Network Security

The Importance of Retrospective Network Security

Network Security

We are experiencing a new phase in our vision of network security. There is currently no quick fix solution, no 100% proof network security protection/prevention tool or product. There is always zero-day or purposely built (very focused, low spread) APT malware that current vendors are unable to detect at the time of the breach.

Hence total prevention is a myth.

Most of the current network security solutions offer only Point-In-Time detection/prevention. Namely they inspect the traffic when the traffic goes via the firewall and if they deem the traffic is clean  or unknown, at that exact time, they will allow it and forget about it. That could lead to malware passing through and being undetected for long periods of time. All vendors rely on intercepting the C&C communication to the botnet servers but not all malware uses such a centralized operation method so that cannot be considered a proven method of detection. That is why most of the vendors will apply their own sandboxing solution, namely send all files of unknown malware type to the cloud where they will be detonated in a controlled environment and the result of their execution will be deemed malicious or not by machines or sometimes humans. Upon discovery of malicious actions, the file is marked as malware and an update is shot out to all vendor appliances out there so they can intercept and drop such files. That process however takes time (typically more than 8 hours) and usually stops more than 96% of the malware spread (it depends on how quickly the different vendors discover that the file is malicious and how quickly the update is sent out) and that percentage was deemed high-enough for most companies.

What about that 4% though? I am sure any business owner would not like to be in this position and would like greater protection and value for their money. When a mere 4% can cause 100% of your security problems, you’re not protected.

Cisco is the only vendor in the NGFW market that currently has its vision also set on the retrospective side of the network security, the so-called After-The-Attack phase. Cisco uses the combination between Firepower and AMP for both network and endpoint to be able to provide threat context and to pinpoint the progress and spread of the malware in historical time so you will know exactly when and how the malware moved in your network, which hosts were infected so that you can immediately deploy mitigation techniques. First restrict the malware, block the effect of the malware and finally remove the malware that has already breached your network. Without this continuous analysis, the attack can run rampant on the network and it will be extremely difficult to determine the scope of the outbreak and the root cause or provide on-time/adequate response. Here is an example of such an event and how Firepower and AMP deal with it.

The following 4 simple steps represent how Firepower and Amp works with zero-day malware files:

  1. Unknown file gets downloaded to a client ip (1.2.3.4 for example) via http application with Firefox, the file is then allowed to reach the endpoint. The unknown file is sent to the cloud to be detonated and given a verdict.
  2. The Firepower tracks the movement/copying of the file within the network so it sees the file being propagated via any protocol at any time. For example, the file gets copied to another host 1.2.3.5 via SMB at 12:41 AM on the 1st of Dec 2016.
  3. Within 30min the same file gets replicated to 5 more devices within the internal range, all via SMB. The Firepower has a map of the file trajectory with hosts and timing of the movements.
  4. Two hours since the file was first seen, Cisco Security Intelligence Cloud had reached a verdict that the file in question is in fact malicious. From now on all Cisco AMP and Firepower enabled devices will drop that file upon encounter and alarm/log, but here comes the difference between Cisco and other vendors, namely the retrospective part. In our example, all future transfer of the files will be blocked and the file itself will be quarantined on all endpoints that have this file (requires AMP for endpoint), even more the administrators can leverage the trajectory map and verify the malicious file has been quarantined/removed and hosts have been remediated.

Abbreviations:

APT – Advanced Persistent Threats

C&C – Command and Control

NGFW – Next-Generation Firewall

Network Security, Cyber Security

8 Steps to Secure Your Organization against Cyber-Attacks

Network Security, Cyber Security

There is not a single industry anywhere in the world who are immune from the threat of some form of cyber-attack. Any attacks on your organization’s IT Network will be unpredictable in terms of the exact method of attack, but you can at least be poised to deflect and protect your company from such cyber-attacks with these 8 easy to follow steps.

1. Implement your CyberSecurity strategy from the top-down

Devise a security strategy, make sure Directors and Management understand the importance of your organization’s IT Network Security. The fundamental thing about security is knowing the risks involved and understanding what needs to be secured, namely what are your valuables/assets.

Only after a thorough risk assessment has been carried out can a proper security strategy then be formed and implemented. The importance of cyber-security should be something that senior management understands and supports, resulting in a top-down approach to implementation.

2. Create polices for the allocation of internal IT Resources

Once the importance of security issues is fully understood by management, organizations can then begin to create and implement polices on how to use, manage and allocate company resources to tackle cyber security.

It is vital to then develop and enforce policies and procedures for employees to follow, this will impact:

  • The allocation of company IT resources – allowed and prohibited expenditure
  • Change management procedures to be implemented across all IT systems and related policies
  • Reevaluate risk and security posture at regular intervals

3. Network Security

Have a network design with a strong focus on cyber-security. Segment your network on logical system based zones so you can isolate/segregate critical business systems and be able to apply network security controls to them – firewall/inspect traffic between those zones. Protect your Internet Edge but also internal traffic (east-west), cover the most used vectors of attack (email, web)

Pay special attention to wireless connectivity – use strong authentication based on individual credentials or personal certificates, strong encryption (AES) and proper guest/BYOD access. Plan carefully, home and remote users access – they should have equal security controls as users on corporate networks.

Have a central point for system monitoring (SIEM) that is integrated within your environment and provides a single point that holds all relative logs/events for your systems. Monitor your network/user activity with qualified staff. Fine tune your IPS systems to use relative to your network environment security rules/signatures and to produce relevant alarms. Act on the alarms promptly.

Secure both user/management and physical access to your network assets. Apply only secure configuration using the vendor/standard recommended best practices. Have a lifecycle policy in place – aka review/renew security controls/equipment at regular intervals. Finally, ensure you have an up to date network diagram with HLD/LLD documents.

4. Protect your endpoints/servers

Always use legitimately supported software and hardware. Create and maintain a policy for patching and updates – keep up to date with patches and security updates.

Devise and maintain a hardware and software repository – know what you have in your network. Centrally manage your endpoint from OS and software point of view. Limit user rights to make changes to endpoint security:

  • Never give normal users full access (admin)
  • Limit execution controls/change configuration
  • Create safe-lists of allowed software
  • Disable unnecessary services
  • Disable unnecessary peripheral devices and removable media access
  • Disable auto-run capability if removable media access is deemed necessary

Accessing sensitive information should be done in a secure manner – proper access controls should be in place – secure and robust authentication mechanisms, use two-factor authentication for sensitive access, encryption for data in transit and rest. Monitoring of how sensitive data is handled and transferred should also be in place.

Use endpoint protection mechanism (Anti-Virus, Anti-Spyware, Software, Firewalls) which support centralised management and can be integrated with your network security controls and monitoring tools. Regularly backup all important data in a safe manner (encrypt and secure data in rest in motion) – this mitigates the effects of ransomware attacks. In case of a breach, have a plan to restore normal network operations for different scenarios but also remember to include steps for gathering data for forensic investigations to take place in the aftermath.

5. Train your personnel

Users should be aware of the ideas behind the implementation of security

measures, what threats are out there and what should raise their suspicion – simple things like:

  • Non-solicited mails with strange hidden links – aka “Think before you click campaign”
  • File attachment with general but well-sounding names
  • Plugging/connecting unapproved media or personal devices into the network

Users should undergo training on:

  • How to handle sensitive information
  • Social Engineering training and be aware of the techniques used
  • Report any strange activities or security incidents

The training and development of personnel should be a continuous process not a one-off occurrence to ensure topics are relevant, minimise any potential threats and so staff training can be scaled.

6. Remote/Home Users controls

Access risks for remote corporate users and create a policy on how to mitigate their usage. Use strong/two-factor authentication. Educate remote users on the importance of security and how to work with all security control mechanisms without sacrificing productivity.

Create and regularly update manuals on how to use and configure different security controls (aka VPN Clients etc.) Have a support and escalation procedure in place – this is done so users can work with all security controls in place and do not try to circumvent them. Protect data in transit and rest. Use a common security build for all remote workers – more secure, easier to operate and troubleshoot.

