• Everything You Need to Know About Palo Alto

    Everything You Need to Know About Palo Alto

    October 23rd, 2018
    Read More

    As many organizations realize, changes in the application and threat landscape, user behavior, and network infrastructure are changing! The security that traditional port-based firewalls once provided is often not enough. Users are accessing all types of applications using a range of device types these days. Datacenter expansion, virtualization, mobility, and cloud-based stances are forcing us to rethink how to protect networks.  

    Traditional thinking typically includes an attempt to lock down traffic through an increasing list of point technologies in addition to the firewall, which may hinder your business. Some allow all applications, which results in increased business and security risks. The challenge is that your traditional port-based firewall, even with bolt-on application blocking, does not provide an alternative to either approach. To balance between allowing everything and denying everything, the need to allow applications by using essentials such as the application identity, who is using the application, and the type of content as key firewall security policy criteria.

    A solid starting strategy is to Identify applications, not ports. Classify traffic, as soon as it hits the firewall, to determine the application identity, irrespective of protocol, encryption, or evasive tactic. Then use that identity as the basis for all security policies.        

    Customers of Palo can also link application usage to user identity, not IP address, regardless of location or device. Employ user and group information from enterprise directories and other user stores to deploy consistent enablement policies for all your users.   

    Another huge factor is the ability to protect against threats both known and unknown. Preventing known vulnerability exploits, malware, spyware, malicious URLs while analyzing traffic for, and automatically delivering protection against highly targeted and previously unknown malware is essential to a viable and long-term Firewall project.

    Many customers ask us how they can simplify policy management. With Palo Alto you can safely enable applications and reduce administrative efforts with easy-to-use graphical tools, a unified policy editor, templates, and device groups. Safe application enablement policies can help you improve your security posture, regardless of the deployment location. At the perimeter, you can reduce your threat footprint by blocking a wide range of unwanted applications and then inspecting the allowed applications for threats— both known and unknown. In the datacenter – traditional or virtualized, application enablement results in ensuring only datacenter applications are in use by authorized users, protecting the content from threats and addressing security challenges presented using the virtual infrastructure. Your enterprise branch offices and remote users are protected by the same set of enablement policies deployed at the headquarters location, thereby ensuring policy consistency.

    Businesses can enable applications with Palo Alto Networks next-generation firewalls that help address business and security risks associated with a growing number of applications in your network.

    Deployment and Management application enablement functionality is available in purpose-built hardware platform or in a virtualized form factor. When you deploy multiple Palo Alto Networks firewalls, in either hardware or virtual form factors, you can use Panorama, an optional centralized management offering to gain visibility into traffic patterns, deploy policies, generate reports and deliver content updates from a central location.

    Comprehensive applications require securing your network and growing your business that begins with in-depth knowledge of the applications on your network; who the user is, regardless of their platform or location; what content, if any, the application is carrying. With more complete knowledge of network activity, you can create more meaningful security policies that are based on elements of application, user and content that are relevant to your business. The user location, their platform and where the policy is deployed—perimeter, traditional or virtualized datacenter, branch office or remote user— make little or no difference to how the policy is created. You can now safely enable any application, any user, and any content. Complete Knowledge Means Tighter Security Policies Security best practices dictate that more complete knowledge of what’s on your network is beneficial to implementing tighter security policies.

    Enabling Applications and Reducing Risk Safe application enablement uses policy standards that include application/application function, users and groups, and content as a means determining the right option. At the perimeter, including branch offices, mobile, and remote users, policies are focused on identifying all the traffic, then selectively allowing the traffic based on user identity; then scanning the traffic for threats.

    Protecting Enabled Applications Safe application enablement means allowing access to certain applications, then applying specific policies to block known exploits, malware and spyware – known or unknown; controlling file or data transfer, and web surfing activity. Common threat evasion tactics such as port-hopping and tunneling are addressed by executing threat prevention policies using the application and protocol context generated by the decoders in App-ID. In contrast, UTM solutions take a silo-based approach to threat prevention, with each function, firewall, IPS, AV, URL filtering, all scanning traffic without sharing any context, making them more susceptible to evasive behavior.

