Managed IT Server Rack

Did you know that you can reduce your downtime and amount of IT issues your organization experiences simply by choosing a 24/7 Fully Managed IT Services Provider?

It’s true! Most big IT issues are caused by smaller issues that have had time to snowball and turn in to larger problems. Often companies are utilizing break-and-fix IT Service Providers, or Managed Service Providers who simply only perform monitoring and do not actively dispatch IT personnel to resolve issues when detected.

Break and Fix

If you’re on break and fix, you have no one monitoring your systems. This means that if you’re hacked, if hardware fails, software stops functioning, or issues occur, you’re IT Service Provider won’t know until an employee realizes something is wrong and makes the call.

In this amount of time, the security compromise can become larger, the issues become more severe, and irreparable damage may occur.

If it’s an issue, it could have been an extremely simple fix in the beginning that only took 30 minutes to resolve, but it’s now a problem that could require 20+ hours of billable time and a full 2-3 days to resolve (including 2-3 days of downtime) where you’r paying your staff to sit around and wait.

Managed Services (Monitoring Only)

Some companies pay for Managed Services but only for Monitoring. While most end users don’t see value in this, some still do thinking it’ll be more cost-effective. In these cases, the Managed IT Service provider has monitoring software installed, but only notifies the customer if something is wrong, and usually only does this during business hours.

Since the service includes no triage, there is often no time and/or resources spent on identifying what the problem is, how severe it is, or what’s involved. Usually the customer is only notified that there is a problem with only basic information. This means that the information provided in the event of an issue is limited, and decisions aren’t being made off information that should be available to the customer.

In these cases, the customer often won’t elect to investigate due to the fact that everything appears to be working and they don’t want to incur any billable hours. Like before, it could have been an extremely simple fix in the beginning that only took 30 minutes to resolve, but it’s now a problem that could require 20+ hours of billable time and a full 2-3 days to resolve (including 2-3 days of downtime). If it’s a security compromise, it could cost a small fortune leaving the systems breached for a longer amount of time.

Monitoring only providers like this because it results in a large amount of billable hours, and can justify it because the customer preferred this type of plan. The larger and more complex of an environment, the more issues and billings that will occur.

Fully Managed IT Services

When choosing to partner with a Fully Managed IT Services Provider, you avoid all the issues listed above. By paying for an “all you can eat” service, with 24/7 monitoring, management, service, and support, when issues happen, they are triaged immediately and resources and staff are allocated. Issues are resolved almost immediately, often without downtime, and the environment remains supported, up to date, functioning according to set baselines, and secure.

This results in little to no downtime, a pleasant experience for users, and results in minimized costs for the customer. Everyone’s happy!

Usually we notice that while “monitoring only” plans appear to cost less, when you add the additional billable hours they often exceed the cost of a fully managed IT Services plan. It’s usually more cost-effective to go with a Fully Managed IT Services Plan.

Do IT right

Digitally Accurate Inc. provides 24/7/365 Fully Managed IT Services to Calgary, Alberta and Vancouver, British Columbia. We’ve been operating for over 13 years and have helped almost 100 businesses with their IT strategy, keeping their IT systems up, running, and secure.

Contact us today for more information on how we can partner with your business, and help your IT systems work for you!

Remote Branch Office

We’ve helped numerous businesses and organizations with their remote office and branch office IT deployments over the years. For organizations, Remote Office and Branch office (ROBO) deployments add a certain level of complexity to IT operations. ROBO deployments change the type of solutions a company may need to implement, as well as the planning around supporting and maintaining the remote office (and all equipment they may have).

Digitally Accurate has extensive experience with these types of solutions as we have helped numerous Oil and Gas (Energy Industry) companies, manufacturing companies, homebuilders, and other types of businesses with their ROBO IT deployments and operations.

How do we do IT?

There’s numerous considerations that have to be made when designing and selling a solution meant for a company with remote operations. Below are a a few examples:

  • Is the ROBO site easily geographically available for visits?
  • Is the site secure?
  • Can we host equipment/hardware at the site?
  • What’s involved with sending an engineer on-site?
  • What services do we need to make available to that site?
  • How can we economically provide Backup and Disaster Recovery to the site?
  • Can we schedule quarterly or annual visits to the site for maintenance?
  • What requirements does the customer have for that specific site?
  • How will we support users at the ROBO site?

As you can see, with only naming just a few of the considerations it can become quite complex. From this, we have to design a solution, sell the solution, implement the solution, and finally support the solution for the customer. This often requires an on-site implementation phase at the ROBO site, as well as scheduled maintenance visits.

The Solution

When designing the solution, we need to make sure that everything the customer expects from their IT systems is available to them in an efficient and safe manner. Customers expect data to be available on the fly, at lightning speeds, and we can often deliver that.

Whether it’s the hardware or software, we implement many technologies that ease in the maintenance, support, and upkeep of the customers site. We can remotely connect to the servers, computers, switches, and networking equipment to collect stats, troubleshoot issues, and resolve problems. Because of redundancies and certain technologies, we can log in even when critical systems have failed.

As an example, we had an Oil and Gas customer where a server became unresponsive in a geographically remote area with limited access. With the storage corrupt, the server required a full disaster recovery restore from backup. Using HPe iLO (Integrated Lights Out), we were able to connect remotely, mount the Windows Server Install CD Image, and initiate the restore process from the backup. Within an hour all their services were back up and running, no one realizing anything had gone wrong.

Because the customer was on a 24/7 Managed Services plan, the fact that this happened at night on a weekend didn’t delay the process. When the issue occurred we received an instant notification via our monitoring and management system and we began working immediately.

In another example, we had a customer who needed to deploy a new server in another country around the world. In this case, the equipment was locally sourced and installed. Remotely we were able to log in, mount the appropriate CD media virtually, and install the operating system on the server remotely again using HPe iLO. We then fully configured and deployed the server without any travelling or in-site visits required.

As you can see, when designing solutions for our customers we take in to account what actions or operations will be required from day to day running, as well as emergencies and disasters.

Redundancies

For customers with ROBO deployments, we often make sure to have a minimum set of redundancies in their IT environment.

This allows us to troubleshoot their environment in the event something goes wrong and also allows them to continue working (as if nothing happened) to reduce downtime and lost revenue. We can then troubleshot and correct the problem remotely, or if hardware failure occurred, everything will continue to work and function until a scheduled visit to replace the faulty equipment occurs.

Backup and Disaster Recovery

There’s no best way to provide backup and disaster recovery for ROBO sites, as the solution used always depends on the unique requirements of the customer.

Some examples of scenarios:

  • Backup and DR handled locally at the site (and taken off-site by designated person)
  • Backup and DR handled locally, then replicated over the WAN VPN to the Corporate HQ data center
  • Backup and DR direct over the WAN VPN to Corporate HQ
  • Backup and DR over the WAN to our (Digitally Accurate) data center

In some simpler deployments, when using technologies like VDI or Remote Desktop Services, we don’t actually need any backup or DR at the ROBO site due to the fact that no data resides there. In these situations, all resources are hosted at the corporate HQ.

We take all of the customer’s requirements in to consideration and factor them in when designing and selling a ROBO solution.

Security

When it comes to ROBO deployments there are numerous security concerns that must be addressed. This goes for both physical security at the site, as well as virtual security (cybersecurity).

From the physical site point of view, these are some of the concerns:

  • Physical security of server and networking equipment
  • Physical security of storage (whether internal to server, or SAN/NAS)
  • Physical security of the backup and DR system
  • Physical security of the domain controller (if present)

We don’t want anyone stealing equipment or stealing data. This especially holds true for domain controllers because if one is stolen, it could be used to learn the network layout, security vulnerabilities, and even be used to modify the Active Directory contents at HQ if the offender were to power it back up and connect it after exploiting. Yes, this actually happens!

Another aspect is virtual security, cybersecurity. Cybersecurity involves firewalls, antivirus, endpoint protection, intrusion prevention, and more. When it comes to cybersecurity, these are some of the concerns:

  • Site-to-Site VPN Security (lock down connections between HQ and ROBO)
  • Mitigate and monitor threats, including those originating both from the WAN and ROBO sites
  • Decide whether to perform web content filtering (AV) at each individual office firewall, or handle it all from HQ firewall
  • Remote Access policies (User VPN access: connect to HQ or their assigned ROBO)
  • What technologies do we use and incorporate to mitigate threats specific to our network design and layout
  • How can we adapt new technologies to automate and further protect the environment (such as VDI, cloud, or others).

Both physical and virtual security affects considerations in what and how many services we actually will host at the specific site or the corporate headquarters. This is always a fine balancing act between performance, security, and capabilities.

