Sophos UTM DNS resolution bug leads to misclassification of web ...

*UPDATE 01\10\2017*  I FINALLY got an error that calls out a file that is faulting.  I started having various ipv6 sites not loading or loading very slowly.  Inspection of the logs showed the following: 2017:01:10-10:19:53 etcutm httpproxy[8853]: id=”0003″ severity=”info” sys=”SecureWeb” sub=”http” request=”0xc3fb6a00″ function=”connect_server_timeout” file=”dns.c” line=”788″ message=”Connection to using IPv6 timed out, re-trying to connect using IPv4″ 2017:01:10-10:19:53 etcutm httpproxy[8853]: id=”0003″ severity=”info” sys=”SecureWeb” sub=”http” request=”0xc3fb7000″ function=”connect_server_timeout” file=”dns.c” line=”788″ message=”Connection to using IPv6 timed out, […]

When vendors go boom

Astaro was probably the best edge UTM out there for quite some time.  I used them from the first v4 all the way up until now.  Astaro was then purchased by Sophos and it became a morass of corporate interference, no service to their smaller partners, a series of badly executed acquisitions and unreliable products as a result.  After months of pleading for Sophos to provide me with a license for their new Cyberoam based SFOS […]

At least 12 million home and business routers are a ...

If you router is vulnerable to this outsiders can easily take control of hte router and use it to jump into your network.  These devices have been coming under increasingly attacks due to their poor security models and the lack of security updates by the route manufacturers.  I’ve begun recommending not using these types of routers anymore due to the numerous security problems they are introducing.  Sophos UTM is free for home use…you jsut need […]

New Client Upgrade

ETC Maryland has been working with this client for several years. The network this setup replaced was first installed in 2005 when this clients business first started. Due to ETC Maryland’s forward thinking this system was able to be literally rolled into this new facility when they moved and it served the needs of the business for a year past relocation. The projected life was 5 years abut this system served for nearly 9 years. […]

Virtualization Project Update

I got Hyper-v working finally here at my office.  I now have one box hosting 3 virtual mahcines.  VM 1 is my Astaro firewall.  VM 2 is my main AD file/print/authentication server.  VM 3 is my Astaro Command Center which aggregates status and updates from my astaro and my other client installs to me.  This allows me to monitor all of my Astaro easily in one spot without having to constantly individually touch each machine. […]

Virtualization Projects Update

I currently have two virtualization projects going.  One is to convert 3 physical server to hyper-v and one is to convert 3 physical servers to KVM.  Unfortunately p2v on a domain controller is not only not recommended, it doesn’t work well.  Also there is no supported upgrade path from server foundation to anything but standard.  I have foundation and enterprise.  So I am firing up a new enterprise vm and then will manually mount the vhd from foundation backup to grab the files.  It’ll […]

One of a Few Certifications I’ll Persue

I just passed the Astaro Certified Administrator course.  The next one is the Astaro Certified Engineer.  These will help further my status and abilities as an Astaro partner.  These courses I ahve found to be a good use of time and actually add to my knowledge of the Astaro product even though I have been using the Astaro Security Gateway for nearly 10 years…:)

It’s Fixed

The issue was the licensing server is in Germany and therefore you have to create licenses according to German least that is how it was. They have fixed that issue. The licenses now work as they should..:) There was quite a bit of debate about leaving a local admin account. As usual i’m out on a limb myself…but that’s nothing new..:)

Astaro License Issues Continue

The license itself is borked. I just re-applied my “home” license and it worked fine. I then created an eval license and installed that to “upgrade” the other “home” license…that worked. Installing my new license on top of the eval license borked things..the license is hosed….not looking good for sophos/Astaro..and the anti-sophos folks have more ammo now and depending on what happens tomorrow i may be joining the anti-sophos/Astaro club.

My First Astaro Purchase…Gone Bad

I’ve gone a while before making a first purchase. Right now i’m not sure I’m going to be making another one. I purchased a license for my church recently. At a cost(even with my partner discount) equal to 25% of my entire annual IT budget. The key given to me was not the one i needed to create the license. It took a few days(things being over the memorial day holiday) for the US office […]