Successful Account Executive candidate conversation

My current role as inside sales specialist, I am proactively reaching out on new leads and tasks from existing opportunities. I am reactive with quick SLA's to reply on any email requests. I have a substantial amount of tribal and product knowledge. I can have conversations that span from C-level down to admin.

When moving on to next role of being outside sales, strengths is not on many transactions, but on strengthening key relationships. I will need to be able to properly coordinate people and resources for projects. I will have to have the perceived beneficial solution that will solve a business problem. C-level buy from companies and people they trust.

I will need to be able to size and scope opportunities correctly before 4 legged sales calls. This is where there is multiple people visiting with me. Number of legs is the number of people attending meeting. Don't need to have a 4 legged sales call to an initial scope with IT admin.

Successful AE's have at least 3-5 proof of concepts at any one time. Most large opportunities require the tires to be kicked before purchase. Once POC is set up, need to coordinate SE with technical contact to hand off for a bit. However, AE is needed to step back in and round up everyone involved to sign off on PO by a desired date.
Summary: Find Opp, Quality, project manage POC, and lastly close/win. If close/lost, learn something beneficial.

Monday and Friday are typically office days to organize schedule and go through reports.
Tuesday, Wednesday, and Thursday are travel, primary work days.
Of course this schedule is tentative depending on circumstances.
There is a big caution that you can be busy but not productive.
Having time management and driving qualified leads effectively is more important than going to different free lunch events that are not your target market.

Being in an outside AE role is mostly about relationships and business acumen, instead of technical knowledge. Be expected to live in primary metro location for territory. It is also important about who you know and what contacts you have. However every candidate will have weakness. It is my job to sell my strengths.

IT security budgeting whitepaper - February 2014

http://software.dell.com/documents/protecting-the-organization-against-the-unknown-whitepaper-27396.pdf

EX6000/Aventail/SMA tech support activation

Thanks to Sean Burke for this information.

The Aventail appliances still use a manual process to upgrade licensing information (unlike the firewalls where they automatically “phone home” to learn licensing info).  I believe this is expected to change soon with a future software upgrade.  They’ll just need to go to www.mysonicwall.com and located their Aventail appliance then follow the steps below to export the license key, then import it into the Aventail appliance…

From mysonicwall.com

 Then on the Appliance

Deploy and Manage Chrome for EDU/ Business | Chrome MSI

Thanks to EMM, endpoint mobile management, team to share this with me. 

http://www.google.com/intl/en/chrome/business/browser/admin/

Google allows managing Chromebooks only from Google Admin site (or Google admin console).

Here is the list of polices you can enforce on Chromebooks: https://support.google.com/chrome/a/answer/2657289 

for Safebrowsing check Security (Safe Browsing) and Content items (Safe Search).

Interesting Security Articles of note

U.S. Indicts Five Chinese Army Officers for Alleged Cyberespionage Operations

Malvertising Redirecting to Microsoft Silverlight Exploits

Webcam voyeurs around the world are on edge after authorities in several nations began raiding buyers of the BlackShades remote access trojan (RAT).

LifeLock has withdrawn its Wallet App and deleted user data over concerns the technology falls short of user data protection rules under the payment card industry's Data Security Standard (PCI DSS).

Google looks to unite work and pleasure by acquiring Divide for BYOD

Bare Metal Provisioning Heartbleed vulnerability in Dell Networking fixed in FTOS 9.4.

http://www.dell.com/learn/us/en/04/campaigns/heartbleed-remediation

Cryptolocker on Android phones...

http://malware.dontneedcoffee.com/2014/05/police-locker-available-for-your.html#!/2014/05/police-locker-available-for-your.html

Research link that lead to above capture:
http://www.theinquirer.net/inquirer/news/2344051/cryptolocker-ransomware-hits-android-smartphones-and-tablets-via-fake-porn-app

Threat intellegence -
https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=679

Equipment ID on SonicWall SMB SRA 7.5 End Point Control?

Thank you to my System Engineer Manager, Ed, for finding this information.

Regarding the End Point Control on the SRA appliance for your customer, we do not support creating policies tied to MAC addresses, however we can make policies that are tied to the Hard Drive Serial number.  I would argue, this is probably more secure, at least on the surface.

