Network security blankets

Network security blankets

The Internet has burned itself into the consciousness of nearly every PC user to such an extent that security now seems to mean simply avoiding hackers. So sell them a firewall and get some sleep. Not good enough. You're losing money and doing your customers a disservice if you get caught up in the Internet hype and start to believe that the only security problems are created by spotty nerds with modems.

Surveys still show that internal users create more disasters than outsiders, be it deliberate attacks from disgruntled staff or accidental trashing of important data by well-meaning workers.

If you're selling to the SME marketplace, you're already used to buyers looking for cheap solutions and you've probably had to shave your margins to the bone just to get the sale. And as the software gets easier to install and use, you're probably not getting much revenue from setting up the systems either. So why not have a crack at offering security as part of your portfolio?

To help your customers avoid the internal disaster syndrome, offer a decent training package. Vendors, such as ComTech, will sell you their training modules at a price that lets you collect a decent margin when you on-sell them to your clients, and you may be surprised to find that businesses often have a different budget they can use to pay for this service. Often, it's only the hardware that they expect to get for rock-bottom prices, because that's what they see advertised, or their mates at the pub have told them about the Pentium for $500 deal that "somebody" just grabbed.

Make sure your customers are trained in the art of storing important information on the file server, which you can secure for them. If you can manage to sell them a system that secures all the data on every PC, then you don't need any advice from me. However, I have found that it's not a difficult sell to get the server secured, even if you sold them a no-name clone for the purpose. The most popular server platforms, Windows NT and NetWare, both include the built-in ability to enforce the use of passwords that have a reasonable length and that are changed periodically. There's no point having admin passwords that everybody knows. Then again, make sure that the admin password is known by more than one person, as well as being written down and stored in the company safe.

You can get into a system when all the pass-word holders have gone off to a management retreat - with no phones - but it doesn't inspire confidence in the customer when they see you cracking their supposedly secure network, even though it's necessary. They'd rather believe no-one can get in, no matter what.


Once you've got them trained not to trash things, and made them use passwords sensibly, you need to start securing things against the external forces of darkness. No, we're not talking about hackers - yet. A staggering 40 per cent of data loss is due to power failures. This one is easy to avoid with an uninterruptable power supply (UPS) from vendors such as American Power Conversion (APC), and they no longer cost more than the server or require an electrician to install them. It's a good idea to sell them a UPS with enough grunt to handle the network gear, such as hubs, switches, routers and WAN links, as well as the server.

Just because your lights are out, you don't need to let the Internet know about it. People can still be browsing your Web site or delivering e-mail while you wait for the power to return.

Of course, if your customers have deep pockets, they can UPS the whole network, allowing everyone to keep pounding the keyboards working only by the glow of their monitors, but there aren't many SME sites that would be prepared to go that far.

Next item on the shopping list is the backup system. DAT tape drives are affordable and have enough capacity for most SME networks. Hewlett-Packard's offshoot, Lynx, is one vendor, Wangtek is another, and the inventors, Sony, also make and sell them. If you want more capacity you'll need to talk to Exabyte, which sells 8mm tape backups based on the Sony video-8 cartridges. Exabyte also makes a range of tape libraries for those who have more disk drives than PCs. Of course, the drives need some software - what ships with the operating system is not good enough. The leader in this field is Cheyenne with its Arcserve range, although there are many other players such as Legato and Seagate who are worth knowing about.

Cheyenne has a very nice line in optional extras that can help you earn a few more dollars. Most backup systems won't handle files that are left open, usually by users leaving their PCs logged in. And few will handle relational databases properly either. Arcserve itself does only a reasonable job of it in standard issue. But Cheyenne has a wide range of add-ons that let your customers delve into the internal secrets of Oracle, Notes or SQL server, to name a few, and get the data safely stored on tape.

Accountants really like the idea of being able to back up their stuff just before month end and you can help them by offering a removable disk option from Iomega or Syquest.

Looking for solutions

Depending on the size of the accounting database you can sell them anything from 100Mb to 1Gb of fast access to a local backup solution that lets them safeguard their own data at any point in time, without waiting for the overnight backup or hassling the network manager for a special tape run.

Devices like these have the added advantage of storing information in normal file format, letting them recover just the creditors ledger if that's the one that didn't balance. And since the accountant usually controls the spending, offering something that helps them as part of the deal won't hurt your chances of securing the entire sale.

If you're going to sell backup solutions - and you should - it's a very good idea to decide on a particular combination that you are confident with, and install and use it yourself. Then, if a customer calls with a broken backup, you will be able to help them by reading their tapes or lending them your tape drive - you did get an external unit didn't you?

Tapes have a habit of being ignored until the disaster strikes, at which point you often find that the customer is using very old versions of software that you just can't buy anymore. They may even be using tape drive hardware that no longer exists. You can help them avoid this, and help yourself as well.

If you keep an up-to-date database with details of your client's network, including PCs, printers and other peripherals, you'll be able to call everyone who needs an upgrade, as soon as it's released. You'll also know who needs some more RAM when you find that new version is a memory pig. Here's the security angle. By recording the serial numbers of all their gear in your database, they'll have someone they can call in the event of a burglary, to help them recover the stolen goods, or prove to the sceptical insurance agents that they actually owned all that stuff. My bet is that they'll buy the replacement network from such a helpful reseller.

Another major cause of disaster is virus infection. Everybody has a story to tell about this, and there seem to be as many vendors of fixes as there are viruses. Cheyenne provides Inoculan, which has the advantage of being well integrated with their Arcserve backup software.

It's good to know that your data is being backed up virus free. The last thing you want after cleaning up a virus attack is to restore your data and find that virus hidden on your tapes, starting the whole process again. However, such things should be a thing of the past. Server-based virus scanners are plentiful, which means users can't dodge them or unload them as they might if you load the software on each PC.

Dr Solomon's has upped the ante recently by offering scanners that can get inside places you wouldn't usually look, such as Notes databases and e-mail attachments. McAfee sells annual licences rather than boxed products, that means your customers are always automatically kept up to date, and keeps you earning a little something each year.


Let's see where we're up to. You started out selling them a server, and now you've added training, power protection, tape backups and antivirus to the shopping trolley. That's a better deal for you and the client.

So, what's next? Stopping the hackers.

Firewalls are getting easier and costing less these days. Vendors such as Checkpoint and Raptor make bulletproof firewalls, but you'll need technical staff who know what they are doing to get them properly set up. A lot of smaller network owners will baulk at paying more for firewall software than they'd pay for a Compaq Proliant server. Come to think of it, a lot of larger network owners have trouble with this equation as well. After the sale they'll usually get a bill for two days setting up time to sour the relationship even further.

A new crop of "black box" firewalls are starting to emerge that come pre-configured and ready to attach to a network, and you'll find that smaller companies are more attracted to products such as the WatchGuard range from Seattle Software Labs. The device is actually a red box, called Firebox, which has three ports. Internal, external and public.

There's an opportunity to sell one of these firewalls to customers who aren't even connected to the Internet.

Selling a secure network can also secure you a better margin, and if you pitch it properly, you might be able to beat off the competition more often, even if they are offering a lower overall price for the network basics. Keep that data safe and you'll have loyal customers who will save your bottom line.

Follow Us

Join the newsletter!

Error: Please check your email address.
Show Comments