Month: January 2022

VPLS Discovers Fortinet Vulnerability CVE-2021-41019

VPLS Discovers Fortinet Vulnerability CVE-2021-41019

Published

Written by

Filed under

VPLS has discovered and responsibly disclosed a new Fortinet FortiGate firewall vulnerability which has been assigned the Common Vulnerabilities and Exposures (CVE) number CVE-2021-41019.

At a technical level, this vulnerability can be summarized as an improper validation of LDAP server certificates in the web GUI of FortiOS, the operating system that the FortiGate firewalls run, which could lead to a malicious actor obtaining sensitive information, such as user credentials. VPLS is acknowledged with the discovery and responsible disclosure in Fortinet’s official advisory FG-IR-21-074, which was released on November 2nd, 2021.

Impact, Risk, and Recommendations

This vulnerability affects all FortiGates running 7.0.1 and below, 6.4.6 and below, or 6.2.9 and below. With that said, Fortinet has scored this vulnerability a 3.5 out of 10 using the Common Vulnerability Scoring System Version 3.1 (CVSSv3.1), which results in a Severity rating of Low.

Even with a Severity rating of Low, this vulnerability VPLS discovered can be resolved with a quick fix – a firmware upgrade – so we recommend upgrading the firmware to a version in which this vulnerability has been fixed, which is 7.0.2 or above, 6.4.7 or above, or 6.2.10 or above.

With that said, we urge you to also review CVE-2019-5591 and its associated Fortinet PSIRT Advisory FG-IR-19-037. This vulnerability made the list of Top Exploited Vulnerabilities in 2021 and is closely related to the vulnerability we discovered. The difference with CVE-2019-5591 is that upgrading the firmware alone does not resolve it! A configuration change on the firewall must also be performed, and this critical step is one many organizations overlook.

A Testament to Our Commitment to Security

As a Fortinet Expert Partner and MSSP, we provide many Managed Security Services based around Fortinet products, but so do many other MSPs/MSSPs. The difference with VPLS is that we are providing security services powered by a team with a deep commitment to securing our customers’ organizations, and VPLS discovering and responsibly disclosing a brand-new vulnerability related to the products that power our services is a testament to that commitment and dedication.

If you’d like to learn more about mitigating this vulnerability, or you want to talk about the security services we offer, including managed services and professional services, then please reach out to us. We are always here to help.

John Headley

Read More from this Author

VDI graphic

What is VDI (Virtual Desktop Infrastructure)?

What is VDI (Virtual Desktop Infrastructure)?

Published

Written by

Filed under

Businesses that implement Bring Your Own Device (BYOD) policies require a service that grants access to work desktops through personal computers, tablets, and smartphones. Virtual desktop infrastructure, or VDI, is the ideal solution to this predicament by merging the benefits of cloud hosting with the management and security features IT administrators demand. Gain a better understanding of VDI and how it can help your business from VPLS.

Understanding VDI

With VDI, companies host multiple desktop environments on a central server. When remote employees request desktops, VDI delivers desktops to the endpoint devices of remote employees via virtual machines. This process grants workers secure access to applications and systems from any workstation, driving productivity and providing a reliable user experience. This service also prevents organizations from spending extra costs on workstation updates.

How Does VDI Function?

Virtual Desktop Infrastructure features two central pieces that inform how it operates — the hypervisor and the connection broker. A hypervisor divides the physical server into the virtual machines that host virtual desktops, enabling workers to access business data remotely. A connection broker is the software that connects users on endpoint devices to the server.

Companies can take either a persistent or non-persistent approach when deploying VDI. Persistent VDI saves data changes, requiring users to log into the same desktop image each time. This method is best for employees that handle complicated digital workflows and use virtual desktops the same way they would a physical work computer.

Non-persistent VDI does not save changes, making it most effective for task workers who only need one-time access to their desktops. Additionally, the non-persistent strategy mitigates expenses and simplifies data center management efforts.

Who Uses VDI?

