralized or remote server. To users this means access to their desktop from any location, without being tied to a single client device. Administrators are drawn to this model by the idea that this platform is more secure and easier to manage after exhausting the effort to set it up.

Virtual MachinesIT professionals often question whether they can lower the cost of VDI or simplify its deployment, but tend to overlook policy and configuration management of virtual desktops. VDI implies a guarantee to provide a virtual desktop that is more secure than a physical desktop and doesn’t require as much attention. Herein lies the misconception, that by simply implementing a VDI eliminates the need to manage IT policies and configuration of virtual desktops like that of a physical desktops and/or notebooks.

Wouldn’t it be nice to be able to proactively enforce IT policies and configurations in VDI environments, while also ensuring a consistent user experience without compromising benefits and security? Well, you can! KACE provides an innovative solution that allows IT administrators to easily and effectively address the adoption of VDI, and the management and security challenges it brings.

Dell KACE experts recently published a white paper, Extending Policy and Configuration Management to Dell DVS Simplified VDI, in which the challenges of VDI adoption are discussed and how the Dell KACE K1000 Management Appliance can help. Additionally, if you are considering a deployment of Dell’s Desktop Virtualization Solution (DVS) Simplified Appliance and want to ensure IT policies and configurations are enforced, the authors also discuss how the K1000 Appliance features such as tracking assets, providing updates, and managing and securing desktops can be easily applied to Dell’s DVS simplified VDI solution. Be sure to check it out.

Posted in New Posts | Tagged , , , , , | Leave a comment
Jun
29
2012

Are you an IT or security manager at a financial institution? Read on…

Posted on June 29, 2012 by Anne Haggar

Don't let the intruders into your financial institution

We at Dell KACE and Dell SecureWorks feel your pain. And, we have helped thousands of financial institutions of all sizes tackle their many security challenges and to become more efficient along the way.
If you are interested in learning exactly how we have helped others in your shoes, please plan to attend a live webinar entitled: Taming the security beast:  How financial institutions can meet escalating threats and bring costs down.

You will hear from SecureWorks security expert, Andy Held as he hones in on the special set of security challenges you face and provides expertise on where to focus and how to provide greater protection for your company and your customers. You will also hear Ben Schreiner share his “war stories” about his many years on the front line, working for multiple financial institutions. We will take a look at a case study so you can learn how some of your peers successfully tackled the security beast.

The webinar takes place on July 11, 2012 at 10am PT, 11 MT, 12 CT. Register by clicking here.

Posted in New Posts | Tagged , , | Leave a comment
May
14
2012

What you should be doing to keep data safe, but probably are not doing. Yet.

Posted on May 14, 2012 by Anne Haggar

At a recent KACE webinar on security, we asked the attendees to answer a question about security.  We found out they are not feeling entirely secure as only 16% said they feel confident about the security measures they have in place for their organizations.  This is not surprising, considering that attacks are on the rise and increasing in the level of sophistication.

So what can you do to easily step up the security on your systems, particularly those that travel with important company information on them?  If you are already a KACE Kustomer, you can provide encryption protection with Dell Data Protection|Encryption (DDPE) using your KACE console.  Dell KACE and DDPE now work together to complement and reinforce systems management best practices and strong data protection.  The solutions work side-by-side to more easily enable you to manage the configuration of systems and applications, and protect the data on those systems.  Equally importantly they reduce the work of both enforcing policies and proving compliance by simplifying the deployment, configuration and auditing of systems and their security.  This allows you to save significant time over doing manual processes, and helps to ensure policies are enforced and the organization is in compliance.  Using a single set of tools, you can easily provide and demonstrate encryption across an organization, helping to ensure that devices are protected and the organization is compliant.

If you are not yet familar with DDPE, it delivers endpoint encryption to organizations with Dell and non-Dell notebooks, desktops, workstations and external media devices that enforces policies and provides auditing capabilities.

Are you interested in learning how you can provide this extra security for your organization?  Please make plans to attend a live webinar event on May 24 at 10am, PT entitled:  New levels of security: The power to do more with Encrytion.  To register, click here.

