Soluții pentru problemele tale IT
If you have a touchscreen PC running Windows 11, an on-screen virtual keyboard can be essential if you want to use it like a tablet. By enabling an icon in your taskbar, you can bring up the touch keyboard at any time.
[mai mult...]If you never use the Windows 11 touch keyboard, or you just want to clean up your taskbar, it’s easy to turn it off.
[mai mult...]The IT infrastructure and applications in large enterprises require dedicated staff for their management, maintenance, and security. It’s a complex job, which can overwhelm any team with tickets and issues, and that’s why IT teams are always looking out for trustworthy ways to automate, centralize, and simplify their work. One of the typical ways to do that is through using a dedicated patch management software to apply updates automatically and in bulk, ensuring all software gets updated as soon as possible.
The N-able™ (formerly SolarWinds® MSP) N-central® product offers patch management as one of its many capabilities for remote monitoring and management. It uses rules, caching, multiple maintenance windows and automated approval methods to enable you to automate the patching of devices under your management. Updates can be applied either globally or on a per-device level when needed. In addition, applying smart keywords makes it possible to ignore some updates depending on the circumstances. For comprehensive visibility, N-central gives you an overview of all update statuses in your environment to act on any issues as soon as they arise.
Of course, N-central is a lot more than just patch management. The many features this all-in-one remote monitoring platform provides also include centrally managed antivirus, endpoint detection and response, network mapping, backup management, and a lot more. There are plenty of integrations for N-central including support for Microsoft Intune which many readers may find useful.
Patch management is also offered as part of another all-in-one tool from N-able, called RMM. It’ll help organizations meet their needs for applying updates quickly and efficiently to ensure the highest security standards for all users.
RMM provides access to a single web console to manage all updates. You can apply updates manually or create auto-approve rules depending on security policies and the current needs. Scheduling makes it possible to update software without disrupting employees during critical productive times. For visibility, you get access to clear reports to quickly fix any issues as soon as they arise. For troubleshooting any issues around software updates, the remote background management feature can be extremely helpful. It lets you provide remote support and perform system administration tasks without establishing a full remote desktop connection.
Regarding OS support, it’s important to mention that with the automated tools included in N-able RMM, you can approve, schedule, and deploy patches using the same set of workflows for both Windows and macOS devices. This means that all devices get the same level of security.
There are some differences between N-able RMM and N-central which we explained in another article. Be sure to check out our guide on N-able RMM vs N-central.
Patch Manager Plus by ManageEngine is an end-to-end solution, which supports Windows, macOS, and Linux systems along with many third-party applications and updates. It allows you to choose between both on-premises and cloud-based deployment models. You can run a scan to detect vulnerable endpoints and automate patches across a wide range of desktops, servers, virtual machines, and mobile devices. Further, you can also run audits and get scheduled reports for better visibility and control across your network. ManageEngine offers three editions of Patch Manager Plus with one free edition supporting up to 20 computers and 5 servers.
SysAid Patch Management is a capable solution that supports Windows-based systems, Microsoft Applications, and some third-party applications including Java, Chrome, Skype, Mozilla Firefox, Thunderbird, and more. It also supports both cloud and on-premises environments and offers easy setup and automated capabilities. IT administrators can monitor the progress of patch deployments with an overview of all due and completed patches via a unified interface. The solution easily integrates with all SysAid products for network management. While the solution offers all required features for seamless patch management, it lacks support for Linux and macOS systems—which is its major drawback.
ITarian also offers powerful software for Windows Patch Management, which provides an agent-based approach to scanning and updating automated patches across enterprise networks. ITarian also offers third-party patches on request, which can help you extend its capabilities to systems, applications, and servers outside of the Microsoft ecosystem. The solution also supports notifications and provides reports to help you stay on top of your IT environment.
The patch management software by Avast supports Windows-based computers and servers along with various third-party applications. The solution provides automated patching across all supported devices in your network, with minimal impact on network performance and speed. You can also apply updates remotely and get centralized visibility and control with its cloud-based platform. Its unified dashboard provides you a birds-eye view of all software patches helping you easily track progress, identify failures, and rollback patches that create issues. You can also schedule automated patch scans and get comprehensive reports to assess the health and security of devices in your network.
Rapid7 InsightVM is essentially a vulnerability management solution that supports automation-assisted patching and containment. The solution relies on Rapid7’s threat and vulnerability research data to support live vulnerability and endpoint analytics. You can also monitor and update cloud, containerized, and virtual infrastructure with InsightVM and make use of its RESTful API for integrations with Splunk, ServiceNow, and other tools. The company also offers managed vulnerability management services. Check out its training and certifications to get the most of InsightVM.