7. Monitoring

We cannot stress enough on the importance of constant monitoring. No environment is bullet proof and buying best of breed products does not guarantee top level of security. There is a lot of factors in play in every complex environment that has many cogs and bolts. The only predictable aspect about security is the unpredictability of the threats they pose (for example the human factor or administrator laziness). A link as strong as its weakest chain. A company should concentrate on having all protection/prevention mechanisms in place but should never forget to have visibility and monitoring tools in place.

Detect attacks and abnormal behaviour – both from outside and inside attacks. React to attacks – in a timely response to stop the spread of damage, can ensure that the attack is blocked in the future and could assist with a forensic investigation. Account for activity – you should have a complete understanding of how systems run, and how data and information is being used by users. Only then will you be able to detect deviations from the norm and act on them.

8. Test, test and test!

The only way to really know your security level is protecting your organization, is to regularly test it!

Security tests should cover all parts of your environment and should be performed on procedures/processes, network equipment, endpoint systems and personnel.

  • Formal security audits that look at procedures and if they are being followed/enforced
  • Automated vulnerability assessments – usually performed every 2-3 months and done internally
  • Penetration tests – external annual security tests that usually give the most accurate information for the company’s security posture and effectiveness of all security measures deployed
  • Social engineering tests on personnel – attempts to get employees to discard sensitive information to none-authorised people either via phone or in person or to get physical access to company restricted areas.

Jargon Buster

  1. HLD – High Level Design
  2. LLD – Low Level Design
  3. IT – Information Technology
  4. IPS – Intrusion Prevention System
  5. SIEM – combination of the SIM (Security Information Management) and SEM (Security Event Management) abbreviations
  6. OS – Operating System
  7. AES – Advanced Encryption Standard
  8. BYOD – Bring Your Own Device
  9. Social Engineering – a method in Penetration Testing when the security experts are trying to exploit the human personality into giving out sensitive information that could lead to a breach in security

References:

https://www.ncsc.gov.uk/guidance/10-steps-cyber-security https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/317481/Cyber_Essentials_Requirements.pdf

Cisco Security

Why do legacy ASAs need Migration to ASA X Generation?

Cisco Security

The traditional legacy ASA Firewalls (5505, 5510, 5520, 5540, 5580) are End of Life (EOL) and soon will be End of Support (EOS). There are still a vast number of ASA’s in the public realm used as a security device/internet edge firewalls where many companies think they are providing the necessary security, the reality cannot be further from the truth.

These older model ASA’s have the following problems

  1. Hardware Problems

Cisco ASA Firewalls have a Meantime-Between-Failure (MTBF) which is simply the predicted elapsed time between inherent failures of such devices. When legacy ASA’s are out of support it is not possible to renew support contracts as Firmware updates are no longer available, effectively making the devices EOL. Meaning they are a ticking bomb and without support any network can suffer significant downtime when the device gives up.

  1. Code Vulnerabilities

ASA updates are uncommon, occurring every 6 months or so, meaning security holes can appear with such a time gap between security patch updates. Effectively your device is vulnerable and unsecured whilst it awaits the next patch update. Currently legacy ASA Firewalls only run to version 9.1 updates. These vulnerability problems wouldn’t be a threat if default and most deployed scenario is an Internet Edge Firewall.

  1. Lack of new features

Cisco is not deploying any new features to the legacy ASA’s and the major version will probably not move away from 9.1 (when the newest is 9.6 for next generation Firewalls)

  1. Lack of real security

Any working firewall cannot only rely on the Stateful Firewall technology for protecting the assets of an organization. Legacy ASA’s can only run the legacy Cisco IPS with a separate module which cannot measure to the modern IPS technology. The new generation of firewalls have the Firepower functionality which is the industry leading IPS technology.

Challenges for migrating Legacy ASA to ASA X?