Below is a quick explanation of how to retrieve the Equipment ID from various Windows platforms.

The EID stands for the ‘Hard driver serial number’.

For Windows 7, you can type following command to get EID:
wmic diskdrive get serialnumber

For windows XP, you may use some third-part free tool to get the EID. This is a link of a free tool.

http://crystalmark.info/software/CrystalDiskInfo/index-e.html

More SMB SRA info:

Firmware 7.5 now has EPC abilities. Customers can create profiles looking for Anti-Virus, Anti-Malware, Personal Firewall programs, Running applications, Client certificates, registry keys, files, directories, domain membership, Windows Version, and device ID. (No MAC address though)

I think it's possible to create multiple profiles and lock down a user account to a device profile, but that would be a unique profile per-user (could potentially be a lot of configuration work).

So we can make sure the device that's connecting in is the right device (so you can't use a home machine or some other non-corporate asset). However, locking a specific person to one device might be a large config. Part of customer's remote access (BYOD) policy conversation needs to address level of device identification, i.e. if it's a corporate device that connects in, or make sure User A is logging in from her device, and not User B's device.

Product documentation link: http://www.sonicwall.com/us/en/support/3893.html

SonicWall threat intellegenct to Microsoft Security Advisory 2963983

I appreciate my System Engineer, TJ, for helping find this documentation.

MS article that started search: https://technet.microsoft.com/library/security/ms14-021

And: http://technet.microsoft.com/en-us/security/dn568129.aspx

--FOUND THIS--

https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=674

--AND THIS—

“Latest Internet Explorer exploit patched within 24 hours”

What is the latest web security danger found when using Internet Explorer?

When Microsoft announced it was ending support and automatic security updates for Windows XP, the cybercriminal community stepped up its attacks, exploiting vulnerabilities wherever they found them. This led to the recent attack campaign against U.S-based defense and financial companies through a remote code execution vulnerability discovered in versions 6-11 of Internet Explorer (IE). 

The announced vulnerability in IE has become the latest headline story in the network security industry largely based on the fact that Microsoft has not stated when a patch for the vulnerability will be available for supported Windows platform but more importantly implied Windows XP PCs will not receive a patch since it has stop support on that platform.  As a result, organizations that have yet to upgrade or invest in a new system running a more recent version of Windows will find themselves at increased risk for hackers to exploit, ranging from simple opportunistic attacks to highly targeted malware infection campaigns. According to Microsoft, the danger arises from an attacker who successfully exploits the vulnerability to gain the same user privileges as the current user to either install programs, view, change or delete data, or create new accounts with full user rights if the current user is logged on with full administrative user rights. As a result, Microsoft has quickly released an out-of-band bulletin Microsoft Security Advisory 2963983 that was published on April 26, 2014 detailing the severity of the vulnerability and mitigation options for users.

What does this mean for Dell SonicWALL customers? 

As a member of the Microsoft Active Protections Program (MAPP), the Dell SonicWALL Threat Research Team reacted swiftly to the Microsoft Security Advisory and created countermeasures to detect and stop all attempted exploits with the new IPS signature IPS: 3787 Windows IE Remote Code Execution Vulnerability (CVE-2014-1776). Within 24 hours of the security advisory, the IPS (Dell SonicWALL Intrusion Prevention Service) signature was immediately pushed to all Dell SonicWALL next-generation firewalls owned by customers who have active security subscription services for their firewall.  Customers without an active security service should purchase or renew their security service as soon as possible to receive IPS signatures for the latest threats and ongoing protection against new threats as they occur.  This protection covers all Windows platforms including Windows XP without having to implement any of the recommended Microsoft workarounds.  However, Dell SonicWALL encourages a layered security approach when combating zero-day type vulnerabilities.   Additionally, we recommend that customers take additional security measures and perform audits as outlined below to minimize their security risk.