    Block Known Threats: IPS and Network Antivirus/Anti-spyware. A uniform signature format and a stream-based scanning engine enables you to protect your network from a broad range of threats. Intrusion prevention system (IPS) features block network and application-layer vulnerability exploits, buffer overflows, DoS attacks, and port scans. Antivirus/Anti-spyware protection blocks millions of malware variants, as well as any malware-generated command-and-control traffic, PDF viruses, and malware hidden within compressed files or web traffic (compressed HTTP/HTTPS). Policy-based SSL decryption across any application on any port protects you against malware moving across SSL encrypted applications.

    Block Unknown, Targeted Malware: Wildfire. Unknown or targeted malware is identified and analyzed by WildFire, which directly executes and observes unknown files in a cloud-based, virtualized sandbox environment. WildFire monitors for more than 100 malicious behaviors and the result is delivered immediately to the administrator in the form of an alert.

    Data filtering features also enable your administrators to implement policies that will reduce the risks associated with unauthorized file and data transfers. File transfers can be controlled by looking inside the file to determine if the transfer action should be allowed or not. Executable files, typically found in downloads can be blocked, by this means protecting your network from unseen malware. Data filtering features can detect and control the flow of sensitive data patterns (credit card or social security numbers).

    Ongoing Management and Analysis Security say that your administrators should balance between proactively managing the firewall, whether it is a single device or many hundreds, and being reactive, analyzing, and reporting on security incidents.

    Each Palo Alto Networks platform can be managed individually via a command line interface (CLI) or full-featured browser-based interface. For larger deployments, Panorama can be licensed and deployed as a centralized management solution that enables you to balance global, centralized control. Role-based management is supported across all channels, allowing you to assign features and functions to specific persons. Predefined reporting can be used as-is, customized, or grouped together as one report to suit the specific requirements. All reports can be exported to CSV or PDF format and can be executed and emailed on a scheduled basis.

    Real-time log filtering facilitates rapid forensic investigation into every session traversing your network. Log filter results can be exported to a CSV file or sent to a syslog server for offline archival or additional analysis.

    Palo Alto Networks offers a full line of purpose-built hardware or virtualized platforms that range from the PA-200 designed for remote offices, to the PA-5060, which is designed for high-speed datacenters. All this is based on a software engine and uses processing for networking, security, threat prevention and management to deliver you predictable performance. Please consider HA Inc as your enterprise level networking solution provider as you approach future projects or have interest in learning more about what Palo Alto has to offer!

  • High Availability, Inc. Named CRN® Triple Crown Award Winner

    High Availability, Inc. Named CRN® Triple Crown Award Winner

    October 8th, 2018
    Read More

    High Availability, Inc. Named CRN® Triple Crown Award Winner
    Fifth Annual Award Program Recognizes Standout Solution Providers


    Audubon, PA, October 8th, 2018 – High Availability, Inc. today announced that CRN®, a brand of The Channel Company, has recognized High Availability, Inc. for earning it’s 2018 Triple Crown Award. This year 46 solution providers in North America reached the qualifying revenue, growth, and technical expertise to be named on three of CRN’s prestigious solution provider lists, earning them the Triple Crown Award this year.   


    Each year CRN announces lists and rankings to distinguish solution providers who are outshining their peers in the IT channel. It is a great accomplishment for a solution provider to make any one of these lists; so being named in three, as this year’s Triple Crown winners have been, deserves special acknowledgement. This year’s CRN Triple Crown Award winners rank among the largest IT solution providers by revenue in North America on the Solution Provider 500 list; are among the fastest growing organizations in the channel today on the Fast Growth 150 list; and have made the Tech Elite 250 list by receiving the highest level certifications from leading vendors.


    “Each Triple Crown award-winner has simultaneously generated high enough revenue to be ranked on the Solution Provider 500 List, achieved double- or triple-digit revenue growth for recognition on the Fast Growth 150, and devoted significant time and effort to top certifications to attain Tech Elite 250 status,” said Bob Skelley, CEO of The Channel Company. “Congratulations to each one of these high-achieving companies who continue to raise the bar for success in the IT Channel.”


