GuruNot's Security Config

Discussion in 'SCW Archive' started by GuruNot, Dec 1, 2016.

  1. GuruNot

    GuruNot Level 1

    Dec 1, 2016
    8
    16
    United Kingdom
    Windows 10
    Sophos
    Most recent changes:
    04/12/2016
    Operating System:
    • Windows 10
    OS Edition:
    Pro
    OS Build:
    Build 1607
    OS Architecture:
    64-bit
    User Access Control:
    Always Notfiy
    Firewall:
    3rd Party Firewall
    OS File Reputation:
    • SmartScreen for Windows 10
    Type of User Account:
    Microsoft Account
    Recent Malware Attacks:
    No
    Testing AV's with Malware Samples:
    No
    Real-time Malware Protection:
    Self Build Hardware In-Line Sophos Unified Threat Management Gateway (Home License), Sophos Endpoint Control (11.0.10 UTM), HitmanPro.Alert, Trusteer
    On-demand Scanners:
    Hitman Pro, Malware Bytes Anti-Malware, VIPRE Rescue, VirusTotal
    Security Product Settings:
    Custom
    Browsers and Extensions:
    Firefox with HTTPS Anywhere and sometime Edge.
    Preferred Search Engine:
    Google
    Password Manager:
    KeePass linked to YubiKey
    Content Blocker (Ads, Scripts, Trackers):
    uBlock Origin, Sophos UTM
    Frequently used System Utilities:
    Sysinternals Suite, Secunia Personal Software Inspector, Nmap, regedit, ccleaner,
    Frequency of Data Backups:
    Daily Backups
    Data Backup Software:
    Veeam Endpoint Backup
    Frequency of System Image Backups:
    Manual / On-demand Backups
    System Image Backup Software:
    Veeam Endpoint Backup
    Machine Specs:
    https://malwaretips.com/threads/gurunots-perpetual-upgrade.66090/
    Daily backups off to Raid-5 NAS.
     
  2. Svoll

    Svoll Level 12

    Nov 17, 2016
    554
    6,418
    Student/Engineering Failure
    US
    macOS Sierra
    Norton
    I got nothing to say, looks amazing, thanks for sharing your config! All software you are running seems like an Enterprise setup, must have cost quite a bit....Grab Shadow Defender if you haven't, my most used app right now...
     
  3. GuruNot

    GuruNot Level 1

    Dec 1, 2016
    8
    16
    United Kingdom
    Windows 10
    Sophos
    Sophos is free for home use ... Either via Sophos Home or with the Home UTM which gives you endpoint licenses for 10 machines.

    Details of the HW for my UTM:

    Status: Working, currently using at Home
    Astaro Version(s) tested: 9.355-1
    System OR Motherboard: SuperMicro E200-9B containing X11SBA-LN4F Mainboard
    BIOS version: 1.0
    CPU: Intel® Pentium® Processor N3700 (SOC), Quad-Core (6W, 4C); Socket FCBGA 1170
    RAM: 2 x Kingston KVR16LS11/4 RAM 4 GB 1600 MHz DDR3L Non-ECC CL11 SODIMM 1.35 V, 204-Pin Memory Module
    Disk Controller 1: SATA 3.0 (6Gbps) from Intel® SoC
    Network Interfaces: Quad Gigabit Ethernet LAN ports, Intel® I210-AT
    Video Controller: Aspeed AST2400 BMC
    Hard Disk: Plextor PX-128M6M 128GB mSata Solid State Drive
    Case/Chassis: CSE-101S Mini-ITX (19.5cm wide x 19.5cm deep x 4.5cm high)
    Power Supply: DC-DC board with external 60W DC Power Supply
    Total Power Consumption: Estimated 10 - 15 Watts
    Total Cost: £424.63 (Bare E200-9B = £350, RAM = £29.24, mSATA = £45.39 all retail)
    Comments / Notes: This Server/Board has a dedicated IPMI interface (similar to HP ILO) in addition to the 4 NICs.
    Install of UTM was done remotely using IPMI console redirection with virtual media pointing to local ISO on remote machine.
    All hardware was recognised with no issues.

