Free webinars "Tales of safety"

In addition to analyzing security concepts, the series of webinars "Tales of Security" describes how: aws certified solutions architect - associate salary

manage access with security tools and group policies

organize security at different levels of infrastructure

manage public key infrastructure (PKI) to support applications

set up secure remote and mobile access

secure the network perimeter

protect the system from data leakage and much more

Participation fee  is free.

The duration of each webinar is 1 hour

Speaker - Andrey Shokhanov

Speaker

Andrey Shokhanov, Microsoft Certified Trainer

WebST1.0 Security Approaches

At the first webinar, we will look at the basics of information security, as well as:

the direction of the attacks and the targets the attackers are trying to reach

generally accepted standards and methodology for information security

building a security concept using the example of the seven-level model "Defense in Depth"

Date and time of the event - July 27 from 16:00 Kyiv time

WebST2.0 Authentication, or Face Control as a Factor of Protecting Corporate Information

In addition to a brief overview of the concept of authentication, the webinar will cover the following topics:

Class Protocols;

LAN Authentification;

Multifactor Authentification.

Date and time of the event - August 10, 16:00 Kiev time

WebST2.1 Authentication, or Face Control as a Factor of Protecting Corporate Information (continued)

In addition to a brief overview of the concept of authentication, the webinar will cover the following topics:

Class Protocols;

LAN Authentification;

Multifactor Authentification.

Date and time of the event - August 31, 16:00 Kiev time

WebST3.0 Security in Microsoft Infrastructure, or What a sysadmin shouldn't do

This webinar will discuss what tools can be used to ensure security in the Microsoft environment, as well as some practical tips for configuring the security of servers and workstations.

Date and time of the event - September 14 from 16:00 Kiev time

WebST4.0 Access Control, or We Are Responsible for Those Who Have Rights

As you might guess from the title, this webinar includes consideration of:

Rights / Permissions (Rights)

Permissions (Classical)

Permissions (New, DynamicAccessControl)

Date and time of the event - September 28 from 16:00 Kyiv time

WebST4.1 Access Control, or We Are Responsible for Granted Rights (continued)

As you might guess from the title, this webinar includes consideration of:

Rights / Permissions (Rights)

Permissions (Classical)

Permissions (New, DynamicAccessControl)

Date and time of the event - September 28 from 16:00 Kyiv time

WebST5.0 Remote Access or Uninvited Guests Denied Entry

In this webinar, we will look at how to secure the infrastructure by providing remote access via:

Remote auth

WiFi

Date and time of the event - October 26 from 16:00 Kiev time

WebST5.1 Remote Access or Uninvited Guests Denied Entry (continued)

In this webinar, we will look at how to secure the infrastructure by providing remote access via:

VPN

Direct Access

Date and time of the event - November 09 from 16:00 Kiev time

WebST6.0 Audit, or an IT Auditor

Sometimes events happen that require answering the question "who did it?" or "when did the problem occur?" This can happen "rarely, but aptly", so you should prepare for the answer to the question in advance.

In this webinar, we'll look at how Microsoft products can make it easier for a sysadmin to track and log information about when and by whom changes were made to the system using:

Audit Remote Access

Audit Object Access

Updated ASP.NET Core MVC Course for All Saints Day

There is no fear greater than the fear of not knowing. Therefore, the teachers of the Learning Center "Networking Technologies" propose to expand their knowledge of developing applications in ASP.NET right after Halloween, the worst holiday of the year. In the world of information technology, ruled by Microsoft, programmers and other aspiring wizards will have a very difficult time without deep knowledge of ASP.NET technology.

But don't despair! Sign up immediately for the M20486 Authorized ASP.NET Core MVC Web Application Development course , which begins on November 4, 2019 and runs for a full week.

Good wizards and light magicians from our Training Center have already eliminated dark magic items hidden in the twilight and are ready to use only light artifacts, including such.

Relevance of knowledge cloud architect

The course program has been updated and perfect.

Teacher Mastery

Authorized course taught by the best ASP.NET Core MVC Certified Teacher.

Certification Exam This

course helps you prepare for the Microsoft 70-486: Developing ASP.NET MVC Web Applications exam.

Start of training The

start of training is guaranteed to take place in any weather and the number of participants.

Tuition Fees

A generous 20% discount is provided.

We remind you that thanks to the magic of the Internet, you can attend the course "Developing Web Applications with ASP.NET Core MVC" remotely.

Project Management Standards

Project management ensures their successful implementation and begins with an assessment of the scope of work, determining the types and quantities of resources, including time, as well as acceptable levels of quality and risks. This is an important part of the enterprise management system, which consists of planning, procedures for reducing the risks of deviations from the planned plans, as well as change management roi specialist salary.

Modern project management can be carried out in accordance with the most current international standards. The "Big Three" standards are: Project Management Body Of Knowledge versions 5.0 and 6.0 (PMBOK, Project Management Body of Knowledge), Projects in Controlled Environments version 2 (PRINCE2, Projects in Controlled Environments) and the well-known Scrum. Note that PMBOK and Scrum are especially popular in Ukraine. Each of these standards helps ensure the success of projects.

For PMBOK and PRINCE2, the following stages of project management are distinguished: planning, initiation, execution, transfer into operation. The Scrum standard implies dividing the progress of projects into small periods of time called sprints. Here, the main steps are planning, implementing and delivering the result of each individual sprint.

Application of one or another project management standard can take into account the specifics of business activities. For example, for strategic breakthrough projects, it is better to use PMBOK, since it is based on preliminary planning. Flexibility is important for small projects, so the Scrum standard is optimal here. It will also be useful if you need to implement several projects that involve active interaction of various specialists, as is the case when using DevOps approaches. Interestingly, in the PMBOK 6.0 standard, a methodology for managing large projects has been developed, which provides for the possibility of splitting projects into stages. At the same time, project management within these stages is actually carried out in accordance with the Scrum standard.

IT project management in software development, system integration or IT training companies is most often carried out according to two basic models "Waterfall" or "Spiral". The choice is made based on the scale of the project and the volume of changes. For development companies, the "Waterfall" model is used, which allows you to manage sequential work based on separation into separate stages, from the initiation of each stage to its completion. If projects are being implemented, for example, for service support or scaling of IT infrastructure, then it is more expedient to use the Spiral model.