    The 2018 Triple Crown Award winners will be featured in the October issue of CRN and can be viewed online at


    High Availability, Inc. is a premier solution provider and integrator of data center products and cloud services. High Availability, Inc. solves complex business challenges by architecting and implementing forward-thinking technical solutions, while forming trusting, collaborative relationships. By taking a hands-on, consultative approach, the High Availability, Inc. team creates custom tailored systems and solutions to fit both current requirements and future IT and business needs.




    Media Contact:

    For more information about High Availability, Inc., please contact Liz Thompson, Marketing Manager, at (610) 254-5090 ext. 256 or

  • High Availability, Inc. Joins NVIDIA Partner Network to Provide Deep Learning, High Performance Computing, and GPU Virtualization for Customers

    High Availability, Inc. Joins NVIDIA Partner Network to Provide Deep Learning, High Performance Computing, and GPU Virtualization for Customers

    October 3rd, 2018
    Read More

    High Availability, Inc. Joins  NVIDIA Partner Network to Provide Deep Learning, High Performance Computing, and GPU Virtualization for Customers

    Audubon, PA, October 3rd, 2018 - High Availability, Inc., a premier solution provider and integrator of datacenter products, announced today that it has been accepted into the NVIDIA Partner Network as an official NVIDIA Solution Provider. High Availability, Inc. has been named a Preferred NPN Solution Provider for deep learning, high performance computing, and GPU virtualization.

    Deep learning uses the power of GPUs to enable computers to learn from data and write software to solve some of the most complex problems in computer science. High Availability, Inc. is one of a select set of authorized NVIDIA resellers in the nation, and one of two resellers in the Philadelphia area with an NVIDIA Deep Learning specialization.

    High performance computing focuses on leveraging NVIDIA GPU-accelerated computing to deliver scientific breakthroughs and game-changing innovations for the higher education, government, and industrial market segments.

    GPU virtualization leverages NVIDIA GRIDTM technologies to manage graphics in the cloud. NVIDIA GRID is designed for organizations benefiting from graphics-accelerated desktop and application virtualization.

    “It’s time for businesses to get more out of their data! Machine learning and deep learning bring a new era of intelligence, automation and efficiencies that will allow our customers to achieve new heights,” said Jarett Kulm, Principal Technologist at High Availability, Inc.  “High Availability, Inc. is very excited about being named a NVIDIA Preferred partner as their revolutionary technologies will enable our customers to leverage artificial intelligence today and in the future.”

    High Availability, Inc. is a premier solution provider and integrator of data center products and cloud services. High Availability, Inc. solves complex business challenges by architecting and implementing forward-thinking technical solutions, while forming trusting, collaborative relationships. By taking a hands-on, consultative approach, the High Availability, Inc. team creates custom tailored systems and solutions to fit both current requirements and future IT and business needs.


    Media Contact:

    For more information about High Availability, Inc., please contact Liz Thompson, Marketing Manager, at (610) 254-5090 ext. 256 or

  • High Availability, Inc. Hosts 16th Annual Golf Outing

    High Availability, Inc. Hosts 16th Annual Golf Outing

    September 20th, 2018
    Read More

    Last Thursday, the mid-Atlantic region’s top IT professionals gathered for High Availability, Inc.’s Annual Golf Outing at the Downingtown Country Club. The event, which is now in its 16th year, is a customer appreciation event through and through. It brings our top clients, the entire H.A. team, and leading IT vendors together to kick-back, play a round of golf, and enjoy a few specialty drinks and craft beers!

    The day began with a shotgun start, which sent golfers on their way to the course. Each platinum-level sponsor had a branded tent on a designated hole, with activities and beverages to keep golfers entertained. In fact, golfers were often seen taking breaks from their round of golf to play a game of flip at the Rubrik tent, hydrate with a Pure Smokin’ Fast Bourbon at the Pure Storage tent, or battle it out at the Cohesity tent with rounds of Baggo or Lawn Jenga.

    After golf, attendees enjoyed a buffet lunch while Steve Eisenhart, CEO of High Availability, Inc., raffled off pro-shop gift cards, an Optishot 2 Golf Simulator, an Echo Dot, and even a Zepp Golf 2.0 Swing Analyzer. Our sponsors even got a chance to get in on the action with an elimination-style beer pong tournament.

