Cybersecurity | Hybrid Cloud Infrastructure

Core Security and Protections

Vulnerability Management Reduce your risk, increase your visibility, and stay ahead of threats with comprehensive and automated vulnerability management program that helps you develop a prioritized and actionable program. Patch Management Develop an up-to-date inventory of your production systems and fix vulnerabilities in your software and applications that are susceptible to cyber-attacks in a timely manner, reducing security risk and minimizing disruption. Risk Assessment Fully manage your organization’s risk and cybersecurity program with intelligent and comprehensive dashboards that provide a clear view of risk.


Defense-In-Depth Security Approach

Defense-in-depth approach to security involves multiple layers of protection, combining technologies, controls, policies, and human expertise across a myriad of vectors to help prevent attacks, compress detection time, minimize the attack surface, and increase resiliency and data protection. Regardless of whether your infrastructure is hosted in Microsoft Azure or in our state-of-the-art data center, the controls and technology remain the same. Security by Design Combines people, process, and technology strategies into a cohesive, layered defense structure.


The 10 Immutable Laws

The 10 Immutable Laws Law #1: If a bad guy can persuade you to run his program on your computer, it’s not solely your computer anymore. Law #2: If a bad guy can alter the operating system on your computer, it’s not your computer anymore. Law #3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore. Law #4: If you allow a bad guy to run active content in your website, it’s not your website any more.


Built using Hugo, Github and Cloudflare Pages. Why is this stack so awesome?

I am tired of messing around with full blown linux web servers, php, nginx, and mysql to get a simple WordPress site up and running. Don’t get me wrong, it was fun way to learn useful skills, but I am at a point in time where I want to learn something new. I am fed up with rebuilding stuff and spending hours customizing themes and modules. This time I went with something radically different, creating a serverless blog.


Hello World

This is my first run at at the mill using static site generators, keeping it simple stupid. Using gist shortcode to include GitHub gists inside a post. Using tweet shortcode to include a post. CA Optics - Azure AD Conditional Access Gap Analyzer - out for testing! Having gotten some excellent feedback and ironed some kinks out (and discovered some new ones) I decided it’s time to extend testing from silent release to public release.


IBM Power9 9009-22G & Flash System 7200 Benchmarks

IBM Power9 9009-22G (2) AC Power Supply – 1400W for Server (200-240 VAC) (2) Mainstream 800 GB SSD PCIe3 NVMe U.2 module for AIX/Linux Front IBM Bezel for 4 NVMe-Bay BackPlane Storage backplane with four front PCIe Gen4 capable NVMe U.2 drive slots (16) 64 GB DDR4 Memory DIMM PCIe3 LP 2-Port 16Gb Fibre Channel Adapter PCIe4 LP 32Gb 2-port Optical Fibre Channel Adapter (2) 8-core Typical 3.4 to 3.9 Ghz (max) POWER9 Processor (16) One Processor Core Activation PCIe2 LP 2-port 10GbE Base-T Adapter AIX 7.


IBM Flash System 7200

The IBM Flash System 7200 Control Enclosure has two clustered, hot-swappable node canisters that contain hot-swappable fan modules, memory DIMMs, batteries, and PCIe adapters. The enclosure also houses two AC power supplies that are redundant and hot-swappable. Concurrent code load enables applications to remain online during firmware upgrades to all components, including the flash drives. Rebuild Areas A rebuild area is equivalent capacity to a single drive. The more rebuild areas you have the more drives that can fail one after another.


IBM Power9 9009-22A & StorWize V7000 Gen3 Benchmarks

IBM Power9 9009-22A 512GB DDR4 Memory 2x 8-Core Power9 Processor 2x400GB NVMe M.2 SSD for rootvg 16Gb FC 2 Port Adapter Pair FW910.20 (VL910_122) firmware AIX 7.2 ML3 AIX_AAPCM mpio driver algorithmset set to shortest_queue reserve_policy set to no_reserve queue_depth set to 32 IBM StorWize V7000 GEN3 17x 1.92TB 2.5In NVMe Flash Drive 16Gb FC 4 Port Adapter Pair 120 GB M.2 Boot Drive Pair Spectrum Benchmarks The tests will be done using XDISK V8.


Deploy headless Server 2016 Domain Controllers

This guide will show you how to deploy two headless Windows Server 2016 domain controllers in a new environment. This guide (first of the series) assumes you are standing up a hybrid Microsoft environment within a VMware homelab. First we need to get a few things out of the way: 2 Windows 2016 virtual machines with 2 vCPUs and 4-8GB RAM Make sure you are using VMXNET3 network adapters Install latest VMware Tools Apply latest OS updates Change the HOSTNAME of the VMs (XXX-DC01 and XXX-DC02) Change the host to use static TCP/IP and DNS If you are deploying domain controllers from a base Windows 2016 VM template, do not forget to generate a new SID using: C:\Windows\System32\Sysprep\sysprep.


Dumpster notes

A curated list of amazingly awesome sysadmin resources. Productivity 7-Zip Notepad++ Visual Studio Code LogFusion PowerRename https://learn.microsoft.com/en-us/windows/powertoys/powerrename Image Resizer https://learn.microsoft.com/en-us/windows/powertoys/image-resizer File Locksmith https://learn.microsoft.com/en-us/windows/powertoys/file-locksmith Awake https://learn.microsoft.com/en-us/windows/powertoys/awake Terminal https://learn.microsoft.com/en-us/windows/terminal/ Video and Image Tools HandBrake IrfanView ScreenToGif FlameShot or GreenShot Other Robware RVTools WinSCP and FileZilla Sysinternals PuTTY or SecureCRT nmap KeePass Rufus osquery htop

1 of 1