Organizations need scalable patch management solutions to meet the requirements of their growing IT infrastructure. The tools discussed in this article offer easy implementation and effective patching. However, we find N-central and RMM from N-able scoring high on key features, such as cross-platform support, automation, rollbacks, end-to-end visibility, and reports. You can evaluate their free trials to get started and choose higher plans as you need.
[mai mult...]Email security has become a major concern for organizations due to the increasing number of advanced threats, phishing, and ransomware attacks. Taking email security lightly can be especially devastating to IT services providers due to the large scale of their operations with sometimes thousands of devices managed. According to McKinsey and Company, threats from inside the company accounts for around 43% of data breaches. Here is where powerful, enterprise-grade email filters play a critical role.
Email or spam filter tools are physical servers installed at the organization’s network as the first line of defense to target threats before they land into a recipient’s inbox. These tools filter all incoming messages before they enter the end user’s account. Email filtering is a process that monitors inbound and outbound emails for spam, malware, or any suspicious content before reaching a mail server. Employing filtering tools helps MSPs and organization’s IT teams to improve regulatory compliance, business continuity, and employee security.
Depending on the use case, spam filters vary greatly in terms of the level of security they provide, scalability, ease of deployment, and additional features to meet the customer’s needs. Outlined below are some the best spam filter tools to give you an idea of what’s possible today and help you make an informed choice.
N-able™ (formerly SolarWinds® MSP) Mail Assure is an email security solution that helps keep an organization’s network safe and secure from malware, phishing, and spam. It enables managed services providers (MSPs) and enterprises to block the emails that threaten an organization’s assets and critical information. The tool provides email security through advanced analytical features such as an intelligent protection and filtering engine, robust encryption, archiving, and more. To finetune filtering capabilities, Mail Assure has a proprietary engine that is fed continuous data from 23 million inboxes to recognize new threat patterns. Other aspects worth mentioning include:
SpamExperts is a powerful security solution for ISPs and web hosts to strengthen email protection. The tool provides advanced inbound and outbound email filtering options to eliminate and block emerging threats. It not only protects the organization’s network but also saves resources and costs.
The tool offers a first-level incoming filter defense that runs at the frontline of the email infrastructure. With its clear and multilevel view of email flow, end users can track or block unwanted messages, as well as store useful emails to ensure business continuity even during outages and downtime. Users can choose various deployment methods to discover its advanced analytical features.
Barracuda is a spam filtering solution that protects your business from email-borne cyber threats. It is one of the most comprehensive security platforms for organizations to block threats and protect businesses from volumetric malware, spam, targeted spear-phishing attacks, and ransomware. The tool blocks advanced threats with the help of its inbound filtering features. It quickly filters every message before it gets delivered into end users’ dashboards. It uses spam scoring, URL link protection, virus scanning, reputation checks, and more to provide high-level protection.
Barracuda Advanced Threat Protection uses multiple layered analytic engines that perform functions like static analysis, behavioral analytics, CPU-emulation sandboxing, and more. It also offers outbound filtering, cloud-to-cloud backup, tamper-proof archiving, and automatic incident response. With its advanced layers of protection, encryption, and data loss protection features, the tool eliminates issues like data leaks—thereby helping organizations to stay compliant and productive.
Proofpoint® offers a service to filter an organization’s inbound and outbound email traffic. Methods are used to scan messages and block content that includes malware, spam, viruses, suspicious links, and others. The tool can also be used for appliance-based email filtering that allows organizations to secure their critical data.
Another way to utilize this tool is when organizations move their applications and services to cloud deployment. Cloud deployment of this tool is more effective than appliance-based filtering as it requires less management and offers real time automatic updates. Additionally, it also defends an organization’s network against spam risks and other email-borne cyber threats.
Mimecast’s secure email gateway is a cloud-based solution that protects organizations from inbound malware, spam, spear-phishing, and zero-day attacks. It combines with multiple policies, applications, and detection engines to secure business-critical emails. It can also perform outbound scanning of all emails. This technique detects malicious content to block threats and prevent the loss of sensitive or confidential information.
The tool includes end-to-end encryption, DLP, and content control for scanning full emails with attachments. An advanced feature of the tool is BYO threat intelligence that automatically ingests existing security data to Mimecast® tenants to streamline response processes, increase threat detection efficacy, maximize ROI, and more.
Trend Micro is an email threat detection tool that tracks and blocks advanced threats faster and better. It offers layered protection against ransomware, malware, and others using dynamic sandbox analysis for files and URLs, and machine learning to help filter unknown malware. The advanced services of Trend Micro Email Security give continuous and updated protection against advanced targeted attacks with enterprise-grade security features such as:
Choosing the best solution for real-time protection against email-borne threats can be difficult with so many options available on the market. The tools highlighted above are the best cloud-based spam or email filtering tools that offer advanced capabilities to fight malware, ransomware, and other emerging threats. It is best to discover their features and evaluate the functionality using their free trials.