    We already can’t wait for next year!

    A special thank you to our sponsors:


    • Cisco
    • NetApp
    • Pure Storage
    • Quantum
    • Park Place Technologies
    • Cohesity
    • Rubrik
    • Commvault


    • Veeam
    • Procurri
    • Schneider Electric
    • Riverbed
    • Crown Castle
    • Zerto

    Click Here to see event pictures.


  • Nutanix Beam – Multi-Cloud Management & Optimization

    Nutanix Beam – Multi-Cloud Management & Optimization

    September 19th, 2018
    Read More

    On March 1, 2018, Nutanix acquired Minjar Inc (the maker of Botmetric, a service that provides customers with unified cost control and enhanced visibility into their workloads running in public clouds.)  Botmetric, along with Minjar’s other cloud solutions SmartAssist Assurance and SmartAssist Managed Cloud, help enterprises embrace the cloud effectively and optimize their multi-cloud environments for performance and cost.

    On May 9, 2018, Nutanix announced Nutanix Beam which leverages code from Minjar Inc’s acquisition.  Beam is a multi-cloud cost optimization service delivered by Nutanix to help organizations gain visibility into cloud spend across multiple cloud environments. Beam enables organizations to multi-cloud with freedom.

    Nutanix Beam provides customers the following:

    Cost Visibility and Cloud Optimization: Provides businesses with deep visibility into their multi-cloud environment and ability to optimize cloud with one-click. With Beam, you can set policies that continuously maintain high levels of cloud cost efficiency.

    Centralized Financial Governance: Beam provides cloud operators and business owners with appropriate tools and controls to track overall cloud spend and map consumption to business units easily.

    Intelligent Consumption Planning: Beam uses machine intelligence and recommendation algorithms to analyze workload patterns and continuously suggest optimal purchasing decisions for cloud resources.

    Continuous Security Compliance: Beam enhances security management by automating cloud security compliance checks using built-in templates for security policies

    Nutanix is taking what was at first an on-prem hyperconverged platform purpose built for virtual workloads and rapidly expanded their capabilities to handle block services, files services, container services and soon to be object services.  When you look at these advancements plus tools like Nutanix Flow (software define network offering), Nutanix CALM (native application orchestration and lifecycle management), Nutanix Xi (DRaaS offering going GA later this year) and now Nutanix Beam (cloud management and optimization), it is clear that Nutanix is not just an HCI platform solution but rather an enterprise cloud solution helping customers put their data where it makes the most sense to their business while maintaining the same level of operational simplicity.

  • Pending Microsoft Price Hikes May be Your Office 365 Catalyst

    Pending Microsoft Price Hikes May be Your Office 365 Catalyst

    September 17th, 2018
    Read More

    Looming price increases from Microsoft are designed to make cloud skeptics and organizations with large on-premises footprints take another look at moving to the cloud.


    In a recently published article, Microsoft has made clear that they will be raising the price of Office 2019 by ten percent beginning October 1. According to a Microsoft spokesperson, this price jump "represent(s) the significant value added to the product over time and ... better reflect costs and customer demand and align with cloud pricing”


    Price isn’t the only thing changing. According to this announcement, beginning with Office 2019, the normal support lifecycle of five years mainstream plus five years extended support is being trimmed down to just two years of extended support. In addition, Microsoft will only support Office 2019 on Windows 10, not Windows 7.


    If these changes to Office are not cause enough to reassess your cloud strategy and timelines, get ready to see an increase in your on-premises server licensing costs as well. Come October 1 Windows Server 2019 Operating System licenses, “Productivity” server licenses, such as Exchange, SharePoint and Project Server, and Client Access Licenses (CALs) that enable personal computers to connect and access information on Microsoft servers, and Enterprise CAL and Core CAL suites will all see a ten percent price jump.


    Never a Better Time to Migrate

    For organizations who continue to hold on to their on-premises infrastructure, the handwriting is on the wall: at least some workloads should be transitioned to the cloud. This price hike from Microsoft presents an opportunity to create a migration strategy designed to modernize your business, increase scalability and flexibility, plus save money in the long run.


