Cisco Periodic Reboot Using Perl

A request to reboot a Cisco ASA every week came in today. Under Cisco IOS there is a kroon which would accommodate us here, however there appears to be no such thing under the ASA OS (is it still called FOS?). The next best thing is to run a Perl script which utilises the Net::SSH::Expect module to negotiate the SSH login.

As we are using an ASA without any kind of AAA usernames we also need to get past uplifting our privileges using en.

I’m on a FreeBSD server so I need to install the correct Perl module via the ports first:

# cd /usr/ports/net/p5-Net-SSH-Expect/

# make install

Now we can write and test the script:

#! /usr/bin/perl -w

 

use strict;

use Net::SSH::Expect;

 

my $host_ip = “1.1.1.1”;

my $login_name = “xxxx”;

my $login_password = “yyyy”;

my $en_password = “zzzz”;

 

my $ssh = Net::SSH::Expect->new (

host => $host_ip,

password=> $login_password,

user => $login_name,

raw_pty => 1

);

 

my $login_output = $ssh->login();

if ($login_output !~ /Type help/) {

die “Login has failed. Login output was $login_output”;

}

 

$ssh->send(“en”);

$ssh->waitfor(‘Password:’, 1) or die “prompt ‘Password:’ not found after 1 second”;

$ssh->send($en_password);

$ssh->exec(“reload noconfirm”);

Add the script to the crontab and we’re away!

BYOD Is On The Rise, Are You In?

 

BYOD (Bring Your Own Device) is on the increase, in particular amongst SMEs.  Essentially, BYOD is allowing employees to use their own devices for business use from synching a mobile to the company’s systems, to bringing in their own device and using it in their day to day work, connecting to the company’s network and storing company data on the device.

Aside from the cost saving implications for businesses, studies have found that allowing BYOD can increase employee confidence in device usage, also increasing employee productivity and overall satisfaction in the workplace.

The downside to BYOD comes in the form of security.  Few companies are aware of the risks involved in allowing an employee to connect their personal device to a network, and fewer still have a BYOD policy in place.  Allowing BYOD means allowing company data to be stored on a non-company owned device, which means data is only as secure as the measures in place on that device.  There is also the increased risk of virus infection, particularly when allowing devices to be connected to the company network.

Balancing the need between employee productivity and security is the difficulty most organisations face when using BYOD.  Risks can be mitigated by using applications delivered from a hosted Citrix platform to employee devices, as the data is stored centrally and strong policies can be implemented as to how and where the data is accessed.  Mobile Device Management (MDM) software also allows service providers to manage the delivery of applications and content to BYOD devices securely.  These measures significantly reduce the dangers of data being lost or compromised, decreasing the physical movement of the data itself, and preventing other users of the device accessing this information.  There is also lower risk of data breach should the device be lost or stolen.  Having a clear, well defined BYOD policy in place covering security measures will further increase successful and secure adaption of BYOD.

With the use of secure hosted technologies and implementation of a comprehensive BYOD policy, there are few reasons BYOD would be anything other than a positive step for many businesses.

You can find more information on how our hosted Citrix desktop and MDM solutions can help your business by calling us on 0845 006 0866