[mai mult...]The Microsoft 365 suite provides a valuable set of business tools and assets that millions of people around the world rely on to accomplish their day-to-day tasks. These include popular services like Word, PowerPoint, and Excel, as well as the Exchange Online email messaging platform, OneDrive® cloud-based file storage, and SharePoint cloud collaboration tool.
Microsoft 365 (formerly known as Office 365) combines the accessibility and ease of use of the company’s tried-and-true programs with the benefits of cloud-based computing. This enables users to share and access files when working at the office, at home, or from different devices. However, because cloud-based computing inherently increases the surface area of a networked environment, the ease-of-access these solutions provide can also expose to an increased number of security risks.
One primary point of concern for many managed services providers (MSPs) is ensuring that data and assets are securely backed up. While Microsoft services and infrastructure have a strong reputation for high availability and reliability, the native security features of aren’t always enough to demonstrate compliance with data security standards. For instance, Microsoft 365 does not include backup solutions or self-service options for data recovery, nor is the company responsible in situations when hard deletes, deprovisioned accounts, or other site-specific recovery errors lead to potentially permanent data loss.
The limited options for reliably backing up data within the platform create a significant lack of IT oversight—which should be cause for alarm for MSPs. With end users looking to you to shore up their data security, keeping customer systems protected to prevent data loss requires a third-party backup solution. However, not all Microsoft 365 data tools are created equal. In this piece, we’ll touch on a few key criteria to look out for when selecting your software, as well as a few of our favorite tools that pass the test.
When it comes down to it, the Microsoft data centers are ultimately outside the jurisdiction of your MSP. Instead of worrying about how you can’t control customers’ data, focus on the variables youcan control. In practical terms, this means providing backup services and data protection to customers to augment and expand upon the built-in features.
By providing your own services to customers, you can develop security strategies and define security policies for your customers to keep them safeguarded against a wide range of sources of data loss. Whether you’re dealing with an employee who accidentally deletes a file or a bad actor who launches a sophisticated malware attack, offering these additional services can protect your customers while they use third-party platforms.
While Office 365 does offer some retention options for deleted items, the platform is fairly limited when it comes to enterprise data backups and archiving. Exchange, for instance, retains items in the Deleted Items folder for 30 days before purging the files or messages permanently—but there is no data restoration feature in place. Once a file is gone, it’s gone for good.
That said, the Exchange admin center does allow MSPs to adjust these retention periods to match the specific needs of your customers’ security policies, whether that is a few days or a few years. Outlook® emails by default have 14-day backup periods, which can also be adjusted with administrative authorization.
There are a few limits to this functionality, though. While you can apply it to all Outlook email accounts, global administrator accounts with eDiscovery permissions are the only ones with the ability to restore deleted items. Recovered emails can be held for a specified duration or according to certain search filters (with a feature called Litigation Hold). This is a useful capability for MSPs to have in their toolbox, but the process of restoring items quickly becomes time-consuming, and therefore should not be relied on as the primary means of data recovery.
The collaborative element involved with OneDrive introduces an element of complexity, which can increase the likelihood of data loss if not properly accounted for. This is because OneDrive, in the process of tracking and managing edits from multiple users across multiple files, only retains the latest version of each file.
OneDrive does include a recycle bin feature, which stores the outdated file versions for 90 days by default and allows for previous file versions to be quickly restored as needed. Similar to Deleted Items folder in Exchange, you can configure the OneDrive recycle bin to hold onto older file versions for longer periods to better align with data security policies.
When end users (employees) move on from your customer companies, a few things need to happen—one of the most important being that their user accounts need to be stripped of privileges to prevent them from potentially impacting business operations. This is especially important if the parting is not amicable or voluntary, or if the employee was involved in unauthorized access of restricted or sensitive resources. Depending on the specifics of your customers’ data security strategies and policies, you may retain these deactivated accounts for some time before deleting them to help ensure you don’t lose anything critical in the process.
This carries over to the employee’s various accounts as well, including Microsoft 365 subscriptions. You can choose to close a subscription for a former employee, but neither you nor your customers have any say over when it ultimately purges the account. The limited access window you have for these accounts is crucial to keep in mind—if a deactivated Microsoft 365 subscription leads to data loss, it has the potential of putting you at risk of violating retention policies.
While these tips are largely geared toward getting the most out of the native features and making them work for you, the more permanent and sustainable option is to find a software solution that provides comprehensive backup and archiving capabilities. The software you choose should help you support all services your customers utilize. The good news is that many third-party vendors provide multi-tenant software-as-a-service (SaaS) solutions that can seamlessly integrate with Microsoft 365.
How to select an email protection and backup tool
There are quite a few options out there built specifically for MSPs, so here are a few considerations to keep in mind while you are weighing your options:
Regardless of which of these considerations you take into account, the point is that there are quite a few options on the market for you to explore. Knowing the specific features and capabilities you are looking for going into your search will help you find the right tool (or set of tools) that allow you to properly support your customers.
If you’re still not sure, we recommend going with the trusted products offered by N-able. Their cloud-based tools N-able™ Backup, Mail Assure, and RMM are designed specifically to meet the needs of MSPs, and can integrate with each other to offer a seamless technician experience. N-able Mail Assure offers comprehensive email security, archiving, and business continuity solutions, while N-able Backup offers consolidated backup and recovery management for user, workstation, and server data—including Microsoft 365 assets. Both of these tools can be integrated with N-able RMM for one powerful dashboard that technicians can use to gain full visibility into their customers’ environments.
Products from N-able (formerly SolarWinds MSP) are known not only for seamlessly integrating with each other for greater visibility in system operations, but also for offering a high degree of customization. This allows MSPs to tailor the backup and recovery solutions you provide customers to specifically meet their needs and policies—while also helping prevent data loss from Microsoft 365 accounts and files.
[mai mult...]Your CPU or Disk usage staying at 100% can have several different causes, but there are only a handful of culprits that are confirmed to cause this type of behavior on Windows 11. Here’s a list of scenarios that are known to cause unreasonably high Disk & CPU usage on the latest operating system released by Microsoft:
Now that we went over every potential cause that has the potential of keeping your CPU and Disk at 100% usage on Windows 11, let’s go over a couple of fixes that other Windows 11 users have successfully used to alleviate the problem:
Just as with Windows 10, the number one culprit that likely produces these 100% disk usage issues is the search function. Apparently, the way the search function is designed to always index and keep track of new file entries will end up hogging all the system resources on low-end PCs – This affects both the CPU and traditional HDDs.
If the search function is indeed to blame for this particular issue and you’re actively using it, you’re not going to like the resolution. As of now, the only reliable way of stopping file indexing (caused by Windows Search) from hogging all your system resources is to disable the function altogether.
This is done via the Services screen – You’ll need to start by stopping the status of the service prior to modifying the Startup type.
IMPORTANT: Doing this modification essentially means that you’re giving up on the search function on Windows 11. Your operating system will no longer spend time automatically indexing the files that are stored on your PC. This might fix your disk usage problems, but it will also prevent you from using Windows Search again.
If you understand what this modification will do to your operating system and you are ready to enforce this modification, follow the steps below:
If the problem is still persisting, move down to the next potential fix below.
If you already tried disabling Windows Search or you aren’t ready to enforce this compromise, one additional likely culprit that might hogg all your system resources and keep your CPU and Disk usage at 100% is Superfetch (Sysmain).
Note: The purpose of this service is to increase the performance of your operating system by preloading apps you frequently use into RAM before you need to use them.
While this sounds great in theory and works beautifully on medium & high-end PCs, the same cannot be said for low-end configurations – If you are using a PC with limited RAM (with low frequencies), Sysmain will only make things worse because it will switch the burden from your RAM to VRAM (virtual memory hosted on your HDD or SSD).
This will most likely keep your Disk usage at 100% as your PC struggles to pre-load your most frequently used apps. If you find yourself in this situation and you wish to alleviate the problem, the only tradeoff you can make is to prevent Sysmain from pre-loading your apps – This will serve the purpose of freeing up your system resources (especially your Disk Usage).
You can disable Sysmain via the Services screen. You’ll need to stop it first before modifying the Startup behavior.
Note: If you are prompted by the User Account Control window, you’ll need to accept admin rights by clicking Yes.
If the problem is still not yet fixed, follow the next method below for a different way of lowering your Disk usage on Windows 11.
If the first two methods were not effective in your case, let’s turn our attention to your SATA AHCI Controller driver and investigate either a built-in feature (Native Command Queuing) is not actually making your HDD perform worse than it should on Windows 11.
As it turns out, Windows 11 is quite inefficient at allowing HDDs to use native Command Queuing and this failure often results in the drive being stuck at 100%, rendering the PC in a prolonged frozen state. Fortunately, you can fix this issue by doing some Registry Modifications to your SATA AHCI Controller driver so that Native Command Queuing is disabled – This will make your disk drive slightly slower, but it will likely solve any underlying disk usage problem on Windows 10.
Important: This method is only recommended for PC configurations using traditional HDDs. We haven’t been able to confirm this particular issue occurring with SSDs and Ultrafast SSDs.
Follow the instructions below to disable native command queuing for your SATA AHCI Controller in order to bring down the disk usage on your Windows 11 computer:
Note: If you’re using a dedicated driver for your ATA / ATAPI controllers, the name of your controller might be different. For example, the name for Intel controller drivers is Intel(R) xxx Series Chipset Family SATA AHCI Controller.
Computer\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI
Note: You can either navigate to this location yourself or you can paste the location directly into the navigation bar to get there instantly.