Firewall Management
DataBP Continuous Data Protection

Making Networks Work.

Need assistance from the Help Desk? Use the 5 W's to make things go more quickly and smoothly!

    Announcing a Special Promotion for the Cisco 2900 Router Upgrade

    Cisco has announced the End of Life for the 2900 series routers. Your credit union may currently have these routers in use for connectivity to CU*Answers.

    To assist credit unions in upgrading this equipment, CU*Answers will be offering a special discount until March 31st.  This discount will reduce the router from its normal price of over $3,200 to $2,900, for a savings of over $300.  We will also discount the installation labor from $500 to $250.

    Visit the Store to Sign Up Today

    Please note: if your Cisco 2900 has a dedicated MPLS circuit, additional equipment may be required.  If this is the case for your credit union, please reach out to confirm with our team, or contact us with any questions you might have at: helpdesk@cuanswers.com.

    A Note From the Help Desk: SonicWall Global Management System Maintenance

    ATTENTION NETWORK SERVICES FIREWALL MANAGEMENT CLIENTS

    SonicWALL Global Management System Maintenance

    What Are We Doing?

    We will be upgrading the Sonicwall Global Management System (SGMS).

    Why Are We Doing This?

    This is a maintenance release that contains bug fixes and will keep us current with vendor support.

    When Are We Doing This?

    This upgrade will be deployed on Sunday, March 14th, starting at 12:00 PM ET and will conclude at Midnight ET.

    How Will This Impact You?

    During the maintenance period the system will be intermittently unavailable.

    All log collection will be paused and this will be reflected on the reports with no data summarized during the maintenance period.

    What Do You Need To Do?

    There is no action required on your part.  Please note that this maintenance does not interrupt the security services running on the firewalls in any way.

     

    If you have questions or concerns, please contact the Help Desk at extension 266, or by email.

    A Note from Network Services: Patching Completed for the Recent UNIX and Linux Sudo Vulnerability

    On Tuesday, January 26, a vulnerability was announced which affected UNIX and Linux operation systems running Sudo versions prior to 1.9.5p2.  This vulnerability affected user privilege management services.  For further details on this, please refer to our previous announcement.

    We have patched all CU*Answers and client servers affected by this vulnerability.  Guapples, which are not impacted by this vulnerability, will be patched during regularly scheduled maintenance.

    If you have any questions please contact the Help Desk at extension 266, or by email.

    A Note from Network Services on the Recent UNIX and Linux Sudo Vulnerability

    Yesterday, January 26, a vulnerability was announced affecting UNIX and Linux operating systems running Sudo versions prior to 1.9.5p2.  This vulnerability affects user privilege management services.

    Initial reports indicate this vulnerability is difficult to exploit remotely, and there is no evidence this vulnerability has been used to attack any systems managed by CU*Answers.  As with any large-scale vulnerability, CU*Answers is invoking its Incident Response Protocol to manage remediation of the issue.

    CU*Answers Own Systems: Due to compensating controls, CU*Answers views this event as low risk to our environment. We are inventorying our services and have begun applying updates as necessary.  At this time, we do not expect any credit union or member services will need to be taken offline in order to apply the required patches.

    CU*Answers Managed Clients: If you are a client whose servers are managed by CU*Answers, we will contact you individually if you have any systems we are aware require patching to set up a schedule.

    GUAPPLES: Due to their configurations, GUAPPLEs are not at risk from this vulnerability, however they will be receiving this update as part of our normal management and maintenance processes.

    All Clients: We recommend your IT teams inventory your UNIX and Linux systems to determine whether these systems could be compromised by the vulnerability, and to patch these systems in accordance with your credit union’s patching policies.

    You can read more details about this vulnerability by clicking hereIf you have any questions please contact the Help Desk at extension 266, or by email.

    AdvantageCIO launches merger technology planning service

    AdvantageCIO, a division of CU*Answers, recently announced it has launched a new credit union merger technology planning service to guide executives through the challenges of combining disparate networks into one secure and cost-effective combined network.

    The service reviews existing network configurations at both credit unions, inventories equipment and communications, identifies areas for optimization, and provides a road map for successful and cost-effective use of technology to help make the merger a success.