It is important to understand that each project is unique, therefore, the approaches to its implementation are individual. Standards and methodologies are not dogma, their choice is based on the requirement to create "business value", necessity, efficiency, as well as cost estimates to obtain results.

Experts identify general trends in the development of project management methodologies and standards in world practice. Now there is a convergence of seemingly significantly different classical and "agile" project management methods to maximize the benefits.

You can learn more about PMBOK , PRINCE2, and Scrum by successfully completing relevant curricula developed by educational centers and business schools.

Free Linux for work and creativity

Operating systems and applications of the Linux family are created by the world community of programmers and are freely distributed. Users can install and use, distribute and modify the software free of charge, and use it for commercial purposes.

For several decades, Linux distributions have been developed, supported and successfully used, targeted at different users and different technical capabilities of computer equipment. Distributions for beginners and home users, musicians and computer artists, cybersecurity specialists and hackers, system administrators and application developers have been created. There are lightweight distributions for legacy but working computers. There are specialized distributions that provide anonymity on the Internet, high performance, or, for example, optimized for scientific calculations. Enterprise distributions can be distributed commercially or free of charge at&t director salary.

Everyone wants to take advantage of Linux. Major IT companies create and maintain their Linux distributions, this helps them to better understand technology trends. Even Microsoft Windows 10 provides Windows Subsystem for Linux, a software compatibility layer for running Linux applications without virtualization. Note that the operating systems for iOS and Android mobile devices are also based on Linux technologies.

The Linux ecosystem is extremely diverse and therefore very resilient. It is admirable that the most complex software, which was created on a voluntary basis and distributed free of charge, is used all over the world on personal computers and servers, for the functioning of the Internet, in powerful data centers and even in supercomputers.

The complexities of administration and work in operating systems of the Linux family are easily overcome thanks to the support of the world Linux community, as well as specialized courses of the Networking Technologies Training Center.

At our Learning Center, we love Linux very much, so we teach Linux courses in a comprehensive manner. Author's Linux courses have been developed for users, administrators and network specialists. There are courses on working with application containerization and databases. These are good, methodically verified study programs containing a large amount of theoretical material and, most importantly, practical training.

Take the Linux Professional Institute certification exams to prove your Linux expert knowledge. Several levels of certification are provided. You can prove your knowledge of the basics of the Linux operating system or become a certified professional who can administer the system, design and deploy small and medium networks, and create a secure enterprise-scale IT infrastructure with the ability to virtualize and integrate Linux services. For experienced professionals, there is an opportunity to obtain a DevOps engineer certification. Linux Professional Institute certification significantly increases the chances of an IT specialist to get a high-paying job and take part in interesting projects.

Office workers in the era of massive digitalization

To become an office worker in the era of mass digitalization, you need to study for at least 15 years. But for successful work this, most likely, will not be enough. In addition to professional knowledge and skills, a modern office worker must have a clear understanding of the basic concepts of information technology. Here are some of the things that office workers should be aware of in the digital age.

Office IT infrastructure, computers, wired and wireless networks, office equipment

Office Applications

Internet, search services

Telecommunication Internet Services

Working with company websites, the basics of web design

Cloud technologies

Electronic document management

Information Security aws jobs

The office infrastructure is very easy to use, but it is complex. It is good when all office workers understand the general principles of computers, office networks, telephone communications, printing and copying equipment. This understanding simplifies interaction within the team, allows you to focus on work. In the era of mass digitalization, office workers own several electronic devices at once, so they are involved in information technology. It is important to understand that in the digital age, information technologies are rapidly developing, and something new appears every day. Therefore, it is important to be aware of new concepts and acquire new knowledge. It develops the imagination and trains the brain.

Employees in the office work with office applications. They have an intuitive interface, but they have a lot of functionality. It is useful to know how to use their capabilities, because it speeds up work and increases labor efficiency. Word processors and spreadsheets are taught in higher education, and the Networking Technologies Training Center has developed curricula on Microsoft Office products and the free office software package LibreOffice . Upon successful completion of the training, employees who regularly use office applications will learn many interesting techniques to make their daily work with electronic documents and spreadsheets easier.

The Internet in offices is provided to all office workers and is used to find information and communications. Understanding the principles of the Internet and search services helps you quickly find the information you need. And this is very useful in work, such as knowing the syntax of search queries, which helps in finding information in narrow subject areas.

Telecommunication Internet services, for example, e-mail, instant messengers, voice and video communication systems, allow you to quickly establish intra-office communication, contact partners or customers. Including with their help, you can quickly organize joint work in a team. And if many people know how to use e-mail or messengers in the era of digitalization, then organizing video calls or video conferencing requires knowledge of relevant applications and experience with them. The Networking Technologies Learning Center teaches courses on SharePoint collaboration applications , as well as external and internal communications.

The modern office worker in the era of digitalization is versatile. For example, it can do work that only web designers did just a few years ago. Publishing information on a company website is often no more difficult than typing and formatting text in Word, but knowledge of the basics of HTML markup languages ​​and describing the appearance of a CSS document can be very helpful here.

Cloud computing is changing the way enterprise IT services are delivered. Office workers get more freedom, now they can carry out their work from anywhere with a computer and Internet connection. The functionality of cloud office applications is almost similar to computer applications, but it is important to understand the specifics of working in the clouds here. Training center "Network Technologies" regularly reads a course on cloud services developed by Microsoft for office workers, administrators, IT engineers.

The work of companies is accompanied by the movement of documents. Well, if this document flow is predominantly electronic, not paper, then there is an opportunity to automate it. This will help reduce processing time and focus on work. Office employees understand that the electronic document management system implements the usual procedures for working with documents, as, for example, in "paper offices", but provides more functions and saves time. And the electronic document management system allows you to save tons of paper.

The human factor is the main reason for the disruption of the safe operation of the IT infrastructure of companies. Information security threats are often targeted specifically at office workers. It is worth using a flash drive, as it were, by chance, or following a link in an email message from an unknown address, and the company's computer system will immediately become infected with encryption viruses, and data containing commercial secrets will be compromised. Successful office workers in the era of digitalization know how to protect themselves from such mistakes, and their work and home devices from unauthorized access to data. The TC tells more about information security and modern security standards in security courses.

