(401) 237-0023

Your Trusted Wireless and Security Experts


Engineering your wireless network security and troubleshooting your Wi-Fi with our industry leading, end-to-end solutions.

PacketLogix is a reseller of specialized network technologies primarily focused in the IT security and wireless networking fields. We assist our customers in the design, acquisition, implementation, and training on the solutions which we implement. 

Engineering your wireless network security and troubleshooting your Wi-Fi with our industry leading, end-to-end solutions.

cloud

Cloud

Now that cloud based services are the norm rather than a rarity, PacketLogix works with you to get to the most effective cloud based platforms for your business.

read more

infrasture icon

Infrastructure

PacketLogix specializes in network performance and mobility and we offer architecture design and planning for optimal deployment of your infrastructure.

read more

visibility icon

Visibility

Knowing that network challenges are more often housed within an application rather than the network itself, PacketLogix is positioned to peer into your network and give you the most effective solutions.

read more

security icon

Security

Our proactive security solutions include on-premise, hybrid-cloud, and full cloud based networks depending on your security needs.

read more

wireless icon

Wireless

As wireless technologies take over as our primary means of network communications, PacketLogix offers best-in-class solutions to your wireless network design and deployment needs.

read more

Our Partners

  • HP Enterprise

    Infrastructure

  • Microsoft Office 365

    Cloud Services

  • NetScout

    Visibility

  • Microsoft Azure

    Cloud Services

  • AdTran

    Infrastructure

  • VMware

    Infrastructure

  • Xirrus

    Wireless

     

  • Arbor Networks

    Security

  • Carbon Black

    Security

  • Proofpoint

    Security

  • Ixia

    Visibility

  • Aruba Networks

    Wireless

     

  • BridgeWave

    Wireless

     

  • Aryaka

    Cloud Services

  • Fortinet

    Security

Latest Blogs

Critical Apache Struts Remote Code Execution Vulnerability

aruba logo

Title
=====
Apache Struts Remote Code Execution Vulnerability

 Severity: CRITICAL

An unauthenticated remote code execution vulnerability in the Apache
Struts 2 package has been publicly reported.  This advisory details
Aruba's exposure to this vulnerability.

Affected Products
=================
 -- ClearPass Policy Manager (all versions)


Unaffected Products
===================
  -- ArubaOS
  -- Aruba Instant
  -- AirWave
  -- ALE
  -- All Aruba cloud services including Aruba Central and Meridian
  -- Niara


Details
=======
On March 7, 2017 the Apache Struts team released new versions of the
package to address a security vulnerability.  The vulnerability allows
an unauthenticated attacker to execute code remotely on a vulnerable system
through the use of a specially crafted Content-Type header. The attack code
will be executed with the permission of the web server user. Attack tools
exist and this vulnerability is being actively exploited.

The ClearPass Policy Manager administrative Web interface is affected by the
vulnerability.  ClearPass Guest, Insight, and Graphite are NOT affected.

Severity: CRITICAL
CVSSv3 Overall Score: 9.4
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L/E:F/RL:W/RC:C


Resolution
==========
Aruba will be publishing hotfixes for ClearPass 6.5.7 and 6.6.4 no later than
Tuesday, March 14, 2017.  Additionally, ClearPass 6.6.5 (target release date
of March 22, 2017) will include this fix.

Once the hotfix is published, the following methods may be used to install it:

Installing the Patch Online Using the Software Updates Portal:
1. Open ClearPass Policy Manager and go to Administration > Agents and Software
   Updates > Software Updates.
2. In the Firmware and Patch Updates area, find the "ClearPass 6.5.7 Hotfix
   Patch for CVE-2017-5638" or "ClearPass 6.6.4 Hotfix Patch for CVE-2017-5638"
   patch and click the Download button in its row.
3. Click Install.
4. When the installation is complete and the status is shown as "Needs
   Restart", proceed to restart ClearPass. After reboot, the status for the
   patch will be shown as Installed. The ClearPass Policy Manager version
   number will not change.

Installing the Patch Offline Using the Patch File from support.arubanetworks.com:
1. Download the "ClearPass 6.5.7 Hotfix Patch for CVE-2017-5638" or
   "ClearPass 6.6.4 Hotfix Patch for CVE-2017-5638" patch from the Support site.
2. Open the ClearPass Policy Manager Admin UI and go to Administration >
   Agents and Software Updates > Software Updates.
3. At the bottom of the Firmware and Patch Updates area, click Import Updates
   and browse to the downloaded patch file. The name and description once
   imported may differ from the name and remark on the support site
   as these were adjusted after posting. This is purely a cosmetic discrepancy.
4. Click Install.
5. When the installation is complete and the status is shown as Needs Restart,
   proceed to restart ClearPass. After reboot, the status for the patch will
   be shown as Installed. The ClearPass Policy Manager version number will
   not change.


Workarounds
===========
Restrict access to the Policy Manager Admin Web Interface. This can be
accomplished by navigating to Administration >> Server Manager >>
Server Configuration >> <Server-Name> >> Network >> Restrict Access and
only allowing non-public or network management networks.


Revision History
================

      Revision 1 / 2017-Mar-10 / Initial release


Aruba SIRT Security Procedures
==============================

Complete information on reporting security vulnerabilities in Aruba Networks
products, obtaining assistance with security incidents is available at:

http://www.arubanetworks.com/support-services/security-bulletins/

This is an important notice for all #ArubaNetworks #HPE #ClearPass customers. For companies needing assistance with patching, PacketLogix offers this as a professional service. https://lnkd.in/dq_aYTy

 

Learn More

Change all of your passwords - Right NOW!

Arbor’s Security Engineering & Response Team (ASERT) Security Blog

Please read this very informative document from Arbor about an exploit that happened to a company called CloudFlare. CloudFlare housed some of the cached data on the internet like usernames and passwords for a lot of websites. Likely one that affects you.

https://www.arbornetworks.com/blog/asert/change-passwords-right-now/

Learn More

Introducing Uila - Our Latest Visibility Partner

Uila Dashboard

Today’s virtualized data centers are opaque to traditional monitoring approaches and enterprise IT lack the tools to be able to correlate application to infrastructure performance to determine what is causing the application slowdown. 

A Data Center’s infrastructure components – CPU, Memory, Network and Storage – may have their own management tools but these tools are incapable of providing visibility to the whole system or correlating that information back to a specific application’s performance. As a result, organizations lack the resources to quickly and efficiently resolve application performance issues and spend the majority of their valuable time engaged in reactive troubleshooting or inter-departmental finger pointing, rather than proactively improving application delivery. 

Uila’s application-aware Infrastructure Performance Management allows data centers to

  • align infrastructure performance management with application performance management
  • ensure application availability and peak performance by enabling proactive planning
  • improve IT efficiency by reducing troubleshooting from days to minutes

Uila identifies application performance bottlenecks for optimization and maximizes the efficiency, performance and reliability of virtualized infrastructure. Performance trends, anomalies and underlying patterns of behavior are identified using powerful big data analytics and trending reports. All of these capabilities improve application reliability and infrastructure performance. 

Call me (Terrence) at (401) 237-0023 or email at Terrence@packetlogix.com to set up a live demo.

Learn More

Questions?

If you have questions about whether or not our IT services platform is right for your business, simply complete and submit this form and one of our trusted IT professionals will promptly respond to your query!