Skip to content

SafeDNS: Ensuring the Most Sustainable Web Filtering Infrastructure

Recently, renowned researchers from Tel-Aviv University and Reichman University conducted a groundbreaking study on DNS resolvers and distributed denial-of-service (DDoS) attacks. Their research uncovered a severe complexity attack called NRDelegationAttack, which poses a significant threat to DNS resolvers. This attack can exhaust CPU resources and cause denial of service to legitimate users.

The study identified major resolver implementations, including BIND9, Unbound, and Knot, as vulnerable to NRDelegationAttack. The researchers issued three common vulnerabilities and exposures (CVEs) related to this attack. Testing on 16 open resolvers confirmed their susceptibility.

SafeDNS stands out as the web filtering solution with the most sustainable infrastructure, as confirmed by the provided data. In comparison to other major DNS resolvers, SafeDNS demonstrates exceptional performance in maintaining low latency and minimizing latency increase percentages.

According to the test results, SafeDNS exhibits remarkable consistency, with a mere 4.65% increase in latency from the first NXNS Attacker. This outstanding performance significantly outperforms many other resolvers, ensuring users experience minimal delays and enjoy a seamless browsing experience.

Moreover, when facing the NRDelegationAttack Attacker, SafeDNS experienced an increase of 5812.8% in latency, surpassing the performance of several other DNS resolvers. Notably, some of the other resolvers encountered ClientTimeout errors in response to the NRDelegationAttack Attacker, highlighting the robustness and reliability of SafeDNS.

These results underscore SafeDNS’s commitment to providing a sustainable infrastructure that delivers exceptional performance, security, and stability. Users can rely on SafeDNS to navigate the internet securely and efficiently, while experiencing minimal latency and maintaining a seamless browsing experience.

To learn more about this groundbreaking research, including detailed analysis and findings, please refer to the full research article.

Start using SafeDNS for free

Take advantage of the SafeDNS trial period and try all the best features

Free trial Contact us

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SafeDNS
SafeDNS breathes to make the internet safer for people all over the world with solutions ranging from AI & ML-powered web filtering, cybersecurity to threat intelligence. Moreover, we strive to create the next generation of safer and more affordable web filtering products. Endlessly working to improve our users’ online protection, SafeDNS has also launched an innovative system powered by continuous machine learning and user behavior analytics to detect botnets and malicious websites.

Debunking the DNS Servers for Gaming Myth: Separating Fact from Fiction

In the gaming community, players are always seeking ways to optimize their gaming experience, including reducing latency. One popular topic that often arises is the use of specific DNS servers to enhance gaming performance. In this article, we debunk the myth surrounding DNS servers and gaming, explaining why they have limited impact on reducing ping. We will also provide alternative strategies to effectively improve your gaming experience.

The Myth: DNS Servers and Improved Ping

When it comes to gaming, some individuals believe that by using specific DNS servers, they can significantly reduce latency and enhance their gaming performance. The idea behind this belief is that connecting to nearby or faster DNS servers will result in quicker resolution times, leading to improved connection speeds and reduced ping during gameplay. However, this assumption oversimplifies the complexity of network performance. 

The Reality: Minimal Impact on Ping

While it may seem logical that connecting to optimized DNS servers would lead to improved gaming performance, the reality is that DNS resolution has limited impact on reducing ping or enhancing overall gaming latency. In most cases, the time it takes to resolve DNS queries is minimal compared to other factors influencing latency, such as the speed and quality of your internet connection, server distance, and network congestion.

To put it simply, even if you were to connect to the fastest DNS servers available, the improvements in ping would be marginal, if noticeable at all. The primary focus should be on addressing the factors that have a more significant impact on gaming performance.

Alternative Solutions for Enhanced Gaming Experience

To optimize your gaming experience, consider the following alternative strategies that have a more substantial impact on reducing latency and improving overall performance:

  1. Internet Speed and Quality:

Start by checking the speed and quality of your internet connection provided by your ISP. Ensure that you are subscribed to a plan that offers sufficient bandwidth and low latency for gaming. If necessary, consider upgrading to a higher-speed plan or exploring alternative internet service providers in your area.