What is a cloud architect? A vital role for success in the cloud

What is a cloud architect?

Cloud architects are responsible for managing the cloud computing architecture in an organization, especially as cloud technologies grow increasingly complex. Cloud computing architecture encompasses everything involved with cloud computing, including the front-end platforms, servers, storage, delivery and networks required to manage cloud storage.

The cloud architect role

According to a 2018 report from RightScale, 81 percent of enterprises have a multi-cloud strategy and 38 percent of enterprises view public cloud as their top priority in 2018 — up from 29 percent in 2017. The report also found that cloud architect jobs grew in the past year, with 61 percent identifying as a cloud architect in 2018 compared to 56 percent in 2017.

Stay on budget with these 6 cloud cost management tips, learn the 5 fundamentals of effective cloud management and beware hidden cloud migration gotchas. Get the latest cloud computing insights by signing up for our newsletter. 

“The adoption of cloud computing is multidimensional and must be run like a multiyear program, not a fixed-duration project. As a result, the complexity of cloud adoption requires at least one accountable architectural leader to lead the organization through the transformation that cloud computing warrants. This is the task of a role that many IT organizations are now finding to be mandatory — the cloud architect,” according to Gartner analyst Kyle Hilgendorf’s 2016 report “Analyzing the Role and Skills of the Cloud Architect.”

To handle the complexities of cloud adoption, most organizations will want to hire a cloud architect — if they haven’t already. These IT pros can help navigate the entire organization’s cloud adoption, helping to avoid risk and ensure a smooth transition.

Cloud architect responsibilities

According to Gartner, the three main, high-level responsibilities of a cloud architect are: cloud architect job description

Leading cultural change for cloud adoption

Developing and coordinating cloud architecture

Developing a cloud strategy and coordinating the adaptation process

While those are the high-level responsibilities, day-to-day responsibilities of a cloud architect, according to Gartner, include:

Finding talent with the necessary skills

Assessing applications, software and hardware

Creating a “cloud broker team”

Establish best practices for cloud across the company

Selecting cloud providers and vetting third-party services

Oversee governance and mitigate risk

Work closely with IT security to monitor privacy and develop incident-response procedures

Managing budgets and estimating cost

Operating at scale

Store money in the bank and work files in the cloud office

Surely, everyone can tell a couple of stories about data loss due to hard drive failure. For a rare storyteller, the case ends with a full happy ending, or at least 50% happy ending. :) My story had a happy ending of 30%. This is the percentage of information that was recovered after a computer was damaged by a virus. Then he took with him more than a hundred drawings, 3 burning projects and $ 200, which they took for providing emergency assistance to the computer. After that, I became a zealous advocate of backup. And the fact that in Tucha the likelihood of losing data due to hardware breakdown is steadily approaching zero thanks to the hard drive arrays combined in RAID10 and, of course, daily and mandatory backups, made me a loyal Tucha fan forever!

What is an it tech

Tucha is like a Swiss bank. As in them money, so in Tucha data is in a "safe harbor", is not lost and is always available. Just as a financial institution has a deposit insurance system, Tucha has a backup. I can always rollback and get back deleted or missing files using my current backup.

These are the benefits of Tucha for which I love and respect her the most.

Configuring Microsoft RDP Client for Mac OS X

The key benefits of a new client are: help desk support job descriptions

Stable work in Mavericks. The old client refuses to start after upgrading on my Mac.

No error: Disconnected from the Windows computer due to a problem with the licensing protocol.

Connection setup

Note: In  addition, the user can adjust the “Resolution”, the color depth “Colors”, and also select the full screen mode “Full screen” or display in the “Scale content” window.

Install and run the RDP client.

In the main application window, click "New" to create a new connection.

In the "Edit Remote Desktops" window that opens , in the "General" tab , enter the details of access to the virtual machine. The Session and Redirection tabs are intended for configuring additional parameters of the RDP client. They are described at the end of this article.

Note:  The "Gateway" parameter should only be used if instructed by the Tucha technical support team to do so.

In the "Connection name" field , enter the connection name that will be displayed in the main application window.

In the “PC name” field , enter the domain name and port of the virtual machine, dividing them with “:” without spaces (in our case, customer.tucha.ua:9911).

In the "User name" field , enter the username, and in the "Password" field - the password for the account on the remote machine.

Close the window to save the changes. Have a nice work!

Business value of partnership. Recommendations of Tucha partners

Partnerships are an important part of our business development. At the same time, partners for us are, first of all, like-minded people, with whom it is much easier to make customers happy. Not so long ago, we wrote about the principles on which our company builds partnerships and why cooperation with Tucha is much more than just financial benefits. Now we decided to talk with partners to find out from them the answers to such important questions: Help desk support job descriptions

What is a partnership for you? What is the place of partnership in business development? Who are your partners?

What do you pay attention to when choosing partners and what do you think is the most important thing in a partnership? What principles of cooperation with partners are you guided by?

What do you yourself never allow in a partnership and what do you consider unacceptable in relations with partners?

Tell us how you became a Tucha partner. What do you value in cooperation with us the most? 

The slogan of our affiliate program is “Recommend with confidence”. How confident are you in recommending Tucha to your clients? Does cooperation with us increase the loyalty of your customers, does it make them happier?

Zhigalkin

Sergey Zhigalkin, managing partner of Cursor

On the importance of partnership.

Partnership is always about reliability. For us, partners are those companies and people from related fields in which we are 100% sure and which we are always ready to recommend as reliable service providers. 

Our partners are, of course, Tucha, also the Bitrix24 dealer company, the Ukrnames domain name registrar, the Unisender e-mail newsletter service and the Publica SMM agency.

On the principles of choice.

As mentioned earlier, this is, first of all, reliability. We also consider experience in the service market and the ability to satisfy the needs of the most demanding customers to be important qualities.

About inadmissible in partnership.

If we transfer a valuable client that requires a special approach, we always explain the specifics of such cooperation. And we also expect that the partner will listen to us and will not allow a situation when the service level is below the proper level.

About partnership with Tucha. 

