k12tech Web Logov2

  • Trinsio
    • Shane Ralls - Solutions Manager
      This email address is being protected from spambots. You need JavaScript enabled to view it. - 385-283-1804
    • Tim Tucker - Solutions Engineer
      This email address is being protected from spambots. You need JavaScript enabled to view it. - 385-283-1803
    • Network Threat Assessment identifies, counts, and qualifies unwanted incoming and outgoing IP traffic without needing direct access to your network or assets. It uses data from over 50 curated bad actor lists maintained by the cyber intelligence community. To perform the assessment, Trinsio requires firewall traffic logs covering at least 24 hours, containing source IP, destination IP, and whether the firewall allowed or blocked the traffic. No direct firewall access is required.
    • Trinio, a cybersecurity solutions company, presented their services.
    • Their assessment analyzes inbound and outbound IPs through syslogs to identify malicious activity.
    • The assessment is free and comes with no obligations.
    • They only work with municipalities and school districts nationwide.
    • The assessment does not require any downloads on endpoints or network access.
    • They analyze the data against a vast threat intelligence database, "Threader," which compiles information from over 50 vendors.
    • The assessment focuses on identifying malicious IPs with a 90% or higher threat confidence score.
    • Results are typically available within 3-5 business days after data submission.
    • The assessment includes:
      • Quantifying malicious traffic percentage.
      • Identifying geographical origins of connections.
      • Categorizing threats based on behavior.
      • Providing specific examples of concerning IPs, including details like country of origin, threat category, number of connections, and time frame.
    • Based on the assessment, Trinio provides no-cost or low-cost recommendations, like:
      • Enabling or reviewing geo-blocking configurations.
      • Upgrading firewall firmware.
      • Reviewing firewall access policies.
      • Blocking specific high-risk IPs.
    • They offer a 30-day, no-cost proof of concept for a more in-depth analysis of malicious connections.
    • Trinio also offers a threat intelligence gateway appliance as a paid solution.
      • The appliance sits at the network edge, actively blocking malicious traffic in real-time.
      • It uses the same intelligence platform as the assessment.
      • Users can customize threat risk thresholds and manage allow/block lists.
      • The appliance is available through annual or month-to-month licensing based on bandwidth utilization.
      • A 30-day free trial is available for the appliance.
  • Individual Updates from Attendees

    • Daniel replaced all school switches with Meraki switches.
    • Sarah is working on implementing a new bus camera software called "Armor."
    • Mr. Shelling experienced issues with Infinite Campus, which he suspects might be regionally related to ISPs.
    • Mr. Shelling is exploring Raspberry Pi for digital signage using Yodek and Pi Signage as potential solutions.
    • He is also considering building a NAS box for offsite backups.
    • Mr. Shelling encountered challenges with pursuing further education due to requirements for outdated transcripts and a preference for full-time students.
    • Mr. Foley is dealing with malfunctioning bus cameras from Rosco.
    • He also shared about an Apple TV OS update causing AirPlay issues in their Apple school environment