Supporting Users

On the of most important aspects of a ROBO deployment is remotely supporting and keeping users happy! If a user can’t work or access the data and systems they need, what’s the point of all this?

We make sure to implement solutions that use AI and automation to keep the remote systems online and running. We also use remote support technologies (via our Managed Services monitoring and management system) to be able to remotely connect and remotely support users.

In most cases our customers are up and running with no issues because of our pro-active Managed Services offering, however in the rare event support is needed we can often resolve the users problem in minutes, even without having to interrupt the user.

Scheduled maintenance visits

While we try to design solutions that automate as much as possible to reduce on-site visits to remote locations, regular scheduled maintenance visits are still required.

During a regular scheduled maintenance visit, we may:

  • Pro-actively replace equipment according to our life cycle policy
  • Clean equipment (Servers, SANs, NAS, Networking equipment)
  • Perform a visual Inspection to look for damage, issues, potential problems, dust, etc.
  • Perform hardware upgrades and migrations
  • Perform software upgrades and migrations
  • Meet with remote office management to discuss concerns, plans for growth, business continuity
  • Test the backup and disaster recovery solution

These visits may be performed monthly, quarterly, semi-annually, or annually depending on the solution and technologies in place. Performing these visits allow us to keep the customer up and running efficiently with little or no downtime at all.

Conclusion

We take pride in the solutions we design and sell for our customers and we enjoy supporting them as well. You can trust Digitally Accurate with your IT requirements, even if they include complex remote office and branch office deployments and remote support.

Contact us today for more information on how we can help your business!

IT Services paid with Credit Card for Points

Did you know that you can earn credit card points on IT Services, IT Consulting, and Managed IT Services? With Digitally Accurate you can pay your IT invoices with your favorite rewards credit card to earn points!

It’s true! Depending on the purchase type, whether it’s for hardware/licensing, consulting, or Managed Services, you could earn a serious amount of points on a monthly basis.

Accepted Payment Types

Digitally Accurate accepts cheques, all major credit cards (Visa, MasterCard, American Express, and Discover), and now debit! However, if you want to earn those points make sure to ask us about switching to credit card billing!

Points Example

Here’s an example: Let’s say you have an American Express Platinum card and you’re currently on a Digitally Accurate Platinum Managed Services plan and your bill (Managed Services pricing varies on customer requirements and size) is around $5,000/month. You would be earning 5,000 American Express membership rewards points per month.

To add to this, let’s say you start paying your hardware and licensing bills with your Amex too, you could easily double or even triple the amount of points per month depending on how much equipment and software you purchase.

Earn points on things like:

  • Monthly Managed Services
  • IT Services (Consulting)
  • Servers
  • Storage
  • Networking – Wireless, Switches, Firewalls
  • Licensing – Microsoft Office 365, Microsoft Dynamics 365, Sophos UTM, Sophos XG, VMware
  • Products from all our partners and vendors

It’s a win/win!

In the end you’ll be a happy customer with all your IT systems up and running without any issues, all while collecting a ton of rewards points! And there’s nothing wrong with that…

Contact us today for more information!

Microsoft Windows Logo

On January 14th 2020, Microsoft will be officially ending extended support for Microsoft Windows 7. All your computers should now be running Windows 10 by this point.

What this means

When a product is in a supported state, specifically Microsoft Windows, Microsoft is currently and actively supporting the product. They are releasing security updates and patches to keep the product secure, creating updates to make sure the product is functioning properly and in a stable fashion, and supporting the products use by making sure it’s working with other Microsoft products.

Typically software, operating systems, and technologies eventually fall out of support. This means that Microsoft will no longer work to secure that product, update the product, and make the product better. This is because the product has been replaced by something newer, or is no longer supposed to be in use.

Microsoft Windows 7 has been replaced by Microsoft Windows 10 and users should upgrade before support is ended on January 14th 2020.

What now

At this point if you’re running Windows 10 on all your workstations, you have nothing to worry about (as long as you’re keeping them up to date with Windows updates).

However, if you’re running Windows 7 on any of your computers, you’ll need to start planning to either upgrade them, or replace them with new Windows 10 computers.

Chances are if the computers are old enough to be running Windows 7, the hardware is old enough that it may be better to do a workstation refresh and purchase new computers that ship with Windows 10.

