Admin Network & Security 73 2023.pdf

(26888 KB) Pobierz
ADMIN
Network & Security
Container
Databases
MS365 Desired
State Configuration
Binary Cyberattack
Analysis
Network & Security
ISSUE 73
In clouds, in containers, and scaled out
Kubernetes StatefulSet
Containerize and scale DBs
Purview
Data loss prevention
MS365 DSC
Desired state configuration
Scale Out Cloud DBs
YugabyteDB and Vitess
Win Server 2022 GPOs
Templates and
recommendations
ESXi Ransomware
Attacks
Now what do you do?
Acceptance Testing
Verify your configuration
with goss
Binary Ninja
Analyze cyberattacks
and malware
WWW.ADMIN-MAGAZINE.COM
RE
F
VD
ED
Welcome to ADMIN
W E LCO M E
Offshoring and the Great Layoff
No, you’re not mistaken and not imagining things.
I’ve written about the Great Resignation, the Great Stay Put, and
now the Great Layoff. In case you haven’t noticed, the IT industry is in the midst of a massive contraction, in which
thousands of workers have lost their jobs. According to one report, 37 percent of tech workers are in a state of worry
about the looming possibility of getting laid off
[1]
.
It’s a funny thing about the IT industry, and maybe it applies to all industries, but hiring in this field goes in cycles.
Boom, bust, boom, bust, and so on. There’s never a happy medium where growth, prosperity, and normal attrition exist.
What doesn’t make sense to me is that technology is still here, no matter what. The work still needs to be done. Services
need maintenance, hardware needs to be replaced, and software needs to be compiled and installed, but today, we can
do without 20 percent of the workforce we had yesterday?
When the economy slides into a downturn, companies look for ways to cut their budgets. In the high tech field, budgets
are often cut through outsourcing to offshore providers. The perception among many executives is that offshoring pro-
vides an identical product for less overhead, but customers sometimes see it differently.
Some software companies try to outsource their customer support. Of course, this sometimes works adequately, but
sometimes it doesn’t work at all. I’ve been frustrated in the past navigating the language barrier with phone support
techs who have only a superficial understanding of the product they are supposed to be
supporting.
Another problem for companies that provide products and support in the IT in-
dustry is that your customers will know you’re outsourcing, and they’ll want
a lower price. I don’t blame them. If I hired Company X to be my managed
service provider and knew they were offshoring support to get that sweet,
cheap labor, I’d want to share in the lower cost too.
Another problem is that the country where your company is located
won’t receive any economic benefits from the money it is sending over-
seas. You might be getting cheaper labor, but you’re not generating the
economic activity needed to turn the local economy around: income taxes,
product purchases, and local buying. Local spending builds an economy. I
agree with the signs that say “Shop Local” or “Buy Local.”
The sadder part of the story is the quest for cheap labor is ongoing. One
company I worked for devastated local economies in certain countries by first
offshoring to them and then finding cheaper labor somewhere else.
Offshoring is bad for the economy and bad for workers, but if you’re obsessed
with saving money overseas, how about moving some C-level executives to these
cheap labor locations – mic drop.
Ken Hess
ADMIN Senior Editor
Lead Image © Daniil Peshkov, 123RF.com
Info
[1]
Roughly 1 in 3 Workers is Worried about a Layoff:
[https://www.cnbc.com/2022/12/19/roughly-1-in-3-workers-
is-worried-about-a-layoff.html]
W W W. A D M I N - M AGA Z I N E .CO M
A D M I N 73
3
S E RV I C E
Table of Contents
ADMIN
Network & Security
Features
10
Cloud DB Basics
Although cloud databases have
lower investment and operating
costs and better scalability and
availability, we look at some of
their limitations.
Google Cloud Databases
The Google Cloud Platform offers
a wide range of databases for
various purposes.
Containerize and Scale DBs
Stateful legacy databases are
theoretically not a good fit for
containers, but classic SQL can
still work well on Kubernetes,
with many options for SMEs in
scale-out environments.
Vitess for MySQL
Vitess relies on various
techniques to scale MySQL
horizontally, while looking like
the popular database from the
outside. But does it deliver what
its authors promise?
YugabyteDB
The world of scale-out is stateless;
unfortunately, databases are not.
YugabyteDB solves this dilemma
for PostgreSQL.
36
Tools
Acceptance Testing
with goss
Catch problems related to
misconfiguration by implementing
your own acceptance testing
environment with this free tool.
62
Security
Data Security and
Governance
Protecting data becomes
increasingly important as the
quantity and value of information
grows. We describe the basics of
data security and governance and
how they intertwine.
Security with CrowdSec
This cloud service can help
detect and avert threats at an
early stage with crowd security,
wherein organizations form a
community to share attack data.
14
18
46
Windows Package
Manager
Chocolatey and WinGet offer full-
fledged package management on
Windows, but which is best for
your environment?
66
Containers and Virtualization
52
Desired State
Configuration
We describe the fairly complex
initial setup and use of
Microsoft 365 Desired State
Configuration.
Azure AD Restricted
Auth
Delegate authorizations in Azure
AD to ensure better security.
3
6
97
98
70
Management
Win Server 2022 GPOs
We discuss how to manage
and secure clients with group
policy object templates and
look at some recommendations
from various governmental
and non-governmental security
advocates.
24
56
30
Service
Welcome
News
Back Issues
Call for Papers
4
A D M I N 73
W W W. A D M I N - M AGA Z I N E .CO M
Table of Contents
S E RV I C E
10 |
Cloud DB Basics
Why databases are moving to the cloud
Cloud databases can be useful in virtually any conceivable deployment
scenario, come in SQL and NoSQL flavors, and harmonize well with
virtualized and containerized environments.
Highlights
36 Automated Acceptance
Testing
Goss is an elegant modern
solution to bake acceptance
testing in your servers. The
validation tool supports
templating and can be integrated
with modern cloud tools.
82 Microsoft Purview
Data loss prevention policies
provide a quick way to check
the daily flood of data from
various Microsoft services
for compliance with on-board
tools.
90 ESXi Ransomware
Attacks
You can mitigate risk and
prepare for recovery if your
hypervisor protection fails in
a ransomware attack.
Nuts and Bolts
79
Binary Ninja
This interactive binary analysis
platform uses an advanced
technique to work through
cyberattacks and malware
infestations.
Nuts and Bolts
88
Goodbye SHA-1
The SHA-1 cryptographic hash
function has been considered
insecure for a long time. Some
Linux distributions have banned
or no longer use it – with some
consequences, though.
90
Hypervisor Ransomware
Even specialized operating
systems like the ESXi server
are not immune to ransomware
attacks, but you can at least
prepare for recovery, if you can't
protect yourself reliably.
93
Performance Dojo
We launch a network
performance test on EC2 to
answer the question: Is the
cloud as fast as expected?
On the DVD
Manjaro 22.0 Gnome
This Linux-based operating system is
fast, powerful, and user-friendly, has
no licensing fees, respects your privacy,
and is appropriate for beginners and
advanced users alike. Manjaro is based
on the independently developed Arch
operating system. Use it for develop-
ment, gaming, and 3D at the office or
at home, on tablets, mobile devices,
desktops, laptops, and boards.
82
Microsoft Purview
Combine compliance and data
governance to address the
security of confidential data in
the new hybrid working world.
@adminmagazine
@adminmag
ADMIN magazine
@adminmagazine
W W W. A D M I N - M AGA Z I N E .CO M
A D M I N 73
5

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin