Additional Devices

Mail Filters

• "Screen the following from email messages"
  • Exchange Server
    • Exchange is going to take emails that come in from the internet and be able to pass them to your users. Problem with sending up a mail server on the internet is that there's a lot of garbage email that's out there.
  • Looks at the contents of the email and determines if it is worth receiving it.
• Unsolicited email
• Malware in attachments
  • PDF files can have links to Javascript inside of it.
• Malicious URLs
• Data Loss Prevention
  • Do something if something you established to be bad is found so that no bad data leaves your organization.
• IP reputation
  • Used to consider if email is garbage or not garbage.
  • Are they known to send garbage to other people. This is posted by a vendor.

Web Application Firewall

• Inspect HTTP(S) traffic
  • HTTPS uses SSL or TLS and it's going to protect all the traffic. This means that we don't know what's inside of the packets unless we decrypt
• Scan for malware
• Data Loss Prevention
  • Something like uploading documents to OneDrive or Google Drive, we want to see the documents that are being sent.
  • We can do this provided that we've got the ability to inspect inside HTTP traffic
• Web Content Filtering
  • Categories of content that are inappropriate for users to be browser while you are at work
  • You can block by categories, you can block by user, group, etc.
• Granular control of browsing
  • We can know who is browsing which topics the most.

Collaboration

Voice & Video

• Connect Voice over IP (VoIP) to Public Switch Telephone Network (PSTN)
  • You need some type of interface, a lot of times this is the router
• Voicemail
• Auto-attendant
• Conferencing
  • Zoom, Teams, etc..
• Email integration
  • If somebody calls and leaves you a voicemail, you can transcribe it and then you can just read it on your watch or look at it on your phone as an email.

AAA Servers

Authentication

• Who you are
• Think username / password

Authorization

• What you're allowed to do
• Often determined by group

Accounting

• Detailed logs of success and failure
• Know what's normal!

If we can tell a new coming switch to come over the AAA server to look for usernames and passwords, so we no longer have to put all those users and passwords on the switch, WAP, router, etc.

• An AAA Server gives you a centralized authentication facility.
• Active Directory (AD) is a common type of AAA server
• RADIUS is also a common type of AAA server, more focused towards linux and FreeBSD clients.