2.  Network Optimization:

Optimize your network settings for gaming to reduce latency and improve stability. Here are a few steps you can take:

  • Utilize a wired connection instead of relying on Wi-Fi, as wired connections tend to offer lower latency and better stability.
  • Close bandwidth-intensive applications or downloads running in the background, as these can hog network resources and negatively impact your gaming experience.
  • Configure your router for gaming traffic, which may involve enabling Quality of Service (QoS) settings or prioritizing gaming traffic over other types of network traffic.

By implementing these alternative solutions, you can make significant improvements to your gaming experience without relying solely on specific DNS servers.

While the myth persists that using specific DNS servers can dramatically improve gaming performance, the reality is that DNS resolution has limited impact on reducing ping or overall gaming latency. Instead, prioritize factors such as internet speed and quality, as well as network optimization, to enhance your gaming experience. By focusing on these essential aspects, you can effectively optimize your gaming setup and enjoy a smoother and more enjoyable gaming experience.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SafeDNS
SafeDNS breathes to make the internet safer for people all over the world with solutions ranging from AI & ML-powered web filtering, cybersecurity to threat intelligence. Moreover, we strive to create the next generation of safer and more affordable web filtering products. Endlessly working to improve our users’ online protection, SafeDNS has also launched an innovative system powered by continuous machine learning and user behavior analytics to detect botnets and malicious websites.

Stopping the WiFi Password Hacker with NAC

In the digital age, where businesses rely on seamless connectivity and data exchange, corporate WiFi networks have become the backbone of modern operations. However, a growing concern looms over these networks: the alarming ease with which their passwords can be hacked. In this article, we explore the vulnerabilities that make corporate Wi-Fi networks susceptible to breaches, as well as the far-reaching consequences that such hacks have on businesses.

Unveiling the Vulnerabilities of Wireless Networks

The ease with which corporate WiFi network passwords can be hacked poses a dire threat to businesses, yet they continue to persist. Here are some of the reasons why WiFi passwords are so easy to hack:

  • Password Weakness: The Achilles’ heel of corporate WiFi networks often lies in weak passwords. Surprisingly, many organizations still employ generic or easily guessable passwords, providing hackers with a convenient entry point. Cybercriminals employ sophisticated tools capable of deciphering these passwords through brute-force attacks, exploiting the negligence of network administrators.
  • Flawed Network Configurations: Misconfigurations within WiFi networks often leave unintended openings for hackers. Despite advancements in security technologies, network administrators occasionally overlook crucial settings, unknowingly leaving the door ajar for malicious actors. For instance, obsolete authentication protocols like WEP, notorious for their vulnerabilities, can be exploited by skilled hackers to intercept and decrypt network traffic.
  • Human Factors: Internal personnel can inadvertently or deliberately facilitate unauthorized access to corporate WiFi networks. Employees with inadequate security awareness may fall victim to social engineering attacks, disclosing passwords or inadvertently introducing malware into the network. Furthermore, disgruntled employees or ex-staff members with malicious intent can leverage their insider knowledge to breach network security, causing significant harm to their former employers.

The Far-Reaching Consequences of a WiFi Hack

The consequences of a WiFi password hacker gaining access to a corporate wireless network extend beyond mere financial losses, potentially devastating an organization’s reputation and eroding customer trust. These consequences include:

  • Breach of Sensitive Data: Successful intrusions into corporate WiFi networks grant hackers unrestricted access to a treasure trove of sensitive business data. Confidential customer information, proprietary intellectual property, and critical financial records become vulnerable to exploitation. The repercussions can be devastating, including reputational damage, regulatory non-compliance penalties, and a loss of customer trust. Competitors may capitalize on stolen information, resulting in financial losses and compromised market position.
  • Misuse of Network Resources: Once infiltrated, hackers exploit the compromised corporate WiFi network for their nefarious activities. They may launch attacks on internal systems, infect devices with malware, or engage in illegal practices, such as distributing pirated content. The consequences are dire, ranging from compromised network performance and disrupted business operations to potential legal consequences for facilitating illegal activities.
  • Financial Burdens: The financial implications of WiFi network breaches are profound. Remediation efforts, including incident response, forensic investigations, legal services, and potential regulatory fines, can exact a heavy toll. Moreover, organizations may face indirect financial losses due to diminished business opportunities, decreased productivity, and customer attrition resulting from damaged reputation and eroded trust.
  • Operational Disruptions: A successful hack of a corporate WiFi network triggers significant operational disruptions. While IT teams work tirelessly to contain the breach, investigate the incident, and restore network integrity, the organization’s daily operations grind to a halt. The ensuing downtime leads to missed deadlines, dissatisfied customers, and severe financial ramifications.

Stopping the WiFi Password Hacker with NAC

To mitigate risks posed by a WiFi password hacker, businesses must prioritize robust security measures, including regular network audits, encryption standards, user access controls, and ongoing employee training. When it comes to user access controls in particular, a network access control (NAC) solution can help prevent someone from hacking the password for a corporate WiFi network through several mechanisms. Here are some ways NAC can enhance security:

  • User Authentication: NAC solutions can enforce strong user authentication methods, such as two-factor authentication (2FA) or certificate-based authentication. This ensures that only authorized users with valid credentials can connect to the network.
  • Access Policies: NAC solutions allow network administrators to define and enforce access policies. These policies can restrict access based on user roles, devices, or locations. By implementing granular access controls, the NAC solution can prevent unauthorized users from gaining access to the network, ultimately thwarting any WiFi password hacker.
  • Device Profiling and Security Checks: NAC solutions can perform device profiling, which involves collecting information about connected devices, such as device type, operating system, and security posture. The solution can then compare this information against predefined security policies and assess the risk level of the device. If a device is deemed insecure or non-compliant, the NAC solution can restrict or deny network access.
  • Network Segmentation: NAC solutions often include network segmentation capabilities. By dividing the network into separate segments or VLANs, the solution can isolate critical assets and restrict access between different segments. This way, even if an unauthorized user gains access to the network, they will face additional barriers when attempting to move laterally or escalate privileges.
  • Continuous Monitoring: NAC solutions provide ongoing monitoring of connected devices. They can detect anomalies, such as multiple failed login attempts, unusual network traffic patterns, or unauthorized devices connecting to the network. If suspicious behavior is detected, the NAC solution can trigger alerts or take automated actions, such as blocking the device or initiating additional security measures.
  • Integration with other Security Tools: NAC solutions often integrate with other security tools, such as firewalls, intrusion detection systems (IDS), or security information and event management (SIEM) systems. This integration allows for more comprehensive threat detection and response capabilities. For example, if the NAC solution detects a suspicious login attempt, it can communicate with the firewall to block the source IP address.

Proactively fortifying corporate WiFi networks allows organizations to safeguard their valuable assets, maintain business continuity, and thrive amidst the escalating cybersecurity challenges of the digital era. By implementing a robust NAC solution with these features, an organization can significantly reduce the risk of password hacking attempts and enhance the overall security of their corporate WiFi network.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

The evolution of cyber threats: looking back over the past 10 years

Over the past decade, the world has witnessed a dramatic increase in cyber threats. The digital age has brought about new opportunities for innovation and growth but has also created new avenues for cybercriminals to exploit. The rise of new technologies, such as artificial intelligence, has enabled attackers to become more sophisticated in their methods.

In this blog, we will look back at the evolution of cyber threats over the past decade and explore how businesses can adapt to these changes. We will also discuss how NordLayer protects your data and resources ahead of the curve.

Upsurge of cyber threats

The past decade has seen a rise in various types of cyber threats, from ransomware attacks to social engineering tactics. One of the most notable threats is ransomware, where attackers encrypt a victim’s files and demand a ransom payment to restore access.

In 2020, ransomware attacks rose by 150% compared to the previous year, according to The Harvard Business Review. Another common threat is phishing, where attackers use social engineering tactics to trick victims into revealing sensitive information. Phishing is an effective and dangerous cybercrime because it relies on people’s inherent trust in the internet. The idea that criminals would be able to fool you into giving up private information is hard for most people to believe, which makes it easy for even well-meaning people to fall victim to a phishing attack.

Impact on businesses

The impact of cyber threats on businesses cannot be overstated. Cyber attacks can result in significant financial losses, reputational damage, and legal consequences. According to a study by IBM, the average data breach cost in 2020 was $3.86 million.

According to Forbes, small and medium-sized businesses are especially vulnerable. The impact of cyber attacks on businesses extends beyond financial losses, with reputational damage and loss of trust among customers also being significant concerns.

2009-2012: rise of advanced persistent threats (APTs)

The period between 2009 and 2012 saw a rise in advanced persistent threats (APTs). APTs are long-term attacks that focus on stealing data from a specific target and are highly sophisticated. The attackers would spend months or even years gathering information about their target before launching an attack. The goal was to steal sensitive information without being detected.

One of the biggest examples of this type of threat during this timeframe occurred in 2010, where Google and other companies were targeted in a series of APT attacks known as Operation Aurora. Attackers gained access to sensitive data and intellectual property by exploiting company software systems vulnerabilities.

Some ways to protect against APTs include:

  1. Secure VPN: A secure virtual private network (VPN) that encrypts all data transmitted between the user and the internet. This ensures that sensitive information is kept confidential and protected from cyber attackers.

  2. Next-generation firewall: A next-generation firewall can detect and block malicious traffic, including APTs. It also allows for granular control over network traffic, enabling administrators to restrict access to sensitive resources.

  3. Intrusion Prevention System (IPS): IPS uses advanced techniques to detect and prevent APTs from infiltrating the network. This includes detecting and blocking attempts to exploit network and software vulnerabilities.

  4. Threat intelligence: Ideally, a threat intelligence platform continuously monitors global threat activity and automatically updates security policies and rules to protect against new and emerging threats.

  5. User behavior analytics (UBA): A UBA solution can identify and flag abnormal user behavior that may indicate a security threat, such as an APT. This helps administrators quickly detect and respond to potential attacks.

2013-2016: ransomware and business email compromise (BEC)

Between 2013 and 2016, ransomware and Business Email Compromise (BEC) attacks rose. Ransomware is a type of malware that encrypts a victim’s files and demands payment in exchange for the decryption key. On the other hand, BEC attacks involve impersonating a senior executive and tricking employees into transferring money to a fraudulent account.

These attacks proved to be highly profitable for cybercriminals, with ransomware payments reaching billions of dollars annually. BEC attacks have also been on the rise, with the FBI reporting losses of over $1.7 billion in 2019 alone.

The WannaCry ransomware attack affected hundreds of thousands of computers in over 150 countries. The attackers demanded ransom payments in exchange for unlocking the affected systems. Another good example of these threats during this timeframe was the CEO Fraud in 2015, where tech company Ubiquiti Networks fell victim to a BEC attack that cost the company $46.7 million. The attackers posed as Ubiquiti executives and convinced employees to transfer funds to overseas accounts.

Some ways to protect against ransomware and BEC attacks include:

  1. Email filtering: This service can help protect against BEC attacks by blocking suspicious emails that may contain phishing or malware links. This helps prevent employees from falling for social engineering tactics and inadvertently giving hackers access to sensitive information.

  2. Anti-malware: A solution to detect and block ransomware before encrypting files on a company’s network. This helps prevent data loss and minimize the impact of a ransomware attack.

  3. Backup and recovery: Automated backup and recovery services can help restore data and systems during a ransomware attack. This helps minimize the damage caused by an attack and reduces the likelihood of paying a ransom to recover data.