VDI is a versatile service utilized across industries, but several organizations are particularly well-suited for virtual desktops. Businesses with the following users can reap the benefits of this service:

Remote Employees

Using VDI in remote work environments allows employees to retrieve virtual desktops from numerous endpoint devices. It enables workers to utilize one network from separate locations without sacrificing central access or application management. Companies that use persistent VDI can personalize desktops to complement the needs of each user and keep data secure in core centers and software systems.

Contract Workers

Contract employees pose unique challenges for businesses. They must access some critical information to complete temporary tasks but may expose the company to additional security risks. VDI solves this dilemma by permitting contract workers to use resources related to their duties without granting full access to corporate data. This feature heightens security and prevents companies from spending more money on new endpoint devices for these employees.

Call Centers

One of the best uses for non-persistent VDI is a call center because employees only require standard desktops to conduct daily activities. Call centers with the necessary software installed can conveniently patch and deploy non-persistent virtual desktops onsite without incurring high overhead expenses.

Advantages of Choosing VDI

While implementing a virtual desktop infrastructure does not make sense for every company, it can prove valuable for those that deploy a persistent or non-persistent model. For businesses that incorporate virtual desktops, benefits typically include:

  • Centralized management: VDI allows businesses to conduct numerous tasks from a single server, from modifying configurations to updating software. This centralized approach makes virtual desktops easier to manage than computers running on local operating systems.
  • Enhanced security: With VDI, all corporate data resides on servers and not endpoint devices. Therefore, the information stays protected even if a remote work computer or tablet is stolen.
  • Minimized expenses: Organizations that implement virtual desktops seldom purchase new devices for remote employees because it processes information on the server. Users can successfully access virtual desktops from thin clients and older computers, eliminating the need for additional capital.
  • Remote usage: Virtual desktops allow employees to conduct work duties from any device or location. Additionally, VDI provides on-demand access to applications and systems. This setup is highly conducive to businesses with a remote workforce.

Discover VDI Solutions from VPLS

If your business is in need of VDI, turn to VPLS for innovative solutions. We offer exceptional cloud-hosted VDI, or Desktop-as-a-Service (DaaS), that helps remote workforces achieve better productivity, as well as on-premise VDI that assists in-house teams with graphics and memory-heavy applications.

For more than 20 years, VPLS has provided customized IT solutions to global organizations. With 18 data centers across the United States, Europe, and Asia and 68,000 servers under management, we can serve businesses of all sizes and industries.

Contact us today to learn more about our VDI solutions and how they can help your business.

Read More from this Author

VPLS Partners with Polargy to Increase Power Density for Post-Production Client’s Colocation Environment

VPLS Partners with Polargy to Increase Power Density for Post-Production Client’s Colocation Environment

The partnership significantly increases the power density of the client’s colocation footprint

Published

Written by

Filed under

We’re excited to announce that, through our partnership with Polargy, we have successfully completed the installation of a new cold aisle containment system to support a client’s high-density computing needs.

During the past year, VPLS’s post-production client experienced significant growth, but their colocation infrastructure was not seamlessly scaling with them.  The client needed to consolidate their infrastructure to support future expansions while reducing costs.

As a solution, VPLS built a colocation footprint specifically using containment techniques rather than with traditional power configurations. This design allowed the client to engage in high-density computing in a cost-effective and energy efficient manner.

“We’ve worked with VPLS for many years,” states the client’s Director of Communications. “We know we can always count on them to custom-tailor the appropriate solution for our ever-changing needs.”

VPLS selected Polargy as the structured containment partner due to Polargy’s history of quality service and competitive pricing. Using Polargy’s containment technology, VPLS created an isolated containment aisle for the client, which offered thermal safety for mission-critical applications and data. In turn, the client can now push their colocation configuration to a much higher power density.

“We are proud to work with VPLS to provide a more flexible aisle containment solution,” adds Blake Ferras, Account Executive from Polargy. “Their team’s deep industry knowledge allows them to make the best decisions regarding Polargy for their customers.”

VPLS is committed to offering our clients the energy-efficient and cost-effective systems that will help them achieve their goals. In this case, using the cold aisle containment system was the best choice; it is a greener configuration that will significantly reduce the PUE of the client’s environment. We are proud to partner with Polargy to help our client achieve this goal.

Read More from this Author

Scroll to Top