We worked on one of the projects that is hosted on Tucha servers. Before that, we also repeatedly encountered sites hosted in Tucha's clouds, but this was the first interaction experience when working on a large project using the company's services and technical support. We were pleasantly surprised and satisfied with the result of this cooperation. After that, little by little communication began with the partner department, which turned into a reliable partnership.

About Tucha's recommendation to his clients.

For both cloud hosting and other tasks, we recommend Tucha to our clients 100%. As a hosting provider, you are # 1 on our list.

As for whether cooperation with Tucha increases the loyalty of our customers, we think that it is.

IP lease: which type of address to choose?

What does a postman need to deliver a letter? The main thing is to know the recipient's address. Like a person, every host on the Internet also has a kind of registration - an IP address, which helps to deliver data packets strictly to the address. Of course, it is much easier for a car to acquire its own "housing", prices are clearly more affordable. :) Nevertheless, the difficulties of choosing are still present, not every user knows what type of IP he needs. We offer our clients three options: IP from the main pool of Tucha addresses, addresses with Ukrainian and foreign geolocation. It's easy for the uninitiated to get confused, so let's figure out how our IP addresses differ from each other.

IP from the main pool of Tucha addresses

Some services define addresses from our pool as German, because they track the traffic route. But still, most services determine the address using the Whois database, and there the geolocation is spelled out in black and white - Ukraine. Ukrainian Internet providers define traffic to such an IP address as foreign, since they actually transmit it through their foreign channels.

If you are going to solve standard tasks (binding a site to a server or connecting to a remote desktop), the IP from our pool will be enough for you. By the way, from such an address it is forbidden to show any activity that can be regarded as suspicious: spam, DDoS attacks, or a botnet. Although, I'm sure you weren't going to supporter jobs.

IP with Ukrainian geolocation

In addition to Ukrainian geolocation, with this IP all traffic will be defined as Ukrainian. This solution will be useful if your Internet provider provides a low connection speed for foreign traffic, or there is no such possibility at all.

Issue price: 5 euros / month.

IP with foreign geolocation (Europe)

Such addresses are issued from a foreign pool and can be identified with any geolocation that you choose. For the organization of IP with foreign geolocation, we use the services of various providers from around the world, therefore the following addresses:

are not assigned to us;

can be identified only by the owner himself - the client;

can be changed at the first request of the client, and it's very simple.

Total Recall: Most Helpful Articles of 2018

New services, solutions and additional services

Balanced configuration cloud servers in Ukraine. If it is not a matter of principle for you to locate a data center outside Ukraine, the TuchaBit service is especially for you. The advantages of the new service are a licensed Windows OS and a favorable price. What other features does the service have and how to become a user of it - read on if you suddenly missed it.

Service for synchronizing, storing and sharing files. A guide article to the world of TuchaSync cloud storage. The capabilities and functions of the service, reliability and security factors - we have collected all the detailed information about the TuchaSync file hosting service in one article. Don't lose the opportunity to conveniently store and share files in one place!

Anonymity on demand. Now the service "Anonymity on Demand" is available in our services . With its help, you can anonymously visit sites and work with applications that use the TCP protocol. We talked about how the service works and honestly shared the pros and cons.

 Useful tools 

Computer tech support service

Enhanced data security. Reliability of data storage in the clouds is one of the priorities in our work. New templates with disk encryption enabled for Windows Server 2008 R2, 2012 R2, and 2016 will help provide even greater security. Templates contain a fully BitLocker-encrypted disk image, and the encryption keys are only with you. In this article, we discussed how encryption patterns work and how to use them correctly .

Snapshot . Another important benefit of Tucha services is the ability to create snapshots of the system. How exactly Snapshot is done, what is the difference between snapshots and backups - in our article .

How to manage clouds from your phone. In early autumn, we launched TuchaClient, a mobile application for managing servers. You can find out the capabilities of the application and see how to work with it in our publication . If you are not using Tucha's app yet, now is the time to install it .

RainLoop is a new web interface for working with email . Now TuchaHosting users can use not only the good old RoundCube, but also a more modern application called RainLoop to work with e-mail in the browser. Read how to set up a new web interface on your device.

DDoS attack on RDP services: recognize and fight. Successful experience from Tucha

How it all started

It all started on the morning of October 31, on the last day of the month, when many desperately need to have time to resolve urgent and important issues.

One of the partners, who keeps several virtual machines of the clients he serves in our cloud, reported that from 9:10 to 9:20 am several Windows servers operating at our Ukrainian site did not accept connections with the remote access service , users could not access their desktops, but after a few minutes the problem seemed to be resolved by itself.

We raised the statistics of the communication channels, but we did not find any traffic surges or dips. We looked at the statistics of the load on computing resources - no anomalies. What was it?

Then another partner, who places another hundred servers in our cloud, reported the same problems that some of their clients noted, and it turned out that, in general, the servers are available (they regularly respond to ping tests and other requests), but the service remote access on these servers then accepts new connections, then rejects them, while we were talking about servers at different sites, traffic to which comes from different data transmission channels.

A packet with a request to establish a connection arrives at the server: computer support jobs

xx:xx:xx.xxxxxx IP xxx.xxx.xxx.xxx.58355 > 192.168.xxx.xxx.3389: Flags [S], seq 467744439, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0

The server receives this packet, but the connection is rejected:

xx:xx:xx.xxxxxx IP 192.168.xxx.xxx.3389 > xxx.xxx.xxx.xxx.58355: Flags [R.], seq 0, ack 467744440, win 0, length 0

This means that the problem is clearly not caused by some kind of infrastructure malfunction, but by something else. Are all users having problems licensing Remote Desktop? Maybe some kind of malware has managed to penetrate their systems, but today it is activated, as it was with XData and Petya a couple of years ago ?

While we were sorting it out, we received similar requests from several more clients and partners.

What happens on these machines?

The event logs are full of messages about trying to guess the password:

DDoS-ataka na RDP-sluzhby raspoznat i poborot Uspeshnyj opyt ot Tucha_2

Typically, such attempts are logged on all servers where the standard port (3389) is used for the remote access service and access from anywhere is allowed. The Internet is full of bots that constantly scan all available connection points and try to guess the password (for this very reason, we strongly recommend using complex passwords instead of "123"). However, the intensity of these attempts that day was too high.

Recommend that customers devote a lot of time to changing settings for a huge number of end users in order to switch to a different port? Not a good idea, customers won't be happy. Recommend to only allow VPN access? In a hurry and panic, raising IPSec connections, for whom they are not raised, perhaps, such happiness does not smile at clients either. Although, I must say, this is in any case a godly business, we always recommend hiding the server in a private network and are ready to help with the settings, and for those who like to figure it out on their own, we share instructions for setting up IPSec / L2TP in our cloud in site-to-site mode or road-warrior, and if anyone wants to raise a VPN service on their own Windows server, we are always ready to share tips on how to raise standard RAS or OpenVPN . But, no matter how cool we were, this was not the best time to conduct educational work among clients, since it was necessary to fix the problem as quickly as possible with minimal stress for users.

DDoS-ataka na RDP-sluzhby raspoznat i poborot Uspeshnyj opyt ot Tucha_3

The solution that we implemented was as follows. We have adjusted the analysis of passing traffic in such a way as to track all attempts to establish a TCP connection to port 3389 and select addresses from it that try to establish connections with more than 16 different servers in our network for 150 seconds - these are the sources of the attack ( of course, if one of the clients or partners has a real need to establish connections with so many servers from the same source, you can always add such sources to the “white list.” Moreover, if in one class C network for these 150 seconds, more than 32 addresses are detected, it makes sense to block the entire network. The blocking is set for 3 days, and if during this time no attacks were made from this source, this source is automatically removed from the "black list".here .

We are ready to share the source code of such a system , there is nothing super complicated in it, and at the same time it can be adapted and used not only to protect against such an attack, but also to detect and block any attempts to scan the network: follow this link.

In addition, we made some changes to the settings of the monitoring system, which now more closely monitors the reaction of the control group of virtual servers in our cloud to an attempt to establish an RDP connection: if the reaction did not follow within a second, this is a reason to pay attention.

The solution turned out to be quite effective: there are no more complaints from both customers and partners, and from the monitoring system. New addresses and entire networks are regularly blacklisted, which indicates that the attack continues, but no longer affects the work of our clients.

There is safety in numbers

Today we learned that other operators have faced a similar problem. Someone still thinks that it was Microsoft that made some changes to the remote access service code (if you remember, we suspected the same on the first day, but we rejected this version very soon) and promises to do everything possible to find a solution rather.

Someone simply ignores the problem and advises clients to defend themselves on their own (change the connection port, hide the server in a private network, and so on).

DDoS-ataka na RDP-sluzhby raspoznat i poborot Uspeshnyj opyt ot Tucha_4

And on the very first day, we not only solved this problem, but also created some groundwork for a more global threat detection system that we plan to develop.

IP telephony for business - advantages and opportunities

Friends, we are always happy to share useful tools that will help your business work more efficiently. Among them, for example, complex telephony. So, together with Stream Telecom, which provides a virtual PBX service, we have prepared an article on the possibilities of IP telephony for business and the benefits of its placement in the clouds.

Modern business must have an exceptional relationship with customers and partners. Outdated telephony technologies do not help in this matter. If you keep people waiting or listening to annoying busy beeps, your connection may be outdated and of poor quality. The modern capabilities of IP telephony are suitable for companies of any level. You can get the benefits of uninterrupted, high-quality and cheap communication that takes into account all the peculiarities of your business.

What are the benefits of cloud IP telephony?

Cloud IP telephony is the placement of a service on a virtual server on which all calls are processed. Previously, companies had to buy automatic telephone exchanges, connect them to landline networks and pay big money for each call and fax. Today everything has changed. Now you choose the operators yourself and can optimize your tariffs, get a functional and modern telephone line, and you can also refuse to purchase expensive stations.

Benefits of cloud telephony for business: customer support specialist

Communication from any device - smartphones, tablets, computers, IP phones.

Cost optimization. You can use the services of all operators, the virtual PBX itself will choose the best tariffs.

Multichannel numbers. One number can serve several lines at once, there is no need to buy dozens of SIM-cards.

Free calls to the internal network. Your employees can communicate with each other using short numbers.

Integration with CRM. Call statistics, generation of automatic reports, full control and optimization of managers' work.

High-quality communication. You get a fast and convenient telephone service that is optimized for your business.

Taking into account such advantages, you can significantly increase the number of successful calls, implement mailings for clients, create an IVR menu to automatically inform clients. These are just the most popular IP telephony features that guarantee flexible and high-quality communication with partners, customers and employees. Opportunities will be customized for each company.

How do you know if you need cloud telephony?

In the modern world, you need IP telephony in any case when communicating with clients and partners using calls. A virtual PBX from our partner Stream Telecom is a convenient and high-quality connection for your business. Cloud telephony saves you money on IT infrastructure and allows your entire team or individuals to work from anywhere. Even small companies with a small team will benefit from properly configured cloud telephony. And this, in turn, will contribute to business development and simplify the company's business processes.

Implement IP telephony and other modern useful IT tools and host them in the clouds from Tucha to keep your business running smoothly and smoothly.

How long to wait for a response

If you call on the phone and within the first few seconds the connection with the technical support employee did not happen, this does not mean that no one is at home. Our clients do not have to wait for a connection longer than 1 minute, because we make sure that a sufficient number of specialists are on duty at any time to provide assistance. Just wait a few seconds and do not drop the connection, and we will definitely answer.

If you wrote a message, but no one answered within a minute, please don't worry. The statistics that we have at our disposal shows that the first response to a message sent to the technical support service, we give within 13 minutes after its receipt. However, sometimes it happens that 5 minutes is enough for us to complete the task in full, and sometimes it takes some time to get into all the details, but we definitely won't have to wait longer than the 60 minutes guaranteed by us. If there is a need to promptly clarify the status of a particular application - do not hesitate to call us, we will be happy to provide comprehensive information on the progress of work and approximate deadlines.

Why it is important

Certainty reduces anxiety, and also allows you to predict and plan further events and actions.

"Who are you, Mr. X?"

Of course, our processing system contains the contact details of all customers, so we can almost always immediately identify the contract number in question by e-mail. But there are situations in which it is not so easy to guess which of our services we are talking about. This happens when:

the same address is registered as the address of the contact person for several contracts or if several different services operate within the same contract, for example, several different virtual servers (and guess which server we are talking about);

if the address from which the request was received is not registered at all as the address of the contact person (it happens that a person has many different addresses, the contract is registered for one, but the person writes from another).

To avoid confusion, additional questions and, as a result, all the same loss of precious time, please use the addresses that are registered in contracts as addresses of contact persons when sending an e-mail. And if you feel that it will not be superfluous to clarify which of the services we are talking about, help us identify it, for example, by specifying the IP address or domain name of the server or website in question.

The contract number, company name, EDRPOU code, director's surname, mother's maiden name, and other information can also be useful, but an IP address or domain name will provide much better pointing accuracy.

If you are not an authorized contact at all, no problem. We will still be happy to provide advice, fix a problem if it is of a general nature, or request permission from your contact person to make changes. You cannot make any changes upon request from an address that is not listed in the contact list. We suspect that you yourself would not want any changes to the configuration of your services to be made at the request of a person whom you have not authorized.

Why is it important

In some cases, this will allow us to quickly and more accurately identify the service in question, and, as a result, eliminate ambiguity. And this, in turn, will allow both to save the client's time and to exclude making mistakes.

Rights and powers are the cornerstone issue of information security. And it is important not only whether the user who applied to us is endowed with the appropriate powers, but also whether we have the appropriate rights.

I must say that we have no right to intrude on the data that belongs to the client. At the same time, in order to ensure a reliable level of confidentiality, for most of the services we provide, we also do not have the technical ability to gain access to confidential information. As soon as we transfer the passwords for the accounts, we immediately delete these passwords from our media. And the user, if he took our urgent recommendations into account, independently changes these passwords in order to eliminate the likelihood of their leakage. This means that even if we want to, we will no longer be able to log into the user's operating system and see what is happening inside the black box.

We ask you to keep this aspect in mind. Of course, if the situation is critical, we will be happy to help you figure it out, even if the operation of the software on the client's server is outside our responsibility, but without having access details, we will not be able to do this even if we wanted to.

So that we not only have the opportunity to always log into the system with administrative rights, but also regularly perform routine maintenance and constantly monitor the most significant indicators to prevent the occurrence of certain incidents, we recommend that you pay attention to the server administration service . It significantly expands our powers and responsibilities.

Why is it important service desk analyst job description

Having the rights to interfere with the operation of the software gives us the opportunity to be responsible not only for the operation of the virtual machine, but also for the functioning of the system software inside it.

Provide as much information as possible

The more information we receive about the manifestation of the problem, the less clarifying questions we will ask and, as a result, we will be able to help faster.

We strive to understand each of the clients at a glance, accumulating and organizing information about each request, but sometimes the message “I've got it all broken” is not enough to guess what it is about.

The problem message may contain the following information:

information about exactly when the phenomenon was observed ("the clock on the tower struck noon"),

a description of the actions to be performed (“I went to the door, inserted the key into the lock and tried to turn it counterclockwise”),

a description of the expected result (“the key should have turned, and the door should have opened”),

description of the result obtained ("the key did not turn, I could not open the door"),

additional information (“this already happened once, then I pulled out the key, spat three times over my left shoulder, whistled into the keyhole, tried again, the door opened, but this time it did not help”).

The more data we get, the more complete the picture we will be able to compose, as a result - the less clarifications will be needed. Bug reports, screenshots, any third-party comments, shells on the floor and butts in an ashtray - any piece of information will be helpful as it will allow us to better understand what exactly happened and why.

If possible, please give us the opportunity to independently test the entire sequence of actions. It may well be that we will have to do this several times in order to carefully examine all the details of what is happening. If this requires logging into a system that we do not have access to (for example, you need to get into the control panel of the website or on the desktop of a specific user) - please provide us with the access details. If some of the procedures that will need to be performed to reproduce the situation are not completely obvious to a person who is not a specialist at your level in a particular area, we would also be very grateful for a short cheat sheet.

Why is it important

A detailed description will reduce the number of clarifying questions from our side and, as a result, will speed up the solution of the problem.

Keep Calm and everything will be fine

When something unexpected, incomprehensible, and possibly even unpleasant happens, sometimes the first emotional reaction is the desire to look for the culprit instead of solutions. And if this is something not working in the cloud, then it seems logical to assume that the provider has stratified. Nevertheless, statistics show that most often this is not the case, and the vast majority of problems occur inside user systems, to which we do not even have access. Of course, wherever there is pain, we are always ready to eliminate it or help to sort it out and we will do it in any, even the most extreme, situation. But nevertheless, an unbiased and polite treatment has a chance to be processed more efficiently and efficiently, as it leaves the mind of the engineer on duty sober and the heart hot.

Believe me, we are already very much interested in solving all incoming requests, we always work conscientiously and try to solve each problem as quickly and as efficiently as possible. Do not rush us, trust us and everyone will be happy.

Why is it important

A kind word is pleasant to the cat, but we are still cats. We sincerely want you to be good, comfortable and productive with us, you worked happily ever after and regularly recommended us to those you wish well. To work this way helps the inner need to do everything in this life in the best possible way and regular positive feedback. In general, treat us with care, and we will bring you even more benefit.

Life hacks for working with technical support from our technical director

Something like a preface

My name is Vladimir Melnik, and I have been a drug addict for 13 years in charge of the technical aspects of our company. Being not only a writer, but also to some extent a reader, that is, already a relatively experienced user of various systems that ensure the interaction of people and algorithms designed by people, I drew attention to the fact that, no matter how well thought out this or that system, the effectiveness of its work largely depends on the user: even the most advanced model of a fashionable smartphone will do the wrong thing if you press the wrong buttons.

The technical support service that assists users is also a system that works in accordance with certain algorithms. The actions of this system are quite predictable, and the goals are quite obvious. The main tasks of such a system are to provide the user with comprehensive support and to make sure that the user confidently recommends the company's services to everyone who may be interested in them.

And, if most mature systems, as a rule, are well documented, then it will not be superfluous to provide recommendations for using the most important system - the one that helps to interact with everyone else. By using these guidelines, the client will get as much benefit as possible in the shortest possible time.