1. Make sure IPS is enabled on the firewall
2. Use the firewall advanced application control function to configure a policy that will block users from accessing the internet with affected versions of IE until all systems are patched
3. Apply any workarounds as suggested by Microsoft under the Microsoft Security Advisory 2963983

In summary, this is a dramatic reminder that Dell SonicWALL not only offers security solutions that deliver a deeper level of network protection but more importantly, that our Threat Research Team has a deep and thorough understanding of the dynamic threat landscape and the endless dangers it poses for networks of all sizes.  With the sheer volume of vulnerabilities that are discovered across all computing platforms, identifying and developing the best possible countermeasures against these mutable threats can be challenging as no two threats are exactly the same. Customers can rely on Dell SonicWALL’s team of in-house threat research experts working around the clock gathering, correlating and analyzing data feeds from its Global Response Intelligent Defense (GRID) Network which now has more than one million security sensors globally.  Moreover, they conduct ongoing “in-the-wild” investigations and work with security advisory communities such as Microsoft MAAP to provide our next-generation firewalls and intrusion prevention systems with the threat intelligence required to stop new threats and threat variants with a high degree of effectiveness as they occur.   Stay connected with the latest news and security updates via Dell Security on Twitter, Facebook and LinkedIn.

--AND THIS--“April 2014 IE Vulnerability”April 2014 IE Vulnerability – Next steps for customers to ensure they are protectedSituationOn April 26th, Microsoft released Microsoft Security Advisory 2963983 that addresses a remote code execution vulnerability, CVE-2014-1776, in Microsoft Internet Explorer (IE) versions 6 to 11. A successful exploit of this vulnerability will cause arbitrary code to run in the context of a current user within IE. At this time, Microsoft has not stated when a patch for the vulnerability will be available for supported Windows platforms but, more importantly, it is likely that Windows XP PCs will not receive a patch due to the EOL on that platform. For a view of the broader security implications of Microsoft Windows XP end of support read our blog published in December.Given that IE represents roughly one quarter of the browser share, this potentially exposes a large number of internet users’ computers to malware attacks.  Reports of malicious sites using the vulnerability to hijack PCs surfaced immediately upon publication of the vulnerability (ArsTechnica).   This is a very typical, and highly successful, method of obtaining access to company data utilizing readily available malware. Traditional stateful packet inspection firewalls are blind to these attacks. Malicious traffic utilizing this vulnerability used to attack end users inside a network appears as 100% legitimate traffic to stateful firewalls.  On the other hand, next-generation firewalls and unified threat management firewalls, as well as intrusion prevention systems, are designed to protect networks from such attacks. First Priority: Protect your networkDell SonicWALL firewall customers that have the Intrusion Prevention Service enabled have been protected against this attack since Sunday, April 27^th through an automatic update pushed out over the weekend with the following update:

• IPS: 3787 Windows IE Remote Code Execution Vulnerability (CVE-2014-1776)

As the Deep Packet Inspection engine scans traffic returning to the client browser, the firewall spots and drops the code that triggers the vulnerability in IE. You can find more information on our SonicAlert page athttps://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=674As with all other Microsoft advisories, Dell SonicWALL is listed as one of the partners with protection on the Microsoft Active Protection Program (MAPP) page.  Seehttp://technet.microsoft.com/en-us/security/dn568129Second Priority: Control IE usage until all systems are patchedAs a matter of preventative maintenance going forward, customers with Dell SonicWALL firewalls can use Application Control to identify and restrict IE traffic while the systems patched.   This could be especially useful for networks that still have Windows XP widely deployed, given that Microsoft at this point may not patch these systems.  By blocking internet access from Internet Explorer on these systems, network administrators can significantly reduce the security risk. Blocking Internet Explorer using Application Control can be accomplished by creating an application rule on the firewall which will restrict outgoing traffic based on browser identification.  This can also be accomplished by selecting the broad “Internet Explorer” category instead of picking specific browser versions. 

--AND THIS--

There was a new/different Microsoft Advisory (also for IE) issued on Tuesday. Once again, we had protections that very day. https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=680

Verizon 2014 Data Breach Investigations Report

http://www.verizonenterprise.com/DBIR/2014/

Dell Heartbleed Remediation Link

http://www.dell.com/learn/us/en/04/campaigns/heartbleed-remediation

April 2014 Gartner Magic Quadrant for Data Center Networking

http://www.gartner.com/technology/reprints.do?id=1-1TDGZJW&ct=140423&st=sb

Credit Union Times and SecureWorks IE Zero Day attack and issued recommendations

Sited source: Experts Recommend Avoiding Internet Explorer

The credit union industry is reacting to the ongoing attack on Microsoft’s widely used Internet Explorer software by recommending people avoid using the browser. Security experts reported the flaw in a number of versions of Explorer last week.