Important Considerations for Businesses

You’ll also need to make sure that all the applications that your business uses (line of business applications) are supported and work on Windows 10. Some companies are behind on releases of major software packages, and some of these programs may have worked on Windows 7, but require an upgrade to work on Windows 10. You’ll need to test all your applications on Windows 10 before doing a companywide upgrade.

You’ll also need to make sure that your server infrastructure can support Windows 10 client PCs. As an example, some businesses are still using Microsoft Small Business server, which requires modifications for it to function with Windows 10 PCs. You’ll need to make sure you’re fully setup to run Windows 10.

Final thoughts

Even though it may seem like there’s a bunch of time before January 2020, it flies by quick and we recommend to start your migration project soon.

When you add up the time it takes for application compatibility testing, ordering of new computers and delivery times, configuration and deployment of the new computers, and post migration support, you’ll already be creeping up on the EoL (End of Life) date of January 14th 2020.

 

Contact us if you need help planning or executing your Windows 10 upgrade migration project!

Business Desktop Computers

In the ever-evolving world of IT and End User Computing (EUC), new technologies and solutions are constantly being developed to decrease costs, improve functionality, and help the business’ bottom line. In this pursuit, as far as end user computing goes, two technologies have emerged: Hosted Desktop Infrastructure (HDI), and Virtual Desktop Infrastructure (VDI). In this post I hope to explain the differences and compare the technologies.

We’re at a point where due to the low cost of backend server computing, performance, and storage, it doesn’t make sense to waste end user hardware and resources. By deploying thin clients, zero clients, or software clients, we can reduce the cost per user for workstations or desktop computers, and consolidate these on the backend side of things. By moving moving EUC to the data center (or server room), we can reduce power requirements, reduce hardware and licensing costs, and take advantage of some cool technologies thanks to the use of virtualization and/or Storage (SANs), snapshots, fancy provisioning, backup and disaster recovery, and others.

And it doesn’t stop there, utilizing these technologies minimizes the resources required and spent on managing, monitoring, and supporting end user computing. For businesses this is a significant reduction in costs, as well as downtime.

What is Hosted Desktop Infrastructure (HDI) and Virtual Desktop Infrastructure (VDI)

Many IT professionals still don’t fully understand the difference between HDI and VDI, but it’s as sample as this: Hosted Desktop Infrastructure runs natively on the bare metal (whether it’s a server, or SoC) and is controlled and provided by a provisioning server or connection broker, whereas Virtual Desktop Infrastructure virtualizes (like you’re accustomed to with servers) the desktops in a virtual environment and is controlled and provided via hypervisors running on the physical hardware.

Hosted Desktop Infrastructure (HDI)

As mentioned above, Hosted Desktop Infrastructure hosts the End User Computing sessions on bare metal hardware in your datacenter (on servers). A connection broker handles the connections from the thin clients, zero clients, or software clients to the bare metal allowing the end user to see the video display, and interact with the workstation instance via keyboard and mouse.

Pros:

-Remote Access capabilities

-Reduction in EUC hardware and cost-savings

-Simplifies IT Management and Support

-Reduces downtime

-Added redundancy

-Runs on bare metal hardware

-Resources are dedicated and not shared, the user has full access to the hardware the instance runs on (CPU, Memory, GPU, etc)

-Easily provide accelerated graphics to EUC instances without additional costs

-Reduction in licensing as virtualization products don’t need to be used

 

Cons:

-Limited instance count to possible instances on hardware

-Scaling out requires immediate purchase of hardware

-Some virtualization features are not available since this solution doesn’t use virtualization

-Additional backup strategy may need to be implemented separate from your virtualized infrastructure

 

Example:

If you require dedicated resources for end users and want to be as cost-effective as possible, HDI is a great candidate.

An example HDI deployment would utilize HPe Moonshot which is one of the main uses for HPe Moonshot 1500 chassis. HPe Moonshot allows you to provision up to 180 OS instances for each HPe Moonshot 1500 chassis.

More information on the HPe Moonshot (and HPe Edgeline EL4000 Converged Edge System) can be found here: https://www.stephenwagner.com/2018/08/22/hpe-moonshot-the-absolute-definition-of-high-density-software-defined-infrastructure/

 

Virtual Desktop Infrastructure (VDI)

Virtual Desktop Infrastructure virtualizes the end user operating system instances exactly how you virtualize your server infstructure. In VMware environments, VMware Horizon View can provision, manage, and maintain the end user computing environments (virtual machines) to dynamically assign, distribute, manage, and broker sessions for users. The software product handles the connections and interaction between the virtualized workstation instances and the thin client, zero client, or software client.