  1. Configuration migration
  • Manual migration – Configuration between Legacy ASA’s and the new ASA X usually differs and cannot be simply copied and pasted into the new device. Different naming for interfaces and different features and functionalities means different syntax for the CLI.

Very often the legacy ASA’s run a pre-8.3 code due to RAM restrictions (RAM needs to be upgraded for post 8.3+ code). The pre-8.3 code is very different from today’s code in terms of syntax. It does mandate the obligatory use of objects, the NATs are the old PIX like fashion and any policies use the global ip addresses (the so called real ip addresses seen on the interface) than the original one (the ip addresses on the hosts). That means that large portions of the config need to be redone (in most cases manually) when you do the switch over.

The sections that needs manual work are: Objects, NATs, Policies and ACLs. That is the recommended approach and usually an experienced Cisco Security Consultant is needed to perform the job.

  • Automatic migration is possible if the legacy ASA has its RAM upgraded (512MB for 5505 and more than 1GB for the other models is mandatory). Depending on the starting OS Image version several upgrades are done to ensure the device runs the latest 8.2.x code and then jump to 8.4.1. During that jump the device will automatically redo the configuration to its best (will shout out errors on console while booting if it cannot migrate certain areas of the config), it will create objects (with automatic names) and will deploy them.

During automatic migrations, there is always a chance that something will not work so the migration again needs to be performed by someone who understands the migration process, can track down and manually intervene to correct errors or add configuration after the migration. Also, the configuration after an automatic migration is not easily readable due to the creation of objects with automatic naming convention.

  • Raising the security level – if you migrated from a legacy ASA to a new generation ASA X that supports other security technologies and Firepower then it makes sense to leverage new technologies and enable/configure/tune them. A blind one-to-one migration might give you more in the world of availability (new hardware, newer code, less code vulnerabilities and frequent code updates), but will not give you ultimately better protection for your assets. A deep packet inspection with content analysis is a must in the modern threat landscape. Implementing the Firepower technology is necessary but a complex step that needs to be done by people with the right skillset and experience.

References:

  1. EOS / EOL announcement

http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/eol_C51-727283.html

CRN White Paper 4cornernetworks.indd

Whitepaper – Meeting the challenge of Cisco technical services delivery

Assessing the needs of MSPs, integrators and other organisations and the challenges they face when sourcing quality third-party professional project and technical services for Cisco technologies.

Living Wage Employer

Engineering solutions firm 4CornerNetworks helps boost job satisfaction by paying the living wage

Living Wage Employer

http://www.thenational.scot/business/engineering-solutions-firm-4cornernetworks-helps-boost-job-satisfaction-by-paying-the-living-wage.20926

Brexit – The Impact on a Small Cisco Professional Services Company

download

The United Kingdom voted to leave the European Union on June 23rd and we’ve heard all about the impact on International stock markets, multi-conglomerates, worldwide economies and not very much about the little guys – small businesses.

Much doom and gloom has surrounded the Brexit vote, primarily due to the multitude of legal and financial uncertainties. There is no doubt that the UK leaving the EU carries risks, but counteracting those risks are an equal amount of opportunities.

This blog will explore the influence of the Brexit vote on an SME in the IT sector offering Cisco Professional Services. We will objectively explore any negative and positive impact the Brexit vote has had on our company, our finances and business operations.

As a Cisco Professional Services organisation, 4CornerNetworks specialise in the provision of Cisco Engineers making our business model dependent on market prices in the recruitment of Cisco Engineers. We operate Internationally, often employing Engineers from the EU and USA where the performance of the Pound Sterling causes both negative and positive currency fluctuations.

Currency Fluctuation

Post Brexit vote in the UK caused major currency fluctuations on the Pound Sterling against the US Dollar and Euro. Let’s look at the currency fluctuations of the Pound Sterling vs the US Dollar and the Euro from June 23rd, the day of the Brexit vote.

£ Pound Sterling to the $ US Dollar

$1.48 to £1         23/06/2016

$1.33 to £1         03/08/2016

$1.29 to £1          08/07/2016 = 28.12% fluctuation from 23/06/2016

The pound reached its lowest point on 8th July trading at $1.29 to £1 and its highest point of $1.48 to £1 on the 23rd June resulting in a 28.12% fluctuation. Today the price is $1.33 to £1 where the fluctuation from 23rd June is 22.2%.

£ Pound Sterling to the € Euro

€1.30 to £1          23/06/2016

€1.19 to £1          03/08/2016

€1.16 to £1         06/07/2016 = 18.2% fluctuation from 23/06/2016

On June 23rd the Pound fluctuated by 14.3% against the Euro against today’s price of €1.19, and reached a low of €1.16 to £1 on July 6th resulting in a 18.2% fluctuation.

(source: http://finance.yahoo.com/chart/gbpeur=x?ltr=1 )

Price of Doing Business

The average salary of a CCNA in USA is $72,039. At the current exchange rate of $1.33 to £1 is £54,165. On 23rd June the exchange rate was $1.48 to £1 meaning the same CCNA Engineer would cost £48,675 which is a cost of £5,490 for the salary of a single Engineer. (source: http://www.payscale.com/research/US/Certification=Cisco_Certified_Network_Associate_(CCNA)/Salary )

A CCNA in Europe (Take Germany as an example) earns an average salary of €45,562. At the current rate of exchange €1.19 to £1 is £38,287. On 23rd June the exchange rate was €1.30 to £1 meaning the same CCNA Engineer would cost £35,047 which is a cost of £3,240 for the salary of a single Engineer (source: http://www.payscale.com/research/DE/Certification=Cisco_Certified_Network_Associate_(CCNA)/Salary )

However, fortunes are reversed when we receive payment from organisations in Europe or USA. If an invoice for $10,000 was received on 23rd June, this would have been worth £6,757 but the same $10,000 invoice today would be worth £7,519, a surplus of £762.

A €10,000 invoice on 23rd June would have been worth £7,692 but the same €10,000 invoice today would be worth £8,403, a surplus of £711.

The currency fluctuations can be equally negative as they are positive which results in the solidification of uncertainty and therefore a cautious approach must be taken when dealing with international clients, currencies and projects. Operating in volatile market conditions is a business challenge we must accept face on, but remain equally cautious.

Any International growth ambitions small businesses have must now be placed on hold, but for how long? Planning to set up new offices, employ new staff and trade internationally with multiple currencies fluctuating by up to 30% in a matter of weeks presents too many unknowns and a period of stability must be reached before the UK’s small businesses can shake off the shackles and grow. It all depends if you see the glass Half Full or Half Empty?

*Please note the rate of exchange is at 03/08/2016 and will vary

‘Bing’s blanket ban on tech support ads is lazy and idiotic’

e0b9432b35e28023973caeeee10d1714

 

http://www.pcr-online.biz/news/read/bing-s-blanket-ban-on-tech-support-ads-is-lazy-and-idiotic/038296

The hands of 2 Cisco Engineers carrying out Cisco Professional Services in a data centre from 4CornerNetworks

Cisco Engineers Are In Short Supply – Precisely Because They Can Work Wonders

The hands of 2 Cisco Engineers carrying out Cisco Professional Services in a data centre from 4CornerNetworks

Back when computers ran off cassette tapes and plugged into your spare TV, it was generally the least cool kids in school who spent time in the IT suite – or as it was known in those simpler times, the computer room. The terms “geek” and “nerd” were coined to describe these unloved adolescents, and were used as playground insults by schoolboys of all ages.

How times have changed: Thanks to the pioneering efforts of some of those early IT engineers, computers became slick and fun, and soon they were essential to business too. More and more clever people saw where things were going and learned about IT; then they found more applications for it and built highly successful businesses using the new technology. Before we knew it, the terms geek and nerd were no longer pejorative, but used in a kind of awe of those who had mastered this world-changing technology. Nevertheless, most of us still prefer the term engineer.