Even without these recommendations, each client of our company always receives qualified assistance in the shortest possible time. This is confirmed by the invaluable feedback for us about our work . The secret is that during our work we have not only developed techniques that allow the user to provide the most comfortable and effective interaction with all our services, but we continue to consider this the most important principle of our work. Just like in the early days of our company. At the same time, we do not stop there and create more and more comfortable working conditions for our clients. The publication and distribution of these notes serves the same purpose.

Contact technical support

No matter how trite it may sound, the most important thing is that if something goes wrong, it is better to immediately contact the specialists who will be happy to help.

Of course, if you sit on the bank of the river for long enough, sooner or later you will see the corpse of your enemy floating along it, but it is better not to wait for this very enemy to sneak up behind him with a weighty stone in his bosom, and there is no point in wasting precious time.

Even if a problem arose, and then somehow magically "everything went away", you should not relax. If no one else found out about the problem that you encountered and did not take measures to prevent its recurrence, sooner or later it may repeat itself.

Of course, our monitoring system collects and analyzes thousands of various indicators around the clock and constantly performs thousands of checks on the operation of all infrastructure nodes. But total control over the work of each user is still impossible, since this is contrary to the principles of privacy. Therefore, in most cases, we will only be able to find out about the problem if you report it to us yourself.

Why is it important

This will reduce wasted customer time.

Having learned about the problem, we can quickly eliminate it, as well as reduce, or even eliminate the likelihood of its recurrence.

If the source of the problem lies outside our area of ​​responsibility, we will be able, at least, to suggest who exactly will be able to help in its elimination and, as far as possible, contribute to this.

Where and how to apply

The faster the appeal falls into the hands that will process it, the earlier work on the task will begin, and accordingly, the faster we will present the result. Of course, regardless of which of the representatives of our company you contact, sooner or later it will get to the address, but is it worth the wait?

The technical support service works 24/7, without holidays, weekends, lunch breaks, indigestion and nuclear war, so it is best to contact us right away. Of course, if it somehow happened that you became aware of the personal contact details of one of the employees, you can, of course, write at night in ICQ to the courier who came to your office with acts of work performed and exchanged contacts with the office manager. But it should be borne in mind that information about your appeal may arrive at the technical support service with some delay.

To avoid this, please use only guaranteed communication channels. There are two channels through which you can always get in touch with us:

If the appeal is of a consulting nature, we will also be happy to receive a message and a call, it all depends on how it is more convenient for you to present the essence of the issue. Of course, a clearly formulated question already contains a significant part of the answer, and therefore in this case it is better to rely on which of the formulations you see as the most effective.

If the essence of the appeal comes down to the need to make certain changes, we will nevertheless show some caution and ask you to describe these changes in a message and send it to us by e-mail. Without written confirmation from an authorized contact person, we simply cannot enter them.

Why is it important what does an it analyst do

By eliminating unnecessary steps and links in the chain of interaction, we will be able to process the request as soon as possible.

Bitrix24 box in the cloud: how to transfer and how much it costs

The boxed version of Bitrix24 is a popular product that helps many companies to efficiently organize their business. In order for the work with the Bitrix24 box to be comfortable, and the data accumulated during the work to be safe and at the same time always at hand, the choice of hosting for the box should be given special attention.

We propose to place the Bitrix24 box on Tucha virtual servers. There are several reasons to choose us. Firstly, we really provide excellent hosting, and we have eaten a lot of dogs on Bitrix24 hosting over the years. Secondly, Tucha is the recommended hosting partner of Bitrix . There are third, fourth, and so on. This is what our new article is about, as well as how to estimate the cost of solving such a problem.

What is Bitrix24 box

First, a few words about the software product itself. Bitrix24 in a box is a whole complex of tools with wide functionality that helps to optimize the company's work. 

It includes the following main components: Technical support engineer job description

CRM.

HD video calls.

Online office.

Tasks and projects.

Contact center.

Websites.

The shops.

The main feature of the Bitrix24 box is that for its hosting you need your own or rented server from the provider. We recommend choosing a rented virtual server for a number of reasons:

the cloud does not require startup investments;

data is safely stored far outside the office, or even the country;

you can work in the cloud from any corner of the world 24 × 7;

all resources are easily and easily scalable. 

We wrote in more detail about the advantages of placing a Bitrix24 box in the cloud in a special article.

How much does it cost to place a Bitrix24 box in the cloud

It is easy to estimate the cost of hosting on Tucha virtual servers. To do this, you need to answer two simple questions:

1. Where is it preferable to store data - in Ukraine or abroad? 

It depends on which service the virtual machine will be deployed on - TuchaFlex + or TuchaBit .  

TuchaFlex + are flexible virtual servers with data centers abroad (mainly in Germany) and guaranteed service availability of 99.9%. The service allows you to select any required configuration of resources: the amount of RAM, the size of the hard disk, the number of processors and IP addresses. TuchaFlex + is scalable by adding any amount of resources.

If the placement of data outside of Ukraine is not critical, we suggest paying attention to the TuchaBit service. The service capacities are located at sites in Ukraine, and the guaranteed availability of services is 99.0%. Virtual servers consist of blocks (units) of balanced configurations. One unit is 1 GB of RAM and 25 GB of hard disk memory. TuchaBit is scaled up by adding the required number of virtual units.

2. What edition of the Bitrix24 box is planned to be placed on the server? 

The answer will help you determine the appropriate virtual machine configuration. The number of resources that we offer for each separate edition of the Bitrix24 box correspond to the configurations recommended by the software product developer.

Bitrix_RU

Now for a concrete example

Let's consider the cost calculations using the example of the most popular Bitrix24 edition - "CRM" . For its hosting, we most often offer a virtual machine at a cost of 20 euros / month if you place the box on Ukrainian sites, and 30.50 euros / month if you choose to be hosted abroad. Hereinafter, prices are given including VAT (for those who need it). Payment for services is made in UAH at the NBU rate for the first day of the current month.

Now more about what is included in the cost of both solutions.