  4. User awareness training: Employee training and awareness programs help educate staff on recognizing and reporting potential security threats such as BEC attacks. This helps employees understand how to protect themselves and the company from cyber threats.

  5. Access control: This feature allows administrators to restrict access to sensitive data and systems, helping prevent unauthorized access and reducing the risk of a successful ransomware attack.

2017-2020: Internet of Things (IoT) and artificial intelligence (AI) threats

The period between 2017 and 2020 saw the rise of Internet of Things (IoT) and Artificial Intelligence (AI) threats. This time frame saw the first cases of this type of attacks.

IoT devices are becoming increasingly popular for on-site and remote businesses, making them a prime target for cybercriminals. These devices often lack proper security measures, making them vulnerable to attacks.

Artificial intelligence plays an increasingly significant role in the evolution of cyber threats. On the one hand, AI is being used by businesses to improve security measures, such as detecting anomalous behavior and identifying potential threats. On the other hand, cybercriminals are also using AI to create more sophisticated attacks.

For example, cyber-criminals can use AI to generate realistic phishing emails that are more likely to trick victims into revealing sensitive information. AI is also being used to create deep fake videos and audio, which can be used for social engineering attacks.

The Mirai Botnet was a massive cyberattack in 2017 that compromised hundreds of thousands of IoT devices, turning them into a network of bots used to launch DDoS attacks on various websites. The botnet primarily targeted vulnerable IoT devices such as security cameras, routers, and DVRs that had weak or default login credentials.

According to a report from Wired, “Mirai was responsible for the largest DDoS attack in history, which peaked at 1.1 terabits per second and brought down the DNS provider Dyn, taking down popular websites including Twitter, Netflix, and Reddit in the process.”

Another example was the 2018 DeepLocker; a type of AI-powered malware that is designed to evade traditional cybersecurity measures by using AI algorithms to hide and remain undetected until it reaches its target.

The malware is designed only to activate when it detects a specific target, such as a particular person’s face or voice. The malware was created as a proof-of-concept by IBM’s X-Force Red team to demonstrate the potential risks of AI-powered attacks.

Some ways to protect against AI attacks include:

  1. Network segmentation: This feature can segment the company’s network, separating IoT devices from other devices and systems on the network. This can help prevent an attacker from using an IoT device as a backdoor to access the company’s sensitive data and systems.

  2. Device management: This service ensures IoT devices are configured with the proper security settings and updated with the latest firmware and security patches. This helps prevent IoT devices from becoming a vulnerability and potential targets for attackers.

  3. Behavioral analysis: Behavioral analysis detects abnormal activity in the network, which can help detect and prevent AI-based attacks. This includes monitoring the behavior of IoT devices and detecting anomalies that may indicate a potential attack.

  4. Machine learning: Machine learning utilizes algorithms to analyze network traffic and identify potential threats. This includes the ability to detect anomalies in the behavior of IoT devices, which can help identify potential AI-based attacks.

  5. Threat intelligence: Ideally, a threat intelligence platform continuously monitors global threat activity and automatically updates security policies and rules to protect against new and emerging threats, including those targeting IoT and AI systems.

2021-2022: supply chain attacks and Ransomware-as-a-Service

In 2021 and 2022, there has been a significant increase in supply chain attacks and Ransomware-as-a-Service (RaaS) attacks. Supply chain attacks involve targeting a third-party vendor to gain access to their customers’ networks. These attacks have been highly successful, with cybercriminals targeting software providers, IT companies, and cloud service providers.

RaaS attacks involve renting out ransomware to other cybercriminals for a percentage of the profits. This business model has made it easier for cybercriminals to launch attacks, resulting in a surge of ransomware attacks worldwide. According to a report by SonicWall, there were over 304.7 million ransomware attacks in the first half of 2021, a 151% increase from the same period in 2020.

One of the biggest related incidents took place In 2020. The SolarWinds supply chain attack affected multiple U.S. government agencies and corporations. The attackers compromised SolarWinds’ software updates and used them to distribute malware to their customers.

