Accend Networks San Francisco Bay Area Full Service IT Consulting Company

Categories
Blogs

Advanced Network Services | Dynamic Network Services

Accend has been providing advanced network services for clients for more than ten years in different verticals ranging from technology, healthcare, start-ups, K-12, local, state, and federal agencies.

The network services we provide range from network design, implementation and support of data, voice, and wireless networks. We are an IT Outsourcing company, systems integrator, and a value added reseller to those who need our services. We are adding video to our portfolio, although we have supported it minimally in the past.

The technology we support for clients is from different technology partners such as Cisco, Dell, HP, Meraki, Aruba, Ubiquiti, Juniper and Fortinet along with network appliances for small to midsize businesses such as Watchguard, Ubiquiti, Eero and Netgear.

The type of IT network services for which we often get requests are network design and upgrades, network moves, new Installations, equipment procurement, network redundancy (internet failover with and without BGP), switch stacking, network outages, best practice recommendations, ransomware attacks, virus-related issues, and advanced IT projects that require experienced and senior level engineers and architects. We are asked to handle network security, penetration testing and vulnerability assessment, Cloud assessment of products from Palo Alto Networks, Cloud migration from on-premise to the cloud, building site-to-site vpn tunnels and vpc from on-premise to the cloud, and staff augmentation placement for roles such as Helpdesk, Network Engineers and Network Architects.

Last but not least, we have also been requested to provide managed network services to monitor clients’ edge devices, routers, switches, and wireless controllers including access points and windows network services that entail patching services, anti-virus and anti-malware protection, and endpoint security for servers, desktop and laptops.

Apart from our typical network implementation and support projects, we often get requests to help clients install their commercial off-the-shelf (COTS) projects such as SolarWinds and Cisco Unified Communications Manager. Part of our process is to assess the current environment and understand the software purchased so that our consultants can take over seamlessly. The consultants who get assigned to assist clients typically have over 5+ years, sometimes up to 20+ years, in supporting products so that best practice recommendations can be made to guide the clients as needed. We either work with the customer or do the installation ourselves, depending on the client’s preference. Another COTS product is implementing VMware Horizon and Workspace ONE. This is just an example of our approach to getting things done.

In terms of area coverage, we provide advanced network services in California (both northern and southern), and nationwide with several clients on the east coast. The work can be on-site or remote; but luckily, with the availability of remote tools, we can easily support customers with just a phone call.

These are highlights of what we provide, but it is not limited to these examples. We offer dynamic network services since we’re flexible and understand client needs.

Categories
Blogs

Global Security Solutions | Advanced Security Solutions

Accend has been a Global Security Solutions provider for several clients when their networks were attacked by ransomware. Their locations are in different parts of the world. They look to us to provide rapid security solutions.

When both of our east coast clients were attacked by different variations of ransomware, we were called upon to implement tailored security solutions to remediate and restore their services as soon as possible so they could quickly be back in business operating normally. Luckily, with our talented team and a variety of resources, we were able to provide the skillsets our clients needed in a short period of time. We understood the urgency and thus quickly started working on resolving the issue.

Nuance is one of our east coast clients. They were hit by the Petya virus, which cost them $90M to restore their entire infrastructure (and restoration of services may still be on going). They had over 70 worldwide locations, including locations in Canada and Melbourne, Australia. They had no security at all in any of their systems. One click executed and voila, the virus cascaded and impacted almost all of their systems. It was so severe that our Global Security Solutions USA team and other IT partners were called in to work long hours round the clock, including weekends and nights, to tighten up security using Cisco FirePower at all 70+ locations around the world.

Here is what our partner had to say about this incident. According to Stewart Grey, Solutions Engineer of Conres, “We executed the ‘cut off and kill plan.’ It took dozens of networking R&S and security professionals to deploy over 100 firewalls to all parts of the globe. We took a project that should have taken 6 – 8 months and executed and successfully remediated the problem in 6 weeks.”

Another case is a healthcare client, Chesapeake Health Care in Salisbury, Maryland that was hit by ransomware that crippled some of their Windows infrastructure, including their Exchange 2007 server. They had about 400 users who primarily used Outlook Web Access (OWA) to access their emails, and OWA became useless to them. Once we received the email about needing our help, we jumped on it right away. They wanted to migrate to Office 365, and our Microsoft Exchange Solutions Architect helped them with the migration so they were up and running in a matter of two weeks.

Recently, as part of our global security solutions in California, we received another crisis call from a client in the Tri-Valley location in Northern California. The client was hit with ransomware for the second time, and they actually paid the ransom to get their service back for an undisclosed amount. They had about 200 users and needed several things done such as data recovery, migration to the cloud, and security. They ended up hiring a different IT vendor to support them but, unfortunately, that was not enough and we were called upon.

One last example is a request we received from a company residing in China when they needed a VPN service for their business. That was an interesting case because the business needed to register with the Chinese government and agree to have their site’s traffic monitored by it.

The above cases are part of our Global Security Solutions in California, the East Coast, and worldwide. Being in California does not restrict the location of our clients, and we have proved that we can support clients with our international security solutions, providing them with Cyber Security solutions while abiding by local and international laws.

Categories
Blogs

Solarwinds Network Monitoring | Network Monitoring System

Solarwinds Network Monitoring | Network Monitoring System

Several of our mid-size, municipal and federal clients have required assistance with their Solarwinds Network Monitoring software. They needed help to ensure that the modules they purchased were installed correctly and optimized for best performance. They also needed devices added tuned to critical alerts and pruning any false alarms.

Solarwinds is one of the best network monitoring tools available for business but not for home use. Among the many different modules, some of the popular are Network Performance Manager, Network Traffic Analyzer, Network Configuration Manager, and User Device Tracker. The first three modules allow you to add devices so you can monitor the health of systems, the services running on them, and get notified of issues, backup and restore configuration and even schedule image updates. It is great for a business running in a 24/7 environment. Network Traffic Analyzer (see image below, it works by enabling netflow on devices so you can monitor bandwidth usage, analyze traffic behavior traversing through the devices and application traffic alerts. Reports can be run using the defaults available, or you can create your own customized format. Alerts can also be customized.

Solarwinds is a great product for troubleshooting and pinpointing the causes of network outages and issues as the dashboard has widgets readily available to show you the Top N sources by utilization and application. You can filter traffic by source, destination, type of application such as port number (either source or destination), IP address, and much more. It supports IPv4 and IPv6. The dashboard can be customized to suit your needs so you only see what is critical and applicable to you.

To get the best use of Solarwinds to monitor your network, it requires some time to get everything installed. The SQL databases and installation locations are important, especially in a high-redundancy situation. Some common issues we see are related to server performance so you should make sure that the system running has a robust CPU, memory, and adequate storage.

Solarwinds is not just for monitoring networks but is also used for systems such as servers, laptops, desktops, and other endpoint devices. It can be configured to monitor and alert you on any window services running on a system. It has remote monitoring of devices located apart from the corporate office as long as there is network connectivity. Network topology can be created to show the location of each device in a map view. This is found on the dashboard of Solarwinds when you log in.

Our clients utilize our expertise to help them scope out products such as what module(s) is needed, along with installation, configuration and tuning. They count on us to analyze the installation for best practices and continue to manage their Solarwinds installation. It should be noted that on-going maintenance is required to avoid any issues.

Solarwinds networking monitoring software is purchased on a subscription basis and renewed yearly.

Categories
Blogs

How to Locate a Host On a Switch Given Its MAC Address

One of the most helpful troubleshooting methods for any IT administrator is figuring out where a host is located on the network. You can do this if you know only its IP address or you have its MAC address already. If you don’t have its MAC address but have access to the machine, you can follow this guide here on how to get the MAC address. It has instructions for Windows 10, MAC, Linux, and so on.

