Skip to content

Pandora FMS and RedHat6, a story that comes to an end in 2022

Today I will tell you a little story, that of good Redhat6 and Pandora FMS, a relationship that endured, on favorable terms, everything it had to endure, but finally fell apart. Calm down, they still will stay as friends.

Pandora FMS stops supporting RedHat6 this 2022

Redhat6 was once the generation of Red Hat’s complete set of operating systems, designed for mission-critical enterprise computing and certified by leading enterprise software and hardware providers. Many systems were based on Rhel6. Among them we highlight CentOS, which in its day, was a derivation, a kind of free clone of Redhat, with the same life cycle.

As many of us know, CentOS 6 reached the end of its official life cycle, on November 30th, 2020, so it is a system that has been obsolete for more than a year. However, we, Pandora FMS, have maintained a year of extended support (2021) for these systems to make transition and migration from CentOS 6-based systems to systems based on CentOS 7 or the latest RedHat 8 easier. But this is over by 2022.

The Future of RedHat

What will happen now? Well, let’s talk about RedHat Enterprise Linux 8. Because the most cutting-edge IT is hybrid IT. And in order to transform a system into a hybrid environment, from data centers to Cloud services, certain formalities are needed. Like an adaptable scalability. Seamless workload transfer. Application development… And, of course, RedHat already has an operating system that meets all these requirements, the path to its future is RedHat 8. Cutting-edge technology that adapts to businesses and has the essential features, “from container tools to compatibility with graphic processing units”, to launch tomorrow’s technology today.

Some alternatives to CentOS

Are there any alternatives for team administrators who already moved on? Well, we have some candidates and we know them well because we support them.

  • RHEL for Open Source Infrastructure: RedHat itself launched this alternative to the community so that no one would sigh for the death of CentOS, even so we are facing a clone of RHEL.
  • Rocky Linux: It was developed by Greg Kurtzer and named after Rocky McGough. During its first 12 hours of life online, it was downloaded 10,000 times.
  • AlmaLinux: Although now managed by its own foundation, AlmaLinux was launched in its day by those responsible for CloudLinux. Since its inception it was claimed by many as the best positioned successor to CentOS, now its version 8.5 is the proposed exact copy of RHEL 8.5.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.

Top 5 Requirements for a Successful Edge Deployment

Earlier this year, Scale Computing published “The Gorilla Guide to: Enabling IT at the Edge” a jargon-free guide designed to help IT leaders and practitioners understand the fundamental principles of edge computing and offers practical guidance as to how to get started on your edge journey. One of the most commented upon chapters was in Chapter 2, The Top 5 Requirements for a Successful Edge Deployment.

Edge computing deployments have unique constraints that are significantly different from the ones with which typical data center deployments contend. After all, by definition, edge deployments are away from normal support services, far from the sanitized data center, and deeply enmeshed in the real work of the organization where they must deliver high value without disrupting other business activities.

Here is what we believe are the top five requirements for a successful edge deployment:

1. Modest Physical Footprint

Some vendors just sell standard data center equipment for edge use without accounting for the less-than-perfect environment that may be encountered there. For example, data center gear designed to work when provided with the highest quality cooling can suddenly develop reliability issues when located in a poorly ventilated storage space at an edge installation.That’s why it’s vital that edge equipment should be conceived from the start for that purpose, with sufficient ruggedness built in to handle the wider range of issues that are typical at the edge — whether that edge is the shop floor, a warehouse, or somewhere in a retail establishment. Edge components and systems need to be thought of as “universal” products that can be deployed when and where they’re needed, with few limitations, and made appropriately secure in any given environment.

2. Affordable but Effective

For the many industries that operate remote sites, ranging from finance and retail to manufacturing and so-called Remote Office Branch Office (ROBO), there’s a need for reliable computing to support their business applications and operational technologies. But none of these scenarios can afford large, dedicated spaces or complexity. Edge adopters must consider the size of the actual equipment and its requirements for access space, air flow, cabling, and so forth. So, smaller and more compact equipment generally helps drive flexibility because it allows more freedom to choose deployment locations and makes it less likely a deployment will disrupt other activities. It typically also implies less onerous cooling and power needs. It is worth noting that compact form factors can also be helpful for enhancing physical security. For example, a smaller form factor means equipment can be secured and ceiling mounted for example, where it becomes harder to tamper with.

3. Resilient and Survivable

Edge computing is no place for daintiness: It’s where real work gets done, some of it dirty, messy, hot, and noisy. So, in addition to needing only a basic physical environment and simple power and connectivity, prudent adopters make sure the edge setup (hardware and software) is designed to be failure resistant, able to recover from many problems autonomously, to protect data, and to maintain operations in almost any circumstance. Edge equipment needs to be ready to handle that kind of stress without generating performance issues. Furthermore, autonomy should be part of the basics — delivering no-nonsense reboots and allowing most other maintenance tasks to be initiated remotely.

4. Simplified Resource Additions (Scale Out) and Hardware Replacement

Edge environments are very dynamic with new applications being deployed regularly and data volumes growing exponentially creating new demands on edge infrastructure. It’s critical that infrastructure is designed to accommodate that growth and expand and upgrade the edge micro-datacenter with new resources and applications as easily as the initial edge deployment. Failure to plan for expansion of the edge environment can lead to expensive forklift upgrades or multiple independent islands of infrastructure to manage, with all the complexity and cost associated with that kind of choice.

5. Repeatable, with Zero-Touch Provisioning

Edge systems should take a standardized approach requiring little or no customization and minimal skills in installation. When possible, edge should offer or embrace infrastructure as code (IaC), which simplifies change control. Repeatability means that service and support is standardized so staff doesn’t need to research each installation before responding to a problem but, instead, can count on using a consistent approach and methodology. Management must not require specialized IT staff on site; upgrades and infrastructure scaling must be non-disruptive; the foundation must be self-healing; and IT specialists must be able to manage the entire edge fleet seamlessly at scale. Finally, look for zero-touch provisioning. This is a device-configuration process that can be operated automatically and eliminates most of the burden on IT administrators when setting up, maintaining, or upgrading an edge system

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Scale Computing
Scale Computing is a leader in edge computing, virtualization, and hyperconverged solutions. Scale Computing HC3 software eliminates the need for traditional virtualization software, disaster recovery software, servers, and shared storage, replacing these with a fully integrated, highly available system for running applications. Using patented HyperCore™ technology, the HC3 self-healing platform automatically identifies, mitigates, and corrects infrastructure problems in real-time, enabling applications to achieve maximum uptime. When ease-of-use, high availability, and TCO matter, Scale Computing HC3 is the ideal infrastructure platform. Read what our customers have to say on Gartner Peer Insights, Spiceworks, TechValidate and TrustRadius.

How to Prevent DDoS Attacks in Your Company?

There are several methods by which malicious agents attack websites and destabilize network services and resources.

One of the most commonly used techniques is the DDoS attack, which stands for distributed denial-of-service.

Through this attack, a website ends up becoming inoperable and overloaded with malicious traffic.

However, DDoS attacks can also be made against all types of network resources, such as virtual applications, data centers, corporate servers, APIs, etc.

Traffic overload can cause a variety of problems for your company, from bottlenecks in accessing important data to the unavailability of all digital tools in the corporation.

As a result, it is important to be aware of these attacks and articulate solutions to protect your company.

There are several ways to prevent DDoS attacks on your enterprise servers. In this text, we will explain in more detail what DDoS attacks are and how they can affect your business.

And, above all, how to prevent DDoS attacks in your company.

What Are DDoS Attacks?

Before specifying what DDoS attacks are, we must understand what DoS (denial-of-service) attacks are in general.

A DoS attack is a way of rendering a network resource unusable. The attack is usually carried out with a traffic overload, directing a series of superfluous requests to render the website unusable.

Through these malicious requests, the system ends up being overloaded and unable to process legitimate requests.

In the DDoS attack, the traffic maliciously directed to the resource comes from several sources. By multiplying the source of the attack, the method makes it impossible to avoid overloading by blocking a single source.

DDoS attacks are often used as a criminal mechanism. By rendering the system unusable, hackers can blackmail large organizations.

There are numerous techniques for performing a DDoS attack.

The simplest way to do a DDoS attack is through a specialized attack tool such as Slowloris or Stacheldraht. This type of tool is included in several types of malware and can perform the attack without the knowledge of the system administrator.

The best way to understand a DDoS attack is through the following metaphor: imagine a group of people crowding into a shop entrance, preventing access to legitimate consumers. In this way, the shop itself ends up being inaccessible.

How can DDoS Attacks Affect Your Business?

DDoS attacks are intended to make legitimate use of websites and web resources in general unavailable. Thus, the attacker is able to disrupt the activity of the attacked organization.

The main targets of these attacks are online services that we use frequently and contain sensitive data, such as internet banking, media, educational tools, medical management systems, e-commerce, etc.

The motivations behind attackers are not the same. Different groups have different reasons for carrying out DDoS attacks.

Attacks are sometimes carried out as a form of political activism. When government agencies are the victims, the agents generally seek to cause some type of economic or social instability.

In the case of massive attacks organized by large groups, DDoS can be used as a distraction tactic, directing the attention of authorities and technical teams to smaller attacks.

In other cases, the motivations may be strictly financial. For example, a malicious competitor could order a DDoS attack to make its service more attractive to consumers.

Or, more directly, the attacker can use the DDoS attack to extort a company and gain illicit profits.

In these cases, the malicious agent produces an attack to disable some digital service and charges a ransom to return the system to normality. These are the attacks known as RDDoS (ransom distributed denial-of-service).

Another tactic is to just threaten the organization with an attack. To convince the company to pay the ransom, the attacker can make an attack demonstration, a “sneak peek”, proving its disruptive capacity and, in this way, increasing their chances of profit from the fear and panic produced.

Unfortunately, the company does not always have an adequate protection system. Furthermore, contacting law enforcement authorities can be a time-consuming solution and cause even more trouble with invaders.

Most of the time, hackers are not even tracked, as they use cryptocurrency wallets to receive the ransom.