Tucha Bit :

TuchaBit servers are made up of units. 1 unit is 1 GB of RAM and 25 GB of hard disk memory. Rent of one such unit is 9 euros / month. For effective work of the "CRM" edition based on TuchaBit, we offer a server with two such units. Add 1 IP address, the cost of which is 2 euros. And we get a virtual machine for 20 euros / month with the following configuration:

1 CPU;

2 GB RAM;

50 GB SSD;

1 IP address.

The rental price of the machine already includes a Windows Server Datacenter license and two full snapshots of each disk - snapshots. Read more about what these images are for in a separate article . 

Tucha Flex + :

Now let's see what the cost of a virtual machine based on TuchaFlex + for hosting the "CRM" edition consists of. The machine for 30.50 € / month consists of the following components:

1 CPU = 2.50 € / month;

2 GB RAM = 20 euros / month;

30 GB SSD = 6 euros / month;

1 IP address = 2 euros / month.

This price already includes two full disk snapshots. 

The configurations developed by us for each edition of the Bitrix24 box are the starting ones. Most often, these resources are sufficient for comfortable work with the software product. However, if more resources are needed in the future, they can be easily added to the virtual server.

Both at the start and in the process of cooperation, we analyze the client's task and offer the best solution in a specific situation for any edition of the boxed version of Bitrix24. 

Overview of the main programs for creating backups for Windows

Creating a backup (backup, backup) is the easiest and most reliable way to protect important data from all sorts of troubles. Whether it is the influence of a virus, equipment failure, accidental deletion, etc. A timely created backup can save a lot of nerves, efforts and resources. Even if only family photos or a collection of your favorite music are stored on your computer, you don't want to lose them at all. And what can we say about business information, the loss of which can turn into a real disaster.

To simplify the collection and processing of backups, you can use tools specially created for this. Among other things, they make it possible to create backups automatically on a schedule, because a person may simply forget to start creating a backup at the most inopportune moment.

For the Windows operating system, there are many programs for creating backups and restoring data from them. Each has its own characteristics, disadvantages and advantages. In this review, we will consider several of the most mature, in our opinion, software products and evaluate them according to the main criteria - paid / free, functionality and usability.

Cobian Backup

A very common program for creating backup copies of data and restoring them from backups.

Windows-Portable-Applications-Portable-Cobian-Backup_1

Cost : Free

Languages : support for 15 languages, including Ukrainian and Russian

Operating system support : Windows NT / 2000/2003 / XP / Vista / 7/8 / 8.1 / 10

Interface : as simple as possible, intuitive. Suitable for beginners. The translation is complete and correct. There are many settings, you can change most of the parameters of the program.

Key features : IT analyst job description

creating backups manually and on a schedule (one-time, on certain days of the week or month, by timer);

FTP protocol support - uploading ready-made backups or individual files to a remote FTP server, including over a secure SSL protocol and through a proxy;

backups can be created both full and incremental (only for changed files);

backups can be encrypted using the AES algorithm, keys with a length of 128, 192 and 256 bits are supported;

compression of copied data is supported to reduce the size of archives;

there is support for remote control of the program via a local network or via the Internet;

command line supported;

settings can be password protected;

it is possible to close / run third-party programs when you start or finish creating a backup;

data recovery from a copy is carried out in one click, it is possible to customize the process - restore all files, individual folders, only changed ones, etc.

Disadvantages:

many cloud storages (Google Drive, Dropbox, Yandex Disc, etc.) are not supported, except for those with FTP access;

no cloning / sector-by-sector copying of disks;

no versions for other OS.

Conclusions : Cobian Backup is definitely our favorite, most often we recommend this program to our customers. Thanks to its simple interface, free and wide functionality, this utility is an excellent choice for both beginners and advanced users. For a more detailed introduction to the Cobian Backup tool, read our advanced overview with step-by-step instructions.

Why do you need a support service that doesn't support?

Companies are announcing artificial intelligence in their automation, talking about how they implemented a couple of cool customer service systems, but when we call tech support, we continue to suffer and listen to the suffering voices of operators with long-suffering scripts. Moreover, you probably noticed that we, IT specialists, perceive and evaluate the work of numerous customer support services of service centers, IT outsourcers, car services, call services of telecom operators much more sharply, including the support of the company in which we work or which we manage. 

So what's up? Why is a call to technical support / technical support almost always a reason for a heavy sigh and some kind of doomed necessity? We know a thing or two about the reasons. Tech support for dreams from our childhood

Support issues you probably have

Incompetent employees it support job description

At first glance, incompetent employees are the main reason for problems with technical support. It is unacceptable when you are waiting for a solution to your problem or at least a correct redirection to a specialist, but you get a complete disregard of the essence of the issue and a little advertising in addition. However, do not rush to blame the support staff - as a rule, the root of the problem lies much deeper.

The selection of unqualified personnel is the first mistake of companies. It is clear that unless you are a DevOps outsourcer with decent offers to job seekers, highly qualified system administrators and engineers will not go to you. But recruiting "1st and 2nd year students in their free time" is fraught. This is a lottery: you can take your future support manager or even the main developer, or you can take a student who doesn't even care about studying - all the time is free. As a rule, such guys do not have developed communication skills, there is no desire for learning (and a support is always training and the ability to explain to another, which is possible only when you yourself confidently understand this). Therefore, when selecting candidates, you need to be guided not by the principle of the employee's cheapness or his desire to come to you,

Goofy employees are a huge problem for many companies, regardless of size or industry. Speaking of stupid, we mean the illiterate, unskilled and, most importantly, who do not want to change something in their qualifications and learn. So why do companies run into these guys over and over again? It's simple: quite often the support staff recruits not those who know how and knows, but those who are cheaper, "and then we will teach." This is a critical mistake that leads to staff turnover (“not mine,” “oh, how evil you are,” “study is more important”), mistakes in work (“I haven’t learned yet,” “Well, I still have to study, I also owe that kind of money to harm you! ”), to useless attempts to teach (“ what the hell, talking to clients, I didn’t graduate from management for this, I want to be a leader ”).

Obvious and difficult to apply advice, but try to work with the staff early in the hiring phase. Don't torment them with questions about who they see themselves in five years, talk to the point: 

ask them what quality customer service means to them; 

Suggest tricky scenarios for conversations with customers and ask how they will react;

ask them what they think your business is doing and what customers want.