    “Credit union mergers are complicated. There are myriad considerations for executives to navigate,” explains David Wordhouse, EVP of Technology at CU*Answers. “We approach this service from the business perspective, filter out the noise and provide a clear plan for what it will take to stick together a combined network in a secure fashion while trimming the fat and optimizing capital expenditures.”

    “Our service inventories equipment, determines remaining useful life and potential upcoming headaches, reviews communications strategies to identify areas for savings, assess remote employee connectivity and security, backups, WiFi, and more.”

    The service is available now from AdvantageCIO. To order or for more information, visit the AdvantageCIO store.

    A Note from Network Services: A Follow Up on the Recent Orion SolarWinds Vulnerability

    Many of our clients continue to be pressured by state and federal regulators regarding the Orion SolarWinds breach, and have asked CU*Answers for additional clarification regarding our process since announcement of the attack.  As you may recall, CU*Answers announced on December 16 that we do not use Orion SolarWinds and are not directly affected by this breach.

    The background on the breach is that the SolarWinds attack has likely been ongoing since March of 2020.  SolarWinds is a company supplying a product called Orion which is a network monitoring service to thousands of companies as well as many agencies of the federal government.  At this point it is deemed a supply chain problem and will take months if not years to determine the full impact.  For a more detailed understanding of the breach please see the following from Homeland Security:  https://www.dhs.gov/news/2020/12/17/joint-statement-fbi-cisa-and-odni

    CU*Answers has a process for vendor risk management and evaluation.

    1. AuditLink reviews our most recent vendor risk assessment, and determines which vendors should be contacted.  These are Tier 1 and Tier 2 vendors primarily, having access to member information.
    2. AuditLink and Network Services reaches out to specific vendor representatives and ask for an attestation that they have done their review of their own systems and vendors to determine if Orion is used throughout their networks.
    3. AuditLink and Network Services keeps Executive Management informed of any updates requiring engagement of our Incident Response Protocol.
    4. AuditLink updates our vendor management portal as needed.
    5. Internal Audit works with AuditLink and Network Services to document our efforts and inform the Board of Directors of any identified risks and actions.

    As the breach continues to unfold, AuditLink requests our credit unions to update us with any relevant communications they may receive from their vendors or supply chains.  As mentioned in our communication of December 16, should CU*Answers learn a third-party vendor is affected, CU*Answers will respond in accordance with its contractual obligations to clients, any applicable laws, and its own internal Information Security Program.

    If you would like to discuss your approach to managing or monitoring this breach with your critical vendors, do not hesitate to reach out to AuditLink.

    Have a question for CU*Answers? Who do you call?

    At CU*Answers, we know how important it is that your Credit Union gets the appropriate help in order to meet your day-to-day data processing needs.  When you don’t know exactly who to call, we recommend that you get started by reaching out to either the Client Services and Education Team or the Network Services Team.

    The Client Services and Education Team specializes in a number of areas.  From the client perspective, we are the frontline for software questions, education and to some extent, light consulting.

    Learn More

    Meet the Team

    Have questions?  If you can’t find your answer among the existing Knowledge Base items, you can submit a question of your own via the Answer Book.  In fact, we encourage you to use the Answer Book for any question you need to ask of a Client Service Representative.

    The Answer Book is a secure site where you can communicate questions to our Client Service staff.  That means you can include any details you like – even member account numbers or other private details you would normally never include in a regular unsecured email – and the data will remain private and secure.

    If you are not registered for Answer Book, please give us a call at 800.327.3478 ext. 255 for registration details.

     

    CU*Answers Network Services is a managed technology service provider, specializing in cybersecurity, business continuity, high availability, hardware, software, and services sales and support.  Our AdvantageCIO division provides strategic technology planning, IT compliance, risk management and virtual CIO services.  We bring over 17 years of experience and serve more than 200 credit unions and financial firms across the country.

    Learn More

    Meet the Team

    Have questions?  Please log into Helpdesk.  If you would like to request access, please contact CU*Answers Network Services for assistance at helpdesk.cuanswers.com.

     

    Getting in touch with CU*Answers is easy!  We even have a brochure that can inform you of “Who’s Who” within our organization.  To start up a conversation, click here to view our list of contacts.

