Reality about Browsing Security with Draytek

If you’re accountable for IT security/management, keeping clients safe on the web is one of the most serious issues you confront. However, there are some obsolete thoughts about dangers that can hamper possible security.

Protecting users on the web (http/https) requires you to think about all the ways users access it, and the different ideas cyber-criminals have in their minds for getting around traditional anti-virus security.

To secure your data, keep your clients gainful, and cut down on the measure of time you spend cleaning up compromised PCs, I suggest read below.

Draytek Vigor 2860

Myth: You may think that a strict browsing policy that simply blocks malware sites and keeps users safe.

Web security used to be pretty straightforward: you merely had to block out certain websites in categories like adult content, gambling, P2P, and violent or extremist content. (like Draytek WCF and APPE Filter)

You may have some sound reasons for blocking those kinds of websites – they probably violate your country laws, company policies, present legal liabilities, harm worker productivity, and can contribute to an unhealthy work environment.

But blocking dubious sites won’t keep users safe from web-borne threats.

The reality is that the vast majority of threats come from legitimate websites that have been compromised by cyber-criminals.

Current websites tend to be built from a huge number of components. Some of these are likely delivered by third-party sites and the bad guys have become expert at targeting those, which are often not as well protected and carrier for vulnerable codes and malwares.

So, even if a site has done a good job securing its own substructure it could still unintentionally be serving up malware. Malwares delivered by malvertising (Malware Ads) is a common example.

Some attacks – called drive-by downloads – can infect your computers with malicious code just by visiting a compromised website. They don’t even need to click on anything because the infection happens automatically, without them even realizing it. Your staff are particularly at risk of this kind of attack if they don’t keep your browsers and all associated plugins up to date with outstanding security patches.

In addition to a URL filtering solutions and router based Web Content Filters, randomly perform deep scanning of web traffic as it’s accessed and keep your devices up-to-date and protected by trustful internet security solutions.

“By 2017, more than 50% of network attacks will use SSL/TLS, yet most organizations lack the ability to de-crypt and inspect SSL communications to detect threats.” Gartner

Hashim RK | IT Manager

cropped-dvcom-coverpic-1.jpg

DVCOM Technology LLC, Dubai, UAE

Vigor Hotspot solution

Vigor Hotspot solution: Web Captive Portal login (HTTP/ HTTPS)

To track and secure your Wi-Fi Hotspot or visitor network in a centralized way. Based on captive portal technology, Vigor 2960/3900 lets your hotspot user’s login simply by using a web browser. Captive portal is the technology that forces user to see the login page before accessing the Internet. User just needs to access a normal web site (e.g. www.datavoiz.com), he will be automatically forced to see the Vigor login page. After entering the correct information, he will be able to surf the Internet normally.

This portal will allow the users to login with their credentials such as User Name and Password, which will be provided by the IT Team. The profiles of users will be created in advance with pre-defined time limits. After the user profiles are created, the same can be printed in the form of a voucher or the same can be exported to CSV file format. These voucher can then be given to the users, who are accessing the internet within your premises.

Vigor Hotspot
Vigor Hotspot

Authentication Methods- Local/Guest/Radius/LDAP/SMS

The Administrator can choose various methods of user authentication as mentioned above. Internal employee’s authentication can be integrated to the LDAP/Radius server and in the event of Guests/customers the authentication can be integrated to the guest profile setting the usage time limits.

Guests/users/customers can be authenticated for the credentials they provide in the form of email and mobile number through SMS authentication method. A report can also be generated on the details of the guests/users/customers on the usage of the internet services at the hot-spot location. SMS gateway/service provider can be customized with the necessary APIs provided by the SMS service provider.

Bulletin board

Bulletin board is available on the portal’s screen welcoming the guests with the information, news, profile or any adverts related to the company.

URL Redirection after login

Once the guest/users have logged into the Vigor Hotspot solution, automatically the pre-defined web/url link will be opened in the browser. This feature can be used for the branding perspectives.

Timed out settings

The active sessions will be timed-out, if the guests/users are idle for more than 10 Mins or so. Guests/Users have to log into the system again. These parameters can be configured in the system as per the company policy.

Whitelist settings

Whitelist functionality will allow the administrator to enable or disable policies that are created in the firewall to block and open web/URL links for Guest/Users Profiles with the pre-defined range of IP-Groups based on the company policies. E.g. for guests, administrator can block sites likes You Tube, Facebook, Twitter, etc. and allow the same to the internal users.

Monitor Online status

Status of the Guests/Users can be monitored on the monitor online status page for the number of guests/users, who have logged into hot-spot.

Create Bulk Guest profiles

Vigor Hotspot solution has the capability to create in advance, the bulk guest profiles. Administrator can create 30 profiles/groups. Each profile can carry 255 users, which means 255 Users x 30 Profiles. Administrator can define time-limits for each profile or group in advance for current or forthcoming days/weeks/months/year.

  • Administrator can set usage time and period for the Guest users
  • It is possible to export .csv file to get print
  • Administrator can create multiple guest groups and policy’s

Established in 2007, DVCOM Technology is an established Open Source IP Telephony and Unified Communications, Video Conferencing and Networking Solutions Company and Value added Distributors for Various Brands in IP Phones, IP PBX, GSM, VoIP Gateways, Telepresence, VPN Firewall Wi-Fi Routers, IP Intercoms, and Audio Paging & Network Security in MENA region.