Once you have the MAC address, you’ll need to have access to the network switch. If your network is all connected together via a trunk link, all that you need access to it just one switch, either through telnet, ssh, or console and you can remotely connect to the other neighboring switches via its management IP address (provided everything is configured with management IP and proper setting is in place).

Once you have the MAC address and have access a network switch, you can use the “show mac address-table address” command to try to track down the switch port the host is connected to.

See below for a demonstration:

Here I have a Windows 10 machine with a MAC address of 00-22-68-20-16-C5. You can also see that it has an IP address of 192.168.1.25 (sometimes this is needed so that you ping it to see if it responds on the network).

To see the syntax of the “show mac address-table address” on a Cisco catalyst switch, just type as shown below :

cisco-sw-1#show mac address-table address ?

H.H.H 48 bit mac address

You can see that it expects the MAC address in a decimal format in blocks of three. Now see what happens when I type that out :

cisco-sw-1#show mac address-table address 0022.6820.16c5

Mac Address Table

—————————————————

Vlan       Mac Address       Type Ports

——      ———–———–       ——–—–

10        0022.6820.16c5       DYNAMIC         Gi2/0/48<—- It is going through this port.

Total Mac Addresses for this criterion : 1

There you can see that it shows the MAC address is going through port Gi2/0/48 on switch cisco-sw-1. You can issue “show run int gi2/0/48” to check that port’s configuration :

cisco-sw-1#show run int gig2/0/48

Building configuration…

Current configuration : 133 bytes

!

interface GigabitEthernet2/0/48

switchport trunk encapsulation dot1q

switchport trunk native vlan 10

cswitchport mode trunk

end

We know from the above output (and from the show mac output) that this is a trunk port and usually a higher numbered port is connected to another neighboring switch. You can also verify this by issuing “show cdp neigh” :

cisco-sw-1#show cdp neigh

Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge

S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone,

D – Remote, C – CVTA, M – Two-port Mac Relay

   Device ID         Local Intrfce Holdtme         Capability Platform Port ID

cisco-sw-2               Gig 2/0/48 174                 T S WS-C3524- Fas 0/24

You can see that there is another switch connected to it and the port that it uses. Again, the host that we’re tracking has a MAC address of 0022.6820.16c5 and IP address of 192.168.1.25 and it is seen through our neighbor switch. We need to ssh or telnet to it to repeat the steps above to try to track the port it is connected to.

I am going to log into that switch but if you don’t know the management IP of that switch, you can issue “show cdp neigh detail” and it will show you its assigned management IP, see below :

cisco-sw-1#show cdp neigh detail

—————————————————

Device ID: cisco-sw-2

Entry address(es) :

IP address: 192.168.1.101

Platform: cisco WS-C3524-XL, Capabilities: Trans-Bridge Switch

Interface: GigabitEthernet2/0/48, Port ID (outgoing port): FastEthernet0/24

Holdtime : 154 sec

Version :

Cisco Internetwork Operating System Software

IOS ™ C3500XL Software (C3500XL-C3H2S-M), Version 12.0(5)WC3b, RELEASE SOFTWARE (fc1)

Copyright (c) 1986-2002 by cisco Systems, Inc.

Compiled Fri 15-Feb-02 10:51 by antonino

advertisement version: 2

Protocol Hello: OUI=0x00000C, Protocol ID=0x0112; payload len=27, value=00000000FFFFFFFF010121FF000000000000003094BBEA40FF000A

VTP Management Domain: ‘ccie’

Native VLAN: 10

Duplex: full

cisco-sw-1#

There you can see that the management IP is 192.168.1.101. You can get the other switch’s detailed information such as model number and version it is running..etc. I have a really old switch in my lab.

Now let’s access that switch and see try to track down that host :

cisco-sw-1#telnet 192.168.1.101

Trying 192.168.1.101 … Open

User Access Verification

Username: paula

Password :

cisco-sw-2>en

Password :

cisco-sw-2#show mac address 0022.6820.16c5

Non-static Address Table :

Destination Address Address Type VLAN Destination Port

———————         —————        ——————–——

0022.6820.16c5       Dynamic 10        FastEthernet0/11 <–Bingo! Here is our port!

Now you see that the host is connected to port Fast0/11. You can also issue show run int fast0/11 to verify that it is an access port (typically used for end user’s device)

cisco-sw-2#show run int fast0/11

Building configuration…

Current configuration :

!

interface FastEthernet0/11

switchport access vlan 10

End

You can see that it is connected to VLAN 10, which may be useful for other purposes.

What happens if when you run the show mac-address-table address command and it doesn’t return anything at all? It might be because the device has been idle for sometime and it is not being alive on the network anymore. Most switches have a MAC aging timer with 5 minutes and after that, it clears the CAM table (or MAC address table). This is because the switch has only so much memory and it can’t hold all the MAC addresses it has learned in its table forever. It needs to clear that and make room for newer MAC addresses as they are active and the cycle repeats.

You then have to generate some activity by pinging its IP address and then you can start issuing the show mac address command. Continue to repeat this process on all neighboring switches (if needed) until you can identify the switch that has the host connected to it.

Here is another trick. If you want to know the IP address of that MAC address, you can issue a show arp and it will tell you the IP address.

cisco-sw-1#show arp | inc 0022.6820.16c5

Internet 192.168.1.25               0 0022.6820.16c5 ARPA      Vlan 10

The above steps should also work for different vendors as well and they may have different syntax. Just check out the correct syntax if needed.

If you need help with any of the above or with troubleshooting in general, please feel free to reach out to us at [email protected] for a free consultation and we’ll be glad to assist you.

Categories
Blogs

Vmware Service Provider | Vmware Cloud Services

For over a decade, Accend has helped countless businesses maximize their profits by cutting back on operational costs by 45% or more. As a responsible VMware service provider, we have catered to the needs of several organizations — from startups to Federal agencies and everything in between. Our services include OS-level virtualization, para virtualization, full virtualization and more. We have the required subject matter expertise to remotely guide you through the VMware setup and installation process effortlessly.

As a VMware cloud service provider, we help businesses throughout the digital transformation process, by giving them all the leverage that they need. Our cutting-edge cloud management solutions make it easier for you to embrace technology, without worrying too much about managing it. As your managed service provider, we take care of all your cloud computing needs, which lets you focus on growing your business. Plus, you can do so without worrying about internal data security and the costs involved in it. With years of experience in providing network security solutions, we know what works and what doesn’t.

As your virtualization service provider, we can help you manage your resources more effectively and help reduce operational costs through efficient cloud management, network management, and storage solutions. This includes a visible reduction in hardware costs, energy costs, and an increase in productivity.

As a renown VMware service provider in California, we also provide technical assistance to the healthcare sector, which is prone to ransomware and DDoS attacks. With the increase in cybercrime, our responsibilities have increased exponentially and so has yours. So, you need to act fast and get the most out of your resources, but without compromising your internal security. As an ethical cloud computing service provider, we make it a point to keep your data safe and secure.

In the past, clients have approached us to set up the VDI platform and segregate existing resources into several virtual machines. We have also been relied upon for the installation of various VMware modules like the VMware Horizon View which enables remote access to a virtual desktop and Workspace One which enables centralized control. We have also assisted in configuring the switch port for trunk configuration to support the VMware vSphere.

With a combined experience of over 50 years as a vCloud service provider, our VMware solutions have helped organizations throughout the planning and implementation of disaster recovery measures. As one of the best VMware service providers, we offer tailormade solutions that are efficient, yet affordable. By connecting VMware to your physical servers, we help businesses maximize their profits by unleashing the power of virtualization. This gives you the power to limit access to confidential data and also to decide how you wish to use your resources.

Whether you have on-premise servers or hire the services of a cloud service provider, we would be glad to help. As one of the leading VMware service providers in the USA, our services include planning and managing your cloud architecture from start to end. Our core focus is on enhancing network security, ensuring network redundancy and virtualization. This lets you run your application without worrying about infrastructure incompatibility or lack of speed.