    I did splash out on a Sophos AP which allows me to do multiple VLANs , captive portals etc from the UTM.

    A couple of links:

    Free Antivirus for Home Networks: Secure 10 PCs and Macs Free | Sophos

    Free Firewall for Home Users | Free Home Security Appliance Download | Sophos XG Firewall

    Free Home Edition Firewall - UTM Home | Sophos Free Tools

    Have a play, both the UTM and XG Firewall can be stood up as a VM if you so wish.
     
  4. Daniel Hidalgo

    Daniel Hidalgo Level 32
    Trusted AV Tester

    Mar 17, 2015
    2,141
    24,645
    system technique
    Tultitlan, Mexico State, Mexico
    Windows 10
    Kaspersky
    Very balanced, for me it looks excellent the configuration you have. Thanks for sharing :)
     
  5. Svoll

    Svoll Level 12

    Nov 17, 2016
    554
    6,418
    Student/Engineering Failure
    US
    macOS Sierra
    Norton
    Thanks for the suggestion, my school does offer Sophos now as a free AV, but here is the catch from them that I find :confused:

    Sophos Anti-Virus detects and cleans up viruses, Trojans, worms, and spyware, as well as adware and other potentially unwanted applications. It provides virus definitions and software updates regularly when you are connected to the Internet. You do need to be on campus to receive these updates.
     
    Yash Khan, aragornnnn and frogboy like this.
  6. Exterminator

    Exterminator Super Moderator
    Staff Member

    Oct 23, 2012
    12,279
    46,652
    USA
    Windows 10
    Kaspersky
    Nice config! Thanks for sharing it with us :)
     
    Yash Khan, JM Security and aragornnnn like this.
  7. jamescv7

    jamescv7 Level 61
    Trusted

    Mar 15, 2011
    12,664
    17,723
    Web and FileMaker Developer
    Philippines
    Windows 10
    Microsoft
    Good configuration, I know how Sophos performs well on system to system basis hence no question for that. :)
     
    Yash Khan and aragornnnn like this.
  8. aragornnnn

    aragornnnn Level 11

    Aug 18, 2016
    524
    6,236
    Warehouse Employee @ Nike ELC Belgium
    Belgium
    Windows 10
    Kaspersky
    Very good setup thanks for sharing!

    Also +1 for Yubikey! :)
     
    Zero Knowledge, Yash Khan and frogboy like this.
  9. JM Security

    JM Security Level 28
    Trusted

    Apr 12, 2015
    1,746
    13,957
    SecureMyBit Developer
    Unknown
    Yash Khan likes this.
  10. carsten ibsen

    carsten ibsen Level 20

    Sep 18, 2016
    980
    5,208
    retired
    denmark
    Windows 10
    Microsoft
    Hello There,Nice Configuration,but i mean the same as JM Security,remember HTTPS Everywhere:D
     
    Yash Khan likes this.
  11. GuruNot

    GuruNot Level 1

    Dec 1, 2016
    8
    16
    United Kingdom
    Windows 10
    Sophos
    #11 GuruNot, Dec 5, 2016
    Last edited: Dec 5, 2016
    a couple changes done.

    Changed from MalwareBytes Anti Exploit to HitmanPro.Alert
    HTTPS Anywhere Installed for FF.
    Keepass linked to my Yubikey which arrived the other day.
     
    Yash Khan likes this.
  12. Yash Khan

    Yash Khan Level 51

    Oct 22, 2012
    4,055
    8,960
    Hey,

    You are running Veeam Endpoint Backup.
    How is backup/restore speed?
    Are the backup/restore reliable?
    How is it overall?
    Anything you would like to mention?

    I would like to give it a try.

    Thank You
     
    JM Security likes this.
Loading...
Similar Threads Forum Date
System Specs GuruNot's Perpetual Upgrade Showcase Hardware Dec 1, 2016
SECURE AMD1's Security Config (2018) PC Security Configuration Yesterday at 12:31 PM
G-Suite Security Center Aims to Improve SMB Security Security News Yesterday at 7:09 AM