There is a whole lot of calculation to be done in the event of ransomware attacks. In fact, the answer to the simple question “should I or should I not pay the ransom?” can be more complicated than you think. See what factors to consider by clicking here.

The consequences of a DDoS attack can be disastrous. The instability of internal systems, for example, can make the production process more expensive or even totally hindered. On the other hand, the unavailability of websites accessed by the public can make it impossible to attract customers and make sales.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Segura®
Segura® strive to ensure the sovereignty of companies over actions and privileged information. To this end, we work against data theft through traceability of administrator actions on networks, servers, databases and a multitude of devices. In addition, we pursue compliance with auditing requirements and the most demanding standards, including PCI DSS, Sarbanes-Oxley, ISO 27001 and HIPAA.

Securing VPN remote access with Portnox CLEAR

Compromised and stolen credentials remain the main threat to corporate data. Remote access via VPN is the most vulnerable method of access, due to compromised employee credentials. The need for flexible and extremely easy to implement two factor authentication (“2FA”) has become crucial for organizations of all sizes. Another weak link in remote access, beyond user authentication, is generated by connecting to organizational insecure and vulnerable end-points. It is not uncommon that when accessing the network using a VPN through a personal device, any vulnerability existing on that device can quickly become a security hole in the entire network’s protection. To address the heavy challenges of securing remote access, organizations should look for solutions that are cost-effective and provide a cohesive approach for all aspects of access security: compromised credentials, lost or stolen devices and access from insecure endpoints.

Meet Portnox CLEAR – cloud-based access control for VPN

Portnox CLEAR is a Security Software-as-a-Service (SaaS) cloud platform that delivers continuous, on/off-premises risk monitoring and access control to all organizational endpoints. It assigns each connecting device a risk score (similar to a credit score), dynamically assesses the threat they may pose to your network and enforces access control actions in real time. Portnox CLEAR can be used in many flexible ways to authenticate user remote access by VPN providing a unique combination of access control by authentication (Active Directory or Open LDAP), strong factor validation and end-point cyber risk assessment (“risk-based access”).

Demo CLEAR today!

Portnox CLEAR™ Unique Two-Factor-Authentication Solutions

As part of its entire cloud-based NAC offering, Portnox CLEAR offers a unique approach to 2FA for VPN. 2FA is a method of computer access control in which access is granted only if two separate pieces of evidence are presented to the authentication mechanism – typically, knowledge (something the user knows, such as his username and password), and possession (something the user has, such as a security token).

Conventional 2FA solutions, however, completely ignore the device that is requesting remote access. Portnox CLEAR, on the other hand, can offer device authentication via its device enrollment mechanism. Devices that install the Portnox AgentP application and have been enrolled in the organization are uniquely recognized and are, therefore, continuously monitored and tracked.

The two elements in Portnox’s unique 2FA solution are the typical knowledge (user credentials) coupled with a unique possession (the enrolled device), ensuring that security is offered on two levels: authentication of the user himself and authentication of the device. Stealing a user’s credentials is useless if the device requesting access is not enrolled; and stealing an enrolled device is of no use if the credentials are not available.

Portnox device authentication is offered in two formats: One-Time-Password (OTP) 2FA and Portnox AgentP 2FA.

OTP 2FA

In this solution, the AgentP application on the enrolled device acts as a soft token by implementing the HMAC-Based OTP algorithm. It generates an OTP upon demand and, together with the user’s username and password, the app allows that specific device access to the organization’s remote network.

As Portnox knows which AgentP generated the OTP, the supplied OTP is the method of authenticating the device; while the supplied credentials are the method for authenticating the user.

Portnox AgentP 2FA

In this solution, a call back mechanism is utilized, relying on the fact that each deployment of AgentP on a device is uniquely recognized. When a user tries to log in by VPN with his credentials, CLEAR calls back the specific AgentP on the device requesting access, to verify that the device is the one it claims to be.

Because Portnox knows that the requesting device is an enrolled device, callback is the method for authenticating the device; while the supplied credentials are the method for authenticating the user.

Portnox CLEAR end-point risk assessment and access policy

Portnox CLEAR offers pervasive and context-aware risk assessment for VPN clients to address attempts by unsecured, vulnerable devices to access the corporate network:

  • Real-time pervasive monitoring of any device, mobile and laptop, on and off the corporate network
  • Monitoring changes in hundreds of parameters, analyzing security posture and known-vulnerabilities of end-points
  • Analyzing and correlating to multiple context attributes
  • Taking historical observations into account
  • Calculating cyber risk score and making access decisions based on this score

Sign-up for CLEAR now!

This blog was written by Portnox.

Portnox is the manufacturer of Next generation Network Access Control (NAC), that can assist you in protecting your network including your VPN.

Portnox CLEAR offers many other capabilities for real-time access control and risk assessment as part of its entire SaaS offering, which is fully subscription based and does not require deployment of any on-premise software or appliances. With its Fall-2016 release, Portnox CLEAR demonstrates again its leadership and unparalleled innovation as already recognized by the latest award from Frost and Sullivan.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。