Unexpected gains for clients using Sophos Firewalls.

Fri, Apr 26, 2019

Read in 3 minutes

I am going to do the same thing to my kids.

Unexpected gains for clients using Sophos Firewalls.

This is a story about how a small client (AMR) did get what they asked for and started growing a legacy. I must admit that I liked them on a personal level. Always have, but my client struggled as a family together for many years. They were living a very middle-class average modest lifestyle. It made me want to continue to work with them. I have had clients tell me how poor they are, then drive off in an expensive car to an even more ridiculous home. Which is human nature I think? Then one day boom. They were suddenly on the up and up. Success started rolling in. They very much deserved this just as much as anyone else. I was happy and proud of them. It was my job now to help them plan for the future.

At this time in early 2017 firewalls seemed like a week spot that was getting PWNED and always in the news. I decided that this was going to be what I focused on as my ever-evolving ever-changing IT landscape project.

Sitting at the edge of the network and rarely configured or monitored for active compromise, the firewall today is a vulnerable target for persistent and targeted attacks.

Hackers exploiting the firewall beachhead: A history of backdoors into critical infrastructure.

The little DME company by this time had moved to a much larger space, and just as soon as they got there. They were already starting to outgrow it. They had issues with the internet going out all the time and needed a fail-over internet. It just so happens I am going to increase the availability of the internet by doing a dual LAN project and putting a significant upgrade in network security at the same time.

When I installed and configured the firewalls, I was able to see very well the behavior of an office. I know people screw around at work on the internet, but now It’s in my face. Six people were playing you-tube videos for the music. Facebook all day. Every day. Job hunting. Employees were playing games. I watched the traffic for about a week observing the companies surfing habits. Then I had enough and slammed the entire office down to only being able to do their jobs.

It was explained to the family that there was much non-work related unproductive browsing. People were taking advantage of their kind nature, wasting money my clients had worked so hard to be where they where. I was in the position to do something about it and did it. I was not familiar with how to use this new firewall. So I continued to work on the firewall for a few days. I was getting everything smoothed out. Security is a process. Internet free from frequent outages was the original reason they considered purchasing the security appliance. Then I took it further and was able to shape a culture of lousy browsing habits to a productivity boost.

Policies were created and assigned to everyone. Then I was able to give all the owners some privileged access. Everyone else had minimal access to the internet. It was apparent who the hard workers were and given some freedoms back. The slackers complained the most. Wich, I found funny.

Most complaints were explained like this.

“Hey, I noticed that I cant *fill in the blank* anymore. Why?”

My response

“I’m sorry. Is there something keeping you from doing your job?”

There response

“No.”

Then I would say back.

“Soooo. I am not sure what the problem is?”

I work for the people that write the checks.

That is how I went from upgrading the security of an office of 25 employees not only to increase security but overall productivity in several unexpected ways.