    Partner for Success

    A properly designed and implemented migration to Office 365 and Azure is key to your org’s success and you should not go it alone. Working with an experienced Microsoft partner will allow you to plan the proper migration strategy, prepare your end users and ensure a smooth cloud transformation while controlling potential runaway costs usually found in the “DIY” model.

    High Availability is a Microsoft Gold Partner with experience Office 365 and Azure migration specialists who will work together with your IT team to ensure a well-crafted migration that minimizes user impact, reduces downtime (and costs), and gets all your data to the cloud successfully. Contact us today to find out how to begin your cloud transformation.

  • High Availability, Inc. Named Best Place to Work in Pennsylvania

    High Availability, Inc. Named Best Place to Work in Pennsylvania

    September 12th, 2018
    Read More

    High Availability, Inc. Named Best Place to Work in Pennsylvania

    Audubon, PA, September 12th, 2018 - High Availability, Inc. has been named one of the Best Places to Work in PA for 2018. The awards program, created in 2000, is one of the first statewide programs of its kind in the country. The program is a public/private partnership between Team Pennsylvania Foundation, the Pennsylvania Department of Community and Economic Development, the Pennsylvania State Council of the Society for Human Resource Management, and the Central Penn Business Journal. 

    This survey and awards program was designed to identify, recognize and honor the best places of employment in Pennsylvania, who are benefiting the state's economy and its workforce. Employers are categorized based upon the total number of employees they have in the United States, 15 to 99 employees, 100 to 250 employees, or more than 250 employees.

    To be considered for participation, companies had to fulfill the following eligibility requirements:

    • Be a for-profit or not-for-profit business
    • Be a publicly or privately held business
    • Have a facility in Pennsylvania
    • Have at least 15 employees working in Pennsylvania
    • Be in business a minimum of one year

    Companies from across the state entered the two-part process to determine the 100 Best Places to Work in PA. The first part of this process was evaluating each nominated company's workplace policies, practices, philosophies, systems and demographics. This part of the process was worth approximately 25% of the total evaluation. The second part consisted of an employee survey to measure the employee experience. This part of the process was worth approximately 75% of the total evaluation. The combined scores determined the top companies and the final ranking. Best Companies Group managed the overall registration and survey process.

    High Availability, Inc. will be recognized at the Best Places to Work in PA awards banquet on Thursday, November 29, 2018, at the Lancaster County Convention Center in Lancaster, PA. Rankings will be revealed at the ceremony. Tickets may be purchased online at

    In addition to the public/private partnership, the program is supported by the following organizations: Presenting Sponsor – Highmark; Lead Sponsor—Team Pennsylvania Foundation; Major Sponsors—Bybel Rutledge, Robertson Insurance & Risk Management, Spooky Nook Meeting & Events & S&T Bank; Founding Partners—Team Pennsylvania Foundation, the Pennsylvania State Council of the Society for


    Human Resource Management, and the Central Penn Business Journal; Program Partners—The Department of Community and Economic Development and PA SHRM.

    For more information on the Best Places to Work in PA, visit or contact Emily Winslow, event coordinator at the Central Penn Business Journal at 717-323-5268 or High Availability, Inc. is a premier solution provider and integrator of data center products and cloud services.

    High Availability, Inc. solves complex business challenges by architecting and implementing forward-thinking technical solutions, while forming trusting, collaborative relationships. By taking a hands-on, consultative approach, the High Availability, Inc. team creates custom tailored systems and solutions to fit both current requirements and future IT and business needs.


    Media Contact:

    For more information about High Availability, Inc., please contact Liz Thompson, Marketing Manager, at (610) 254-5090 ext. 256 or