 

 

Posted in New Posts | Tagged , , , , , | Leave a comment
Apr
27
2012

Freeze and forget with Faronics and KACE

Posted on April 27, 2012 by Anne Haggar

Poliroid snapshots We discovered that KACE customers are also Faronics Deep Freeze customers. In fact, some of our customers were trying to get Deep Freeze and the Dell KACE K1000 to work together in some smart ways. So we pulled together a team from Deep Freeze and KACE to determine how we can best build some integration between our products to provide some additional benefits and provide some relief to you hard working IT professionals.

For those of you who may not know about Deep Freeze, it provides the ultimate workstation protection by creating a “frozen” snapshot of a workstation’s configuration and settings. Deep Freeze is invaluable in institutions where both employees and students need full access to their workstations/laptops and need to have the confidence that their computers are up and running at all times.

Dell KACE customers who are looking to strengthen PC security and reduce technical support costs can use Faronics Deep Freeze to ensure that you will never again have to repair a computer damaged by a user’s accidental or malicious activity by including Deep Freeze as part of the Dell KACE K2000 imaging process. Any changes that a user makes to a protected machine will be eliminated upon reboot. The result is a computer that remains in the same perfect working condition it was setup in — days, months, and even years later! Another option is to use the K1000 to automatically “thaw” Deep Freeze computers and securely make changes REMOTELY from a central console such as updating software and performing critical patches and then have them now restart to the new “frozen” baseline.

This integration between the two companies provides enhanced security and lets you automate some of the time-consuming tasks that are necessary to keep systems safe.

If you would like to see a live demonstration, there is a webinar on May 3rd, 2012 at 10:00am PT. To register, go here. If you can’t make the live webinar, it will be recorded and available in our resources center on our website.

Posted in New Posts | Tagged , , , , , | Leave a comment
Apr
12
2012

Securing your Network via the K1000

Posted on April 12, 2012 by Christopher Blake

Did you know that with your K1000 Management Appliance you have the ability to discover security and ensure the health of your Network?  The K1000 combines the use of OVAL (Open Vulnerability Assessment Language) and SCAP Scanning (Security Content Automation Protocol).  These tools combined with K1000 Patching can ensure your Network is safe from many thousands of vulnerabilities.

Logo of OVAL

OVAL Is a comprehensive suite of tests which give extents you an idea of theof all the vulnerabilities your machines may have.  It is an internationally recognized standard to detect security vulnerabilities and configuration issues on your computer systems. To learn more about OVAL visit oval.mitre.org

To get started running a scan, simply browse to the Security Module, and click on the OVAL tab. From the Action menu here, you’ll need to configure the settings for OVAL to determine which machines will be scanned, and when. We recommend only running OVAL scans on machines when they are not in use; an OVAL scan can be rather intensive on the machine and may impact user activities. Once you scan your network for vulnerabilities you can then run a report under the Security section of our reporting module to review the vulnerabilities on your Network.

 

NIST logo with Security Configuration Checklist written on itSCAP allows you to choose which checklists you wish to evaluate such as specific OS’s or applications such as Microsoft Office. To learn more about SCAP and download benchmarks for this feature go to http://web.nvd.nist.gov/view/ncp/repository.

To get started running a scan, you’ll first need to download the checklist zip files you want to scan, then upload them on the SCAP/FDCC tab under the Security Module. Next, like OVAL, you’ll define which machines to scan and when to scan them. SCAP may be less intensive on machines because it potentially scans for fewer vulnerabilities depending on what you have defined, but should still be used with caution when machines are in use.

Patching

If vulnerabilities are discovered by either OVAL or SCAP scanning, then the patches necessary to fix the problems can be included in a Patch Job scheduled on the K1000. While the tools are not aware of each other, you can certainly configure patches to be included that were identified as resolutions by the SCAP/OVAL scans.

The vulnerability can be identified, and the information for it can be tied to a patch that should be installed. The Inventory for the machine will list the vulnerabilities found under “Security” follow the links to discover what patches may be needed.

Remember that if you find vulnerability on one machine, there is a good chance that it exists throughout your network. While some vulnerabilities are known or even intentional in some cases, others may be surprising. This is in part why the SCAP & OVAL scanning suites do not have a remediation option built into them, but rather we leverage the other parts of the appliance such as Patching, Scripting, and Managed Installs to remediate what we discover in Security scans.

To learn more about using these tools see your “Patching and Security” guide at http://www.kace.com/support/resources/documentation for detailed instructions.   This guide can also be found under the “Settings” tab under the “Support” tab on your K1000.

Posted in New Posts | Tagged , , , , , | Leave a comment