Vigor AP Management

An access point connects users with other users inside a network and it also serves as the point of interconnection between WLAN and fixed wire network. Each access point can serve multiple number of users based on its capacity of operation and range. Managing your access point is very important for having better network quality and coverage.
Usually special type of network peripherals and software’s are used for access point management also known as AP Management. This comes with an extra cost. What if all this come along with a router as a bundle free of licensing cost. Routers like Vigor Routers which are famous in market comes with built-in feature of AP Management. This is a very good news for people who are looking for managing their access points, that too for free of cost and no additional device added to their network. If you see it from a customer or business standpoint this is an added advantage, router and AP management is a single box.

Digitalization has brought lot of change make things available at real-time. This has also created an increased use of smartphones, tablets and other mobile devices making people more connected and providing quick access to data on the go. Due to the drastic growth of users, many organization and enterprises have to invest lot in their network infrastructure to accommodate new users and to process their request. It’s not as simple as providing connectivity to everyone. There is a high risk of data security, network performance and reliability. All the organizations are trying to meet this requirements without much expense. All this is possible only if the network is managed properly.

Wireless routers are the key component of a wireless network, they are the one really responsible for creating the access point that enables the users to connect their device to the network. Let’s take the example of WIFI network we use at home, in this case there can only be one or two access points that will help the user to connect to the network. This is not the same if we look in to wireless network available at a hospital or a hotel, there will be multiple access point to which hundreds of users will be connected. The complexity of such network is much higher. Higher the complexity, higher is the effort to manage the network. This can only be done with the help of special type of network peripherals or software that helps to monitor the network traffic and load at real-time.
In this guide, we will help you to understand the collaboration between Vigor access points and wireless LAN controllers, and how you can use Vigor’s AP Management features to run maintenance and deployment on your wireless LAN in a cost-effective way.

Deployment of an access point is very challenging if it has many access points associated with it. The task becomes more challenging when the network administrator has to manually configure each access points to the wireless controller. Going to each access points interface and configuring is not a very long task but this can be a problem when any error occur at the time of deployment. The administrator has to visit to each AP interface to troubleshoot the error. This could have been easy for the administrator, if there was any centralized interface to see all the AP configurations on the go and troubleshoot the error.

All this is possible with the Vigor AP Management Router that has the capability to perform centralized discovery of access points in the same layer 2 subnet. All this can be done without making any changes in the settings, out of the box in default state. After the discovery of access points is done, the administrator can assign unique IP address and give name to the devices. All this can be done directly from the Vigor AP management Router interface. Let’s take the case where the AP’s are already having preconfigured and unique IP addresses, the Router can still run a scan and help to discover the access points. This discovery mechanism is of great help and it considerably reduces the initial configuration effort.

Let’s take the case where AP’s are scattered over a larger demography, resulting in long discovery scan time. This can create a larger time gap for the network administrator to make the configuration changes. But with the help of background discovery capability of Vigor wireless controller the administrator can perform other configuration and changing the settings while discovery process is still running. This reduces the waiting time and increase efficiency of work.

  1. Centralized AP discovery by Vigor AP Management Router
  2. After discovery, Aps can be centrally managed by Vigor Management Router

Centralized AP Discovery by Vigor AP Management Router reduces initial deployment time and effort.

Automatic Provisioning

If there are lot of Access Points to be configured at a time and there is very minimal changes in the configuration parameters like the operational frequency, VLAN ID, device name, then a question comes to our mind, can we configure and do the deployment in a go for all the access points? Doing this considerably reduces the time of deployment and make the deployment easy for the administrator. All this is possible by using automatic provisioning. Extending the notion that AP management and deployment should be easy and straight forward process which will directly increase the efficiency and will drastically reduce the cost to the organization. All these features are available in Vigor AP management Routers. They are enabled with the feature of Automatic Provisioning with template based AP configuration. The configuration with the help of AP templates that has lot of parameter like VAP (Virtual Access Point), ESSID and WAP/WAP2 security enabled, the network administrators can quickly complete the deployment for n numbers of AP’s on the go. For setting which may vary from access points to access points like Channel, Operation Mode, Client Limits etc., the Vigor AP management Router provide the freedom to customize each of the AP’s individually during the initial discovery process. In this way it can eliminate the redundant tasks. In this way automatic provision in Vigor AP management Router make your task very easy.

Let’s take the care of network maintenance and some setting changes, in this case also if there is any type of centralized interface like we have in Vigor AP Management Router, then it’s very easy for network administrator to go and change the setting for a particular AP. This mostly helps in the case where you need to change some password for a particular AP due to some security reasons. In this way the AP template available in Vigor AP management Router helps to get things done quickly.

Customized Templates

Support to create multiple templates.

Examples:

AP Settings|Profile name|Administrator Name|Password|Enable/ disable 2nd subnet

2.4/5G WLAN Settings|Enable/ disable Wireless LAN Profile|Limit Clients

Operation Mode (AP/ Universal repeater mode)|2.4/5G Mode|2.5/5G Channel

Airtime Fairness |Band Steering|Roaming|WMM|Adjust Tx Power

Continue reading “Vigor AP Management”