Closed cloud perimeter for direct SSH access, adjusted firewall policies.
Mail client to support Microsoft 365, IMAP, PGP encryption/signing and S/MIME encryption/signing.
Speech recognition engine MacWhisper run locally (data remains local)
Tested Calendar BusyCal as alternative to native MacOS Calendar.
Deployed an open-source web-commerce web application 'opencart' in GCP with Cloud SQL as backend.
Protected above-mentioned with Multi-Factor Authentication (MFA) before web application configured on nginx+google authenticator module (users and tokens via PAM (/etc/ga-secrets)).
Participated on SUSE Partner event in RIYADH (organized by Ingram, thanks for invite, guys)
Database server EnterpriseDB PostgreSQL Extended Server (edb-pge)
Setting up Transparent Data EncryptionÂ
Setting up Replication to the second serverÂ
Enabling High Availability (HA) with EnterpriseDB Failover Manager (edb-efm)
SIP phone Grandstream WP816 firmware upgrade
VPN tunnel between on-prem and cloud environments using Cisco ASA5505 to OPNsense
Obtaining and activating Free 3DES-AES license from CIsco
Upgrading from v8.2 to minimum v8.4 (but did till v9.1(7)32) to support IKEv2 and IPsec
Install TFTP server/client on Windows XP (tftpd32 by Philippe Jounin amd PumpKIN by Klever Group)
Network Printer HP LaserJet 1320dn configuration for ability to print remotely (behind VPN)
Began a list of software with latest supported versions (for Windows XP, MacOS High Sierra and similar classics because they are still in use)
DDoS defender fail2ban: fine-tuned to send mail notifitications.
Deployed Web Application Firewall 'modsecurity' as module for nginx webserver to protect applications.
No Comments