Pros:

-Remote Access capabilities

-Reduction in EUC hardware and cost-savings

-Simplifies IT Management and Support

-Reduces downtime

-Added redundancy

-Runs as a virtual machine

-Shared resources (you don’t waste hardware or resources as end users share the resources)

-Easy to scale out (add more backend infrastructure as required, don’t need to “halt” scaling while waiting for equipment)

-Can over-commit (over-provision)

-Backup strategy is consistent with your virtualized infrastructure

-Capabilities such as VMware DRS, VMware HA

 

Cons:

-Resources are not dedicated and are shared, users share the server resources (CPU, Memory, GPU, etc)

-Extra licensing may be required

-Extra licensing required for virtual accelerated graphics (GPU)

 

Example:

If you want to share a pool of resources, require high availability, and/or have dynamic requirements then virtualization would be the way to go. You can over commit resources while expanding and growing your environment without any discontinuation of services. With virtualization you also have access to technologies such as DRS, HA, and special Backup and DR capabilities.

An example use case of VMware Horizon View and VDI can be found at: https://www.digitallyaccurate.com/blog/2018/01/23/vdi-use-case-scenario-machine-shops/

Conclusion

Both technologies are great and have their own use cases depending on your business requirements. Make sure you research and weigh each of the options if you’re considering either technologies. Both are amazing technologies which will compliment and enhance your IT strategy.

HPe Welcomes Digitally Accurate Inc. Canadian Center of Excellence

Recently we had the pleasure of visiting the HPe (Hewlett Packard Enterprise) headquarters in Toronto Ontario. During this visit we had a chance to talk tech, visit the Canadian Center of Excellence (CCoE), and discuss some of the product road maps moving forward.

HPe Welcomes Digitally Accurate Inc. Canadian Center of Excellence

HPe Welcomes Digitally Accurate Inc. Canadian Center of Excellence

Digitally Accurate Inc. has been a long time partner of HPe, and we specialize in solutions that include HPe product.

In the meetings, we discussed:

  • Compute, Storage, and IoT
  • Edge IoT Compute
  • HPe 3Par Storage
  • HPe Nimble Storage
  • HPe Simplivity
  • HPe Synergy
  • HPe MSA 2050/2052
  • Virtualization (Service, VDI) on HPe Platforms
  • SAP S4/HANA on HPe TDI Certified Appliances

Here’s some pictures from the trip

Stephen Wagner at Digitally Accurate Inc. visits HPe CCoE Data center

Stephen Wagner at Digitally Accurate Inc. visits HPe CCoE Data center

 

HPe Center of Excellence Datacenter at HPe HQ Toronto, Ontario

HPe Center of Excellence Datacenter at HPe HQ Toronto, Ontario

 

Stephen Wagner at Digitally Accurate Inc. visits HPe CCoE Data center

 

HPe Rack at HPe CCoE Data center

HPe Rack at HPe CCoE Data center

 

Stephen Wagner at Digitally Accurate Inc. visits HPe CCoE Data center

Stephen Wagner at Digitally Accurate Inc. visits HPe CCoE Data center

 

HPe Nimble Storage and HPe Syntergy at HPe HQ CCoE Data Center

HPe Nimble Storage and HPe Syntergy at HPe HQ CCoE Data Center

 

HPe Moonshot at HPe CCoE Headquarters in Toronto, Ontario

HPe Moonshot at HPe CCoE Headquarters in Toronto, Ontario

 

HPe IoT Edge 1U Rack

HPe IoT Edge 1U Rack

 

HPe Moonshot at HPe CCoE Headquarters in Toronto, Ontario

HPe Moonshot at HPe CCoE Headquarters in Toronto, Ontario

 

 

HPe Build your Rack Visualizer

HPe Build your Rack Visualizer

We’re looking forward to our continued partnership and work with HPe!

A big thank you goes out to to Bob Wong, Christine Wang, Igor Samuk, Rob Drover, Jordan Nanos, Kyle Falzetta, Asha Wright, and Zachary Zicarelli for the invite and warm welcome!

MFA/2FA with Duo

When you’re looking for additional or enhanced options to secure you’re business and enterprise IT systems, MFA/2FA can help you achieve this. Get away from the traditional single password, and implement additional means of authentication! MFA provides a great compliment to your cyber-security policies.

Here at Digitally Accurate Inc, we’ve been using the Duo Security‘s MFA product in our own infrastructure, as well as our customers environments for some time. Digitally Accurate is a DUO Partner and can provide DUO MFA Services including licensing/software and the hardware tokens (Duo D-100 Tokens using HOTP).

What is MFA/2FA

MFA is short for Multi Factor authentication, additionally 2FA is short for Two Factor Authentication. While they are somewhat the same, multi means many, and 2 means two. Additional security is provided with both, since it provides more means of authentication.

Traditionally, users authenticate with 1 (one) level of authentication: their password. In simple terms MFA/2FA in addition to a password, provides a 2nd method of authentication and identity validation. By requiring users to authentication with a 2nd mechanism, this provides enhanced security.

Why use MFA/2FA

In a large portion of security breaches, we see users passwords become compromised. This can happen during a phishing attack, virus, keylogger, or other ways. Once a malicious user or bot has a users credentials (username and password), they can access resources available to that user.

By implementing a 2nd level of authentication, even if a users password becomes compromised, the real (or malicious user) must pass a 2nd authentication check. While this is easy for the real user, in most cases it’s nearly impossible for a malicious user. If a password get’s compromised, nothing can be accessed as it requires a 2nd level of authentication. If this 2nd method is a cell phone or hardware token, a malicious user won’t be ale to access the users resources unless they steal the cell phone, or hardware token.

How does MFA/2FA work

When deploying MFA or 2FA you have the option of using an app, hardware token (fob), or phone verification to perform the additional authentication check.

After a user attempts to logs on to a computer or service with their username and password, the 2nd level of authentication will be presented, and must pass in order for the login request to succeed.

Please see below for an example of 2FA selection screen after a successful username and password:

Duo MFA 2FA Prompt on Windows Login

Duo Security Windows Login MFA 2FA Prompt

 

After selecting an authentication method for MFA or 2FA, you can use the following

2FA with App (Duo Push)

Duo Push sends an authentication challenge to your mobile device which a user can then approve or deny.

Please see below for an example of Duo Push:

Duo Push Notification to Mobile Android App

Duo Push to Mobile App on Android

Once the user selects to approve or deny the login request, the original login will either be approved or denied. We often see this as being the preferred MFA/2FA method.

2FA with phone verification (Call Me)

Duo phone verification (Call Me) will call you on your phone number (pre-configured by your IT staff) and challenge you to either hangup to deny the login request, or press a button on the keypad to accept the login request.

While we rarely use this option, it is handy to have as a backup method.

2FA with Hardware Token (Passcode)

Duo Passcode challenges are handled using a hardware token (or you can generate a passcode using the Duo App). Once you select this method, you will be prompted to enter the passcode to complete the 2FA authentication challenge. If you enter the correct passcode, the login will be accepted.

Here is a Duo D-100 Token that uses HOTP (HMAC-based One Time Password):

Duo D-100 HOTP Hardware Token

Duo D-100 HOTP Hardware Token

When you press the green button, a passcode will be temporarily displayed on the LCD display which you can use to complete the passcode challenge.

You can purchase Hardware Token’s directly from Digitally Accurate Inc by contacting us, your existing Duo Partner, or from Duo directly. Duo is also compatible with other 3rd party hardware tokens that use HOTP and TOTP.

2FA with U2F

While you can’t visibly see the option for U2F, you can use U2F as an MFA or 2FA authentication challenge. This includes devices like a Yubikey from Yubico, which plugs in to the USB port of your computer. You can attach a Yubikey to your key chain, and bring it around with you. The Yubikey simply plugs in to your USB port and has a button that you press when you want to authenticate.

When the 2FA window pops up, simply hit the button and your Yubikey will complete the MFA/2FA challange.

 

What can MFA/2FA protect

Duo MFA supports numerous cloud and on-premise applications, services, protocols, and technologies. While the list is very large (full list available at https://duo.com/product/every-application), we regularly deploy and use Duo Security for the following configurations.

Windows Logins (Server and Workstation Logon)

Duo MFA can be deployed to not only protect your Windows Servers and Workstations, but also your remote access system as well.

When logging on to a Windows Server or Windows Workstation, a user will be presented with the following screen for 2FA authentication:

Duo MFA 2FA Prompt on Windows Login

Duo Security Windows Login MFA 2FA Prompt

VMWare Horizon View Clients (VMWare VDI Logon)

Duo MFA can be deployed to protect your VDI (Virtual Desktop Infrastructure) by requiring MFA or 2FA when users log in to access their desktops.

When logging on to the VMware Horizon Client, a user will be presented with the following screen for 2FA authentication:

Duo MFA 2FA Prompt on VMWare Horizon Client Login

Duo Security VMWare Horizon Client Login MFA 2FA Prompt

Sophos UTM (Admin and User Portal Logon)

Duo MFA can be deployed to protect your Sophos UTM firewall. You can protect the admin account, as well as user accounts when accessing the user portal.

If you’re using the VPN functionality on the Sophos UTM, you can also protect VPN logins with Duo MFA.

Unix and Linux (Server and Workstation Logon)

Duo MFA can be deployed to protect your Unix and Linux Servers. You can protect all user accounts, including the root user.

We regularly deploy this with Fedora and CentOS and you can protect both SSH and/or console logins.

When logging on to a Unix or Linux server, a user will be presented with the following screen for 2FA authentication:

Duo MFA 2FA Prompt on CentOS Linux Login

Duo Security CentOS Linux login MFA 2FA Prompt

WordPress Logon

Duo MFA can be deployed to protect your WordPress blog. You can protect your admin and other user accounts.

If you have a popular blog, you know how often bots are attempting to hack and brute force your passwords. If by chance your admin password becomes compromised, using MFA or 2FA can protect your site.

When logging on to a WordPress blog admin interface, a user will be presented with the following screen for 2FA authentication:

Duo MFA 2FA Prompt on WordPress Login

Duo Security WordPress Login MFA 2FA Prompt

How easy is it to implement

Implementing Duo MFA is very easy and works with your existing IT Infrastructure. It can easily be setup, configured, and maintained on your existing servers, workstations, and network devices.

Duo offers numerous plugins (for windows), as well as options for RADIUS type authentication mechanisms, and other types of authentication.

How easy is it to manage

Duo is managed through the Duo Security web portal. Your IT admins can manage users, MFA devices, tokens, and secured applications via the web interface. You can also deploy appliances that allow users to manage, provision, and add their MFA devices and settings.

Duo also integrates with Active Directory to make managing and maintaining users easy and fairly automated.

Let’s get started with Duo MFA

Want to protect your business with MFA? Give us a call today!

Today we want to share with you an Eaton UPS and EBM (Extended Battery Module) we recently setup for one of our customers. This provides all their server infrastructure 3 hours of run time in a blackout! Additional EBM’s can be added to increase run-time significantly.

The Eaton 9130 uses double conversion to supply power to your equipment, and has an efficiency rating of over 95%.

In the configuration below, we used:

  • PW9130L1500T-XL
  • PW9130N1500T-EBM
  • NETWORK-MS

 

Please see below for pictures:

PW9130L1500T-XL
PW9130N1500T-EBM

 

PW9130L1500T-XL

PW9130L1500T-XL

 

PW9130N1500T-EBM

PW9130N1500T-EBM

 

PW9130L1500T-XL

PW9130L1500T-XL

 

PW9130L1500T-XL (Front)

PW9130L1500T-XL

 

Contact us for your Eaton and/or IT power requirements!

This weekend, one of our customers had an aging Sophos UTM 220 which was reaching it’s end of life (EOF). The upgrade path for the Sophos UTM220 is the new Sophos UTM SG 230.

Here’s a few pictures of the unboxing and deployment:

Sophos UTM SG 230 Box

Sophos SG 230 UTM

Sophos UTM SG 230

Here’s the specifications on the SG 210 and SG 230:

Sophos SG 210 SG 230 Specifications

 

Digitally Accurate Inc. is a Sophos Partner providing hardware and services in Calgary, Alberta and Vancouver, BC. Contact us today!

Red Hat Ready Business Partner Logo

We’re proud to announce our partnership with Red Hat!

Red Hat is the world’s leading provider of open source solutions, using a community-powered approach to provide reliable and high-performing cloud, virtualization, storage, Linux, and middleware technologies.

By adding this partnership to our growing network, we continue to establish and maintain ourselves as a leading all-encompassing turnkey IT solution and managed services provider for businesses. We differentiate ourselves from competition by managing and advising both on the business and technical aspects of information technology, where our competitors usually strictly focus on the technical.

Contact us today for more information!

Top