Another case worth studying is the Colonial Pipeline, a ransomware attack in 2021 that shut down a major fuel pipeline in the United States. The attackers demanded a ransom payment in exchange for restoring access to the company’s systems.

Some ways to protect against Supply Chain Attacks and Ransomware-as-a-Service attacks include:

  1. Vulnerability scanning: This service can detect vulnerabilities in software and systems that may be exploited in a supply chain attack. This includes identifying outdated software, unpatched systems, and other potential vulnerabilities.

  2. Access control: This feature allows administrators to restrict access to sensitive data and systems, helping prevent unauthorized access and reducing the risk of a supply chain attack.

  3. User awareness training: Employee training and awareness programs help educate staff on recognizing and reporting potential security threats, including supply chain attacks and ransomware-as-a-service. This helps employees understand how to protect themselves and the company from cyber threats.

  4. Anti-malware: This solution can detect and block ransomware before encrypting files on a company’s network. This helps prevent data loss and minimize the impact of a ransomware attack, including those delivered as a service.

  5. Backup and recovery: Automated backup and recovery services can help restore data and systems during a ransomware attack. This helps minimize the damage caused by an attack and reduces the likelihood of paying a ransom to recover data.

2022-present: deepfake and synthetic identity fraud

In 2022, deep fake and synthetic identity fraud attacks became increasingly prevalent. Deepfake technology involves creating realistic videos or audio recordings that can be used to spread misinformation or conduct social engineering attacks. On the other hand, synthetic identity fraud involves creating fake identities using real and fake information.

These attacks have proven to be highly effective, with cybercriminals using deep fake technology to impersonate high-level executives or political leaders to spread false information. Synthetic identity fraud has also been on the rise, with losses estimated to reach $1 billion in 2022, according to the 2022 Internet Crime Report of the Federal Bureau of Investigation.

In the article TOP 5 cyber attacks of 2022, the best examples of this type of threat can be further analyzed.

How can NordLayer help?

Cybercriminals constantly evolve their tactics, making it essential for businesses to stay up-to-date with the latest threats. Cybercriminals use fileless attacks, which do not leave a footprint on the system, and supply chain attacks, where attackers target third-party vendors to gain access to a network. By understanding these tactics, businesses can take steps to protect themselves.

The past decade has seen a rapid evolution in cyber threats, with attackers becoming more sophisticated and their tactics becoming more advanced. Businesses must adapt to these changes by implementing robust cybersecurity measures to protect their data and resources. NordLayer remains committed to providing top-notch security solutions that evolve with the changing cyber threat landscape.

Our Zero Trust Network Access solution provides secure access to resources and data, while our ML-powered (machine learning) threat detection system prevents end users from accessing potentially harmful websites that may affect business operations.

As the cybercrime landscape develops, NordLayer continues to evolve its products to protect access to data and resources. Our security solutions include access control features, network segmentation, and secure VPN.

We continuously monitor the latest threats and adapt our products to provide the most robust protection possible.

Contact NordLayer and learn how we can help you secure your business.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

How to integrate Jumpcloud and Awingu

Cloud access management has become increasingly important for businesses of all sizes, as an increasing number of employees work remotely and rely on cloud-based tools to stay connected and productive. Azure AD is the most popular solution, but more companies are also looking at solutions like JumpCloud for managing cloud access. In this article, we will explore how easy it is to integrate Awingu and JumpCloud by using the custom SAML app.

Step 1: Create Awingu in JumpCloud via the Custom SAML App

The first step in integrating Awingu and JumpCloud is to create a custom SAML app in JumpCloud. SAML (Security Assertion Markup Language) is a protocol used for single sign-on (SSO) authentication, which allows users to log in to multiple applications with a single set of credentials. Awingu supports SAML 2.0, which means that it can be integrated with JumpCloud using SAML.