IT engineering has been a desirable career for some time now, and yet there is still a shortage in many specialities. In terms of Cisco Engineers, the shortage is particularly acute, while at the same time there is also a pressing demand from companies who need their networks to work smoothly and cope with an ever larger and more business-critical level of usage. Given the fact that these are well paid roles, economic theory suggests that more people will chose IT engineering as a career and that the gap between demand and supply will close. However, that theory would under-estimate the quality of people needed to set up and maintain the ever more sophisticated networks in use.

To get an idea of the kind of people involved in Cisco Engineering, just take a look at the astonishing array of companies that have been started by former Cisco employees and engineers – this link gives just a few examples: http://www.networkworld.com/article/2988547/cisco-subnet/18-companies-launched-by-former-cisco-people.html

The fact that these engineers are of such a calibre and ambition that many seek to set up their own ventures further explains the shortage of skilled workers available to the average business, which doesn’t have the resources to keep specialists in all Cisco disciplines – if any – on its staff, let alone enough to cover all its global operations. In fact, Cisco itself has had problems retaining its best people, and adopted an extraordinary policy of encouraging ambitious employees to develop “spin-in” businesses that it would then buy from them, often for millions of dollars. This policy had the added benefit of keeping entrepreneurial innovation at the heart of the firm even after it had grown into a global giant, and of course made the job of building, maintaining and updating its systems even more demanding as they incorporated the innovative and disruptive technologies developed through the spin-in process.

Many were surprised to hear that Cisco is apparently ditching its spin-in programme last year, although reading between the lines it appears that the policy will essentially be retained in another form: http://www.businessinsider.com/ciscos-new-ceo-ditches-spins-ins-2015-11 This is just as well, as the flow of new IT and network applications which comes through this system has helped drive growth and profitability across many industries around the world. For ambitious businesses wanting to remain part of that growth story and keen to retain a leading position in their sector, access to Cisco Engineers is essential – and they must not only be suitably qualified, but thoroughly up to the job of working with cutting edge companies in many industries and helping them to innovate where necessary as well. That is why 4CornerNetworks exists: to supply those professional services.

We specialise solely in Cisco Professional Services, because although the hardware for the systems is essential, it is not in such short supply. We believe that access to great engineers is important for businesses to thrive and grow, and we understand that different firms have different needs in terms of the amount of help they need. Unlike most of our competitors, therefore, we don’t set out to win customers by selling managed services packages that charge them for things they don’t need. At 4CornerNetworks, we just provide access to great engineers, when and where you need them. That way, all our clients have access to the full range of skills available – as if they have a full set of Cisco Engineers on their staff, all over the world.

What’s Your Problem?

15315694

Your Pain Points when working with a Supplier of Cisco Engineers

“They” say that 98% of published statistics are made up, and people will think that when market research doesn’t provide them with the answers they anticipated. Conducting market research with a 3rd party will help to eliminate subconscious bias when asking questions and help to provide a survey format whereby respondents submit honest and detailed responses. Here at 4CornerNetworks, that’s exactly what we did when partnering with CRN Channel Web as we embarked upon a quest to understand client experiences, good and bad, when engaging with a supplier of Cisco Engineering Resources.

We Asked…

C-Level Executives, Operations & Project Managers from Telecomms, Managed Service Providers, ICT Providers and Cisco Channel Partners were asked about their experiences when utilising Cisco Engineers from a 3rd party vendor.

You Said…

  • 1/3 Were not satisfied with their external supplier of choice
  • Only 1/3 said they were happy!
  • 83% Concerned with rising costs and additional charges
  • 83% Concerned with lack of Engineering availability
  • 48% Concerned with a lack of transparency on attending Engineers certifications and experience

Engineering Availability

We asked, the channel spoke and specified that a lack of available Cisco Engineers and High Costs were the two primary concerns. 40% of C-Level Executives stated that they used more than one supplier of Cisco Engineering Resources, with 45% of those respondents doing so due to a lack of engineering availability. A lack of available Engineers will naturally occur when external partners fail to understand your everyday business requirements. Where are your clients located? When do you experience dips or peaks in client demand? How quickly can your external partner process your request? – All these questions impact on Engineering availability and all can be avoided by planning, integrating processes with your external partner and studying previous trends to ensure that you can get Cisco Engineering excellence, where you need it, when you need it.