SecureWorks and others are recommending that Internet Explorer users – individuals and companies – use the patch for IE vulnerability just released by Microsoft as soon as possible. If unable to do that, Ramsey recommends these steps first.

Disable Adobe Flash plugin. There is no associated vulnerability in Flash, but it is used to create the proper memory environment for successful exploitation and its absence will prevent infection in this specific case.

Enable Enhanced Protected Mode (EPM). Introduced in Internet Explorer 10, EPM provides features that can prevent this exploit from working.

Deploy the Enhanced Mitigation Experience Toolkit (EMET). The observed exploit contains techniques intended to bypass common mitigation strategies such as DEP and ASLR. EMET implements extended exploit mitigation.

McAfee Total Protection install blue screened notebook.

This is the family notebook. It is a Dell Inspiron N5110 and running Windows 7 Home Prem. I have it dual booting Ubuntu for my personal computing. It has been running without any problems since purchase going on 2 years now.

My wife teaches a class for a medical university. She is about to put class information on the computer, so I took on the task of getting it back up to snuff. I updated Windows with the latest security updates. Rebooted successfully. There was expired McAfee Enterprise on the notebook from a previous semester. However it has been expired for a month, and I would rather take care of my own computer. So I wanted to install my own version of McAfee to manage the security. The disc instructions said to be connected to the internet and uninstall any other non-McAfee security products. Note: if you already have McAfee product installed, they will uninstall it automatically...

So install disk. Made sure I had internet connection. McAfee wanted to autorun install. I accepted.

I didn't know that McAfee was disabled. Message box popped up to click here to reenable... I just let the install try to do its thing, but maybe a minute later I got a blue screen.

I didn't freak out. Blue screen said if happens again boot into safe mode. I was able to get into safe mode. Talked to my wife all her must have files are backed up off the computer. However, I was not sure of my next step. Just unistall McAfee from safe mode or do something with the F8 screen to boot to known good config? 

I knew the computer was working fine before installing new A/V, so decided I would do the F8 boot to last known good config. Here is the new problem though. Since I am dual booting Win7/Ubuntu 13.10, the F8 option to start know good config is not coming up as an option in the boot screen.

Is there a way to do this from safe mode? The answer is yes. Good old Google search...

http://pcsupport.about.com/od/tipstricks/ht/smsysconfig.htm

https://www.youtube.com/watch?v=JCnUu_118Vk  

Alright back in business... well, Win7 desktop business...

Next step: Going to uninstall McAfee Enterprise this time before trying to install McAfee Total Protection. Going to McAfee website looking for their uninstall tool.

McAfee Enterprise actually uninstalled fine through control center actually. Then installed McAfee total protection, did full scan, and no problem. I downloaded Windows critical updates again. Wife is good to go with putting her class stuff on the computer again.

Next-Gen Firewall Conversation

I received this list of conversation pieces that goes into the full scope and sizing of Next-Gen Firewalls from someone I highly respect. If I try to be as good as he is with his clients, I will be doing all right.

______

People 

1. Name(s)?

2. Their position/role within org?

3. Try to find this out before conversation.

______________________________

Problems to Solve / Solution Topics

1. Security

2. Performance

3. Availability/Resiliency

4. Worker Productivity

5. Remote Access

6. Office to Office VPN or MPLS Failover

7. Wireless

8. BYOD

9. Compliance

10. Reporting

11. Resources & Expertise for Deployment

12. Support

--- What is the business case we are solving?

______________

Past Experience

1. Current solution?

2. Experience or perception of our solution?

3. Other options that you are considering?                       

____

Time

1. Why now?

2. Time to decide, time to purchase and time to implement?

______

Budget

1. Do you have an established budget?

2. When is that funding available?

3. How did you come up with that #? 

Email Security Appliance (ESA) 8.0 Adding Junk box button for Outlook 2010 and 2013

 To add the junk box button to Outlook 2010 and 2013 you need to know where to download the files. It is shown in the release notes for firmware 8.0.

http://www.sonicwall.com/app/projects/file_downloader/document_lib.php?t=RN&id=572

Pg 4 & 5

Here are the download links.

http://software.sonicwall.com/AntiSpam/snwljunkbutton64bit.zip

http://software.sonicwall.com/AntiSpam/snwljunkbutton32bit.zip

You can also find the download links off our online demo email security box at: www.livedemo.sonicwall.com  

You can find more info for email security appliance in the admin guide of 8.0:

http://www.sonicwall.com/us/en/support/3895.html#tab=support

Latest Internet Explorer exploit patched within 24 hours

The following message is from Ken Dang, Product Manager:

All,

What is the latest web security danger found when using Internet Explorer?

When Microsoft announced it was ending support and automatic security updates for Windows XP, the cybercriminal community stepped up its attacks, exploiting vulnerabilities wherever they found them. This led to the recent attack campaign against U.S-based defense and financial companies through a remote code execution vulnerability discovered in versions 6-11 of Internet Explorer (IE). 

The announced vulnerability in IE has become the latest headline story in the network security industry largely based on the fact that Microsoft has not stated when a patch for the vulnerability will be available for supported Windows platform but more importantly implied Windows XP PCs will not receive a patch since it has stop support on that platform.  As a result, organizations that have yet to upgrade or invest in a new system running a more recent version of Windows will find themselves at increased risk for hackers to exploit, ranging from simple opportunistic attacks to highly targeted malware infection campaigns. According to Microsoft, the danger arises from an attacker who successfully exploits the vulnerability to gain the same user privileges as the current user to either install programs, view, change or delete data, or create new accounts with full user rights if the current user is logged on with full administrative user rights. As a result, Microsoft has quickly released an out-of-band bulletin Microsoft Security Advisory 2963983 that was published on April 26, 2014 detailing the severity of the vulnerability and mitigation options for users.

What does this mean for Dell SonicWALL customers? 

As a member of the Microsoft Active Protections Program (MAPP), the Dell SonicWALL Threat Research Team reacted swiftly to the Microsoft Security Advisory and created countermeasures to detect and stop all attempted exploits with the new IPS signature IPS: 3787 Windows IE Remote Code Execution Vulnerability (CVE-2014-1776). Within 24 hours of the security advisory, the IPS (Dell SonicWALL Intrusion Prevention Service) signature was immediately pushed to all Dell SonicWALL next-generation firewalls owned by customers who have active security subscription services for their firewall.  Customers without an active security service should purchase or renew their security service as soon as possible to receive IPS signatures for the latest threats and ongoing protection against new threats as they occur.  This protection covers all Windows platforms including Windows XP without having to implement any of the recommended Microsoft workarounds.  However, Dell SonicWALL encourages a layered security approach when combating zero-day type vulnerabilities.   Additionally, we recommend that customers take additional security measures and perform audits as outlined below to minimize their security risk.

1.       Make sure IPS is enabled on the firewall

2.      Use the firewall advanced application control function to configure a policy that will block users from accessing the internet with affected versions of IE until all systems are patched

3.      Apply any workarounds as suggested by Microsoft under the Microsoft Security Advisory 2963983

In summary, this is a dramatic reminder that Dell SonicWALL not only offers security solutions that deliver a deeper level of network protection but more importantly, that our Threat Research Team has a deep and thorough understanding of the dynamic threat landscape and the endless dangers it poses for networks of all sizes.  With the sheer volume of vulnerabilities that are discovered across all computing platforms, identifying and developing the best possible countermeasures against these mutable threats can be challenging as no two threats are exactly the same. Customers can rely on Dell SonicWALL’s team of in-house threat research experts working around the clock gathering, correlating and analyzing data feeds from its Global Response Intelligent Defense (GRID) Network which now has more than one million security sensors globally.  Moreover, they conduct ongoing “in-the-wild” investigations and work with security advisory communities such as Microsoft MAAP to provide our next-generation firewalls and intrusion prevention systems with the threat intelligence required to stop new threats and threat variants with a high degree of effectiveness as they occur.   Stay connected with the latest news and security updates via Dell Security on Twitter, Facebook and LinkedIn.