  • Nutanix Flow with Microsegmentation

    Nutanix Flow with Microsegmentation

    August 22nd, 2018
    Read More

    Nutanix flow is like your left hand and Microsegmentation is your right. You can use one without the other, but it sure will make your life more difficult.  Using Flow for the first time totally opened my eyes. I could finally see, in complete detail, which computers and ports are talking to an application stack. No more "Let’s lock down that windows firewall port and see what happens.” Now you can finally see in real time what’s coming in and going out from a server. Once you have that wonderful knowledge. Simply switch from monitoring mode to applied.  That’s when Microsegmentation (VM firewall) applies all the rules that were already discovered. Let’s not short change Microsegmentation. Not only can it apply VM firewall rules to a cluster, it treats multiple clusters as single firewall entity. It doesn't even matter if its across geographic sites. No Nutanix configuration changes are needed when moving a VM from site A to site B. Normally providing east/ west firewall rules would be a dauting task. Luckily, it’s no longer the case with Nutanix Flow and Microsegmentation. In fact, having Microsegmentation could have potentially saved several of my customers from CryptoLocker ransomware this year. Attacks are usually spread easily once inside the network. This is another way to keep the bad guys away from talking to servers that they shouldn’t have access to. Now let’s get to some examples.

    Note: To minimize the length of this blog, I won’t be showing all steps that are required to setup Nutanix Flow with Microsegmentation.



    • Client VMs have no protocol/ port restrictions to web servers
    • Use Nutanix Flow to view network traffic to and from web servers
    • Use Nutanix Microsegmentation to only allow the following:
      • Port 80 traffic inbound to web servers
      • Block all communication between Web servers
      • Only allow ICMP outbound from web servers to client VMs



    • Prism central with at least 32 GB memory
    • AOS 5.5 or later
    • AHV 20170830.58 or later. Not supported with VMware or Hyper-V.


    VM Environment.

    • AppA_Client1    IP Address
    • AppA_Client2    IP Address
    • AppA_Web1      IP Address
    • AppA_Web2      IP Address


    Step 1. Create some categories. Categories are a way to logically group a set of VMs

    • AppType: AppA_Client
    • AppType: AppA_Client_Tier
    • AppType: AppA_Web
    • AppType: AppA_Web_Tier



    Step 2. Apply categories to VMs


    The following categories have been applied to VMs:

    • AppA_Client1 and AppA_Client2
      • APPTier:AppA_Client
      • APPTier:AppA_Client_Tier
    • AppA_Web1 and AppA_Web1
      • APPTier:AppA_Web
      • APPTier:AppA_Web_Tier



    Step 4. Create Security policies


    “Security policies are applied to categories (a logical grouping of VMs), and not to the VMs themselves.

    Therefore, it does not matter how many VMs are started up in a given category. Traffic associated with

    the VMs in a category is secured without administrative intervention, at any scale.”



    Port 80 is allowed to all VM’s that are in AppA_Web_Tier category.



    Summary of security policy:

    • All VMs in AppA_Client_Tier will have access to AppA_Web_Tier on port 80
    • VMs in AppA_Web_Tier cannot talk to each other.
    • VMs in AppA_Web_Tier have no outbound access
    • Monitoring mode is only being applied so there won’t be any restrictions



    Pinging from AppA_Client1 to the two web servers. Its successful because there is no blocking.


    This is where Nutanix Flow shines:

    • Dotted blue lines to AppA_Web_Tier shows web port 80 traffic.  This is allowed.
    • Dotted inbound yellow lines to AppA_Web_Tier shows pings from VMs in AppA_Client_Tier. Only web traffic port 80 is should be allowed. Policy is still in monitoring mode, so all traffic is allowed inbound.
    • Dotted outbound yellow lines from AppA_Web_Tier are pings to VMs in AppA_Client_Tier. This has not been approved. AppA_Web_Tier should have no outbound access. Policy is still in monitoring mode, so all traffic is allowed outbound.
    • All the other outbound dotted yellow traffic are connections to DNS, DHCP, and pings to internet. In a production environment we would evaluate what dependencies are needed. Wanted to demonstrate how Nutanix Flow will find other dependencies.
    • Hovering over dotted lines gives additional detail information on source IP/port.

    Step 5. Apply security policy.

    • AppA_Client_Tier VM’s will only have port 80 access to AppA_Web_Tier VMs
    • Allowed all outbound traffic to subnet



    Security Policy Results:


    Can no longer ping VMs in AppA_Web_Client_tier. Notice that web traffic still works to AppA_Web_Client_tier.


    VMs in AppA_Web_Client_tier cannot ping each other nor to per policy. Can only ping VMs in AppA_Client_tier. Everything is working as expected since security policies have been applied.

Join the High Availability, Inc. Mailing List