Access to Cisco Engineering Skills

2/3 of Telecomms, MSP’s, ICT & Cisco Partners utilised the services of a 3rd party vendor to gain access to specific Cisco Engineering skills not available in-house. However only a fraction, 7% of all respondents concluded that when hiring an external Cisco Engineering partner, that costs were a benefit of any such relationship – that’s 93% of hiring companies NOT completely satisfied with the costs they are being charged.

Almost half of all respondents expressed their concerns with the experience and qualifications of attending Engineers. Often the end client provides feedback on how each Engineer performs. How long it took them to perform tasks, their customer and communications skills and their overall technical ability and expertise. If an attending Engineer takes twice as long to perform tasks due to their lack of experience or because they are not adequately qualified, then costs increase and the quality of workmanship will reflect poorly on your Brand.

Peek-A-Boo Charges

Peek-a-boo charges were the main cost concern when hiring a Cisco Field Engineer from an external partner. Upon opening your invoices, all of a sudden, peek-a-boo! Out pop charges for account set up, account maintenance, minimum booking time of 2-4 hour slots (when you only need an Engineer for 1 hour) and being charged for a CCNA, when all you got was a technical courier. Such charges make financial budgeting and forecasting almost impossible when you have no idea how much additional costs will be added to your invoice.

We Listened and…

We understood what problems your organisation faced when working with 3rd party suppliers of Cisco Engineers and what solutions will help to alleviate your pain points. More transparency, greater Cisco Engineering availability, consistent pricing and a select partner to work in tandem with your current business processes, ethos and culture.

SMART Onsite Service from 4CornerNetworks implemented by a customised Partnership Portal provides a solution to each and every pain point.

Transparent Billing

No set-up fees and no account management fees will ever be charged. We do not believe in winning new clients, then charging them for the privilege of being our client. Securing clients in a mutually beneficial long-term relationship will always be a main objective of 4CornerNetworks. Financial planning and budget control is now placed firmly back in the hands of our clients as a set monthly fee is charged by Direct Debit making forecasting easy and accurate because you know how much your bill will be every month.

Ease of Booking

S.O.S is only available to clients who outsource their requirements for Cisco Field Engineers of 500+ hours annually. You will be able to access the exclusive Partnership Portal of 4CornerNetworks where booking an Engineer when and where you need them is quick and easy to use. Simply choose the date, time and location of where you require an Engineer, provide a brief scope of work to gain instant access to Cisco Engineers where you need them, when you need them. This results in less admin time to source Engineers and less time and cost when working with an external partner.

Cisco Field Engineers Availability & Quality

Have you ever found yourself questioning the certifications and experience of an attending Engineer? Have you experienced Engineers turning up onsite late, unprepared and lacking in both customer and technical skills?

With S.O.S you will be able to view the details of Engineers, their Certifications and previous Quality Assurance scores. Therefore any Engineer you book will firstly need to satisfy your exact requirements and those of the end client.  As a result of this function, the quality standards of your organisation will be significantly boosted brining you and your clients’ complete piece of mind.

Sourcing Cisco Engineers from a 3rd party supplier has thus far caused many organisations to seek alternative solutions to their Engineering requirements. Many existing suppliers of Cisco Field Engineers have caused customers to switch suppliers in search of transparent billing and certified Engineers. Perhaps the lesson to learn is to view your clients as partners and understand that there is a direct correlation between fair pricing, quality standards and long-term relationships.

Steve Wood

New Channel Manager Chose 4cornernetworks

In its search for the very best customer service, 4CornerNetworks has hired Cisco sales expert Steven Wood as UK Channel Partner Manager. In this latest update from the senior team, Steven shares his thoughts on why he chose 4CornerNetworks to progress his career, and discusses the plans the company has to ensure its service remains the best: