This article and video explain how to mitigate the Log4j vulnerability on Windows servers running Fastvue Reporter. Fastvue Reporter uses Elasticsearch as its database, which uses Log4j for its own diagnostic logging. We recommend adding this environment variable to your Fastvue Server in order to mitigate the vulnerability.
Fastvue's new YouTube integration makes reporting on YouTube videos even easier easy by enriching video URLs with the title, category and channel information, enabling you to easily see whether the videos are appropriate for your school or workplace.
More features are available when selecting Fortinet FortiGate's Proxy-based web filter compared to Flow-based web filters. But do you need them? This article explores the extra features that proxy-based web filter profiles provide so you can make a more informed decision on which web filter to use.
Fortinet FortiGate's FortiOS 7.0 introduces some additional themes that effectively provide a native dark-mode display. Here's how to enable dark mode in Fortinet FortiGate FortiOS 7.0.
Sophos XG makes it easy to expose internal services to the public internet using the Server Access Assistant (DNAT) wizard. However, this does generate a lot of configuration that is not strictly required. By knowing your environment, some basic theory, and what is and is not required, you can configure clean concise DNAT rules. This article uses the example of exposing a Plex server on the public internet to understand Sophos XG's DNAT Rules and how to optimize them.
This article outlines how you can use Sophos XG to block searches and URLs that contain specific keywords. This is can be useful in preventing school students from wasting time searching for mobile phone wallpapers and/or looking for 'VPNs' that could potentially result in students or employees getting around your Sophos rules and policies altogether!
Decrypting TLS 1.3 is only available with Sophos XG's new XStream DPI engine. Unfortunately, some features are not supported with the XStream DPI engine such as SafeSearch enforcement and YouTube restrictions. Thankfully you can deploy a combination of Web Proxy and DPI rules to get the best of both methods. This article describes how.
Palo Alto Networks has recently introduced PAN-OS 10, and added some pretty nifty features but one feature that perhaps excites me the most is the improved SSL decryption troubleshooting. Any system or network administrator that has provisioned SSL decryption on any firewall knows that they'll be spending the next few days (weeks/months?) fixing web pages that don't load properly, applications that don't connect, SaaS logins that no longer work etc. It's a headache. The solution to all this is to find the SNI (Server Name Identification) of the certificate being used by the application and excluding it from your firewall's SSL decryption feature. Before PAN-OS v10, this was easier said than done in Palo Alto firewalls. So it is with open arms that I welcome the new Decryption Failure Reasons widget in PAN-OS 10.
With many people now working from home due to COVID-19, reporting on Fortinet FortiGate's VPN activity is top of mind for many overstretched IT teams right now. To help, we've made some additions to Fastvue Reporter for FortiGate to provide better visibility into Fortinet ForitiGate's VPN connections so you can plan for extra capacity, proactively respond to unexpected or excessive invalid login attempts, or simply keep an eye on who is and isn't logging in each day.
With many people now working from home due to COVID-19, reporting on Sophos XG's VPN activity is top of mind for many overstretched IT teams right now. To help, we've made some additions to Fastvue Sophos Reporter to provide better visibility into Sophos XG's VPN connections and ensure your remote infrastructure is holding up. With Fastvue Sophos Reporter's new VPN Dashboard and VPN Report, you can monitor the number of active sessions throughout the day to help plan for extra capacity, or use the reports to find who has not connected recently. You can also easily see when most people connect and disconnect, and proactively respond to unexpected disconnections or excessive invalid login attempts.