To create a custom SAML app in JumpCloud, follow these steps:

1. Log in to your JumpCloud admin console and navigate to Applications.

2. Click the “+ Add New Application” button and select the “Custom SAML App”

3.  Enter a name for the app (e.g., Awingu) and on the SSO page set following parameters:

As Awingu only supports Service Provider initiated authentication, the following settings are also mandatory:

The last step is to create two attributes that can be passed on as claims to Awingu. The first one needs to correspond with the UPN of the user in Awingu’s local AD, and the second one will be used as the user display name in the Awingu user interface.

In this example, the UPN matches the email address of the user. If this is the case, you can also create a custom attribute for the user and pass this custom attribute to Awingu:

4. Before saving the application, make sure you assign the right group of users to this application and click “Save” to finish the creation of the SAML app in JumpCloud.

5. Once the app is created, select the app in the list of applications and download the XML metadata file by clicking on the “Export Metadata” button.

Once this is done, you are ready to configure the Awingu side.

Step 2: Enable Federation on Awingu

The second step in integrating Awingu and JumpCloud is to enable federation on Awingu. Federation is the process of establishing trust between two identity providers (in this case, JumpCloud and Awingu) so that users can log in to Awingu using their JumpCloud credentials.

Before you start the Awingu configuration part, make sure you know the username and password of the built-in management user. This is the user account that was created during the initial installation of Awingu. If you have activated pre-authentication or single sign-on within Awingu and you have a problem with the configuration, this is the only account that still allows you to login. All other (admin) users will no longer work as they will be forced to go over to the IdP, JumpCloud in this case.

To enable federation on Awingu, follow these steps:

  1. Log in to your Awingu appliance with an admin user and open the system settings.
  1. Go to “Configure” -> “User Connector” -> “Federated Authentication” and set the Type to “Pre-authentication” and the Protocol to SAML”.
  1. Set the Entity ID to “Awingu” and upload the Metadata XML file downloaded earlier onto the Awingu appliance after switching the Metadata Type from “URL” to “XML”.
  1. Set the Username & Display Name claim to the same names as set on the Jumpcloud side, in this example “username” and “displayname”.
  1. Set the Workspace URL to your public Awingu DNS name.
  1. Click Apply.

Once this is done, test your configuration by opening an incognito web browser window and go to your Awingu URL. If all is correct, you will be redirected to JumpCloud.  After a successful login to JumpCloud, you will be redirected to Awingu, and Awingu will ask you to type in your password. This will be your local Windows AD password. No need to panic, this is normal behavior as we only have activated so far in the “pre-authentication” and not yet the full single sign-on.

In case something goes wrong, and the pre-authentication is not working you can still login to the Awingu appliance with the built-in management user. To do this, open a new incognito window and go to https://your.awingu.url/login?noPreAuth (be careful, this is case sensitive). This will allow you to login and make modifications to the configuration.

Step 3: Go full Single Sign-On in Awingu

Once you have a working pre-authentication and know the integration with JumpCloud is done correctly,  you can go to the last step, which is switching the Federation Authentication type from “Pre-Authentication” to “Single sign-on”.

This last step is independent from the IdP that is used (JumpCloud in this case) and will remove that popup for the local AD Windows password. You’ll need to make Awingu a sub-CA of your Active Directory. By doing so, Awingu can generate user certificates and then via Kerberos and other standard Windows protocols, Awingu can let the user login to the applications and drives without the need of a Windows password or without the need to install any Awingu software onto the Windows environment.

Have a look at this video: https://youtu.be/8343EIAVHns or to the admin guide to learn more about how to generate those certificates. Be careful, because certificates and Kerberos are sensitive to DNS and other details. Follow the instructions to the letter to make it work.

Once you have uploaded the certificates to your appliance, your users can log in to Awingu with their JumpCloud credentials. This means that you can manage cloud access for your entire organization using a single platform (JumpCloud), while still providing your users with a seamless login experience.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Parallels 
Parallels® is a global leader in cross-platform solutions, enabling businesses and individuals to access and use the applications and files they need on any device or operating system. Parallels helps customers leverage the best technology available, whether it’s Windows, Linux, macOS, iOS, Android or the cloud.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×