    A Note From the Help Desk: SonicWall Global Management System Maintenance

    ATTENTION NETWORK SERVICES FIREWALL MANAGEMENT CLIENTS

    SonicWALL Global Management System Maintenance

    What Are We Doing?

    We will be performing an upgrade to the platform that manages and reports on firewall and remote access activity, the SonicWall Global Management System (SGMS).

    Why Are We Doing This?

    We are performing this upgrade to ensure the continued reliable operation of the SonicWall Global Management System.

    When Are We Doing This?

    This upgrade will be deployed on Monday, January 4th, starting at 3:00 AM ET and will conclude at 7:00 AM ET.

    How Will This Impact You?

    During the maintenance period the system will be intermittently unavailable.

    All log collection will be paused and this will be reflected on the reports with no data summarized during the maintenance period.

    What Do You Need To Do?

    There is no action required on your part.  Please note that this maintenance does not interrupt the security services running on the firewalls in any way.

     

    If you have questions or concerns, please contact the Help Desk at extension 266, or by email.

    A Note From the Help Desk: SGMS Firewall Management

    ATTENTION NETWORK SERVICES FIREWALL MANAGEMENT CLIENTS

    SGMS Firewall Management

    What Happened?

    On December 13th, we performed an upgrade of the Sonicwall Global Management System (SGMS).  Following this upgrade, it was discovered that the task execution functionality was not working properly.

    How Will This Impact You?

    Options for logging and reporting were not impacted by the 12/13 upgrade.  We are reaching out to you because you have accounts in SGMS that allow you to review firewall configuration and, in some cases, make changes.  What this means for you is the following:

    • Configuration information within SGMS may only reflect the configuration of the firewall as of 12/13.
    • Making changes via SGMS is dependent on the task functionality and this is currently not working.

    What Do You Need To Do?

    While we work with the vendor to resolve the issue, we are asking your credit union to work directly with CNS to make these changes or confirm configuration of the firewall.  Please give us a call or send us an email to start a ticket to have these changes made.  We can be reached via phone at (800) 327-3478 x266 or via email at helpdesk@cuanswers.com.

    A Note from Network Services Regarding the Recent Orion SolarWinds Vulnerability

    CU*Answers has received inquiries from clients regarding the much-publicized Orion SolarWinds vulnerability, and the risk this potential breach may present across the cooperative.  CU*Answers does not use or manage the Orion SolarWinds product internally or at any client sites.  If your credit union is affected by the Orion SolarWinds vulnerability, we recommend taking steps provided by the Department of Homeland Security (https://cyber.dhs.gov/ed/21-01/).

    Should CU*Answers learn a third-party vendor is affected, CU*Answers will respond in accordance with its contractual obligations to clients, any applicable laws, and its own internal Information Security Program.

    CU*Answers Network Services is a full-service network technology solutions provider. We specialize in LAN/WAN design, implementation and management; network security; firewall management; IP telephony VOIP (voice-over-Internet protocol) solutions; records management; managed hosting solutions (facilities management), compliance and security audits (HIPAA/GLBA/SOX); high availability solutions; web site engineering, and hardware sales and support services. CU*Answers Network Services provides services to the education, retail, legal, medical, real estate, hospitality, and financial services industries as well as court systems and regional municipalities. Our financial services portfolio includes servicing over 150 credit unions across the country.

    Why CU*Answers Network Services?

    • Nationwide Network Reach: 24/7 real-time monitoring and management of thousands of devices and hundreds of networks across the U.S.
    • Compliance Expertise: policy development, implementation, and consulting for highly regulated industries
    • Proven high availability solutions for critical applications: hosted or on-premise
    • Custom, secure web application development by certified experts
    • Multiple state-of-the-art data centers
    More than just a service provider, we're an extension of your staff with the expertise to cut through the confusion and deliver the solutions you need at a price you can afford. Rest assured that if our team can deliver to the exacting standards required by highly regulated industries, CU*Answers Network Services can meet your needs too.
    www.cuasterisk.com | Phone: 616.285.5711 | Toll Free: 800.327.3478 x167 | Fax: 616.285.5735