Notice history

08 December 2022 at 8:00:00 PM

What’s a maintenance inspection?

As a key component of a maintenance program, inspections include tasks that check the condition of equipment and determine what tools, materials, and labor are required to service them.

A maintenance inspection is the process of evaluation the condition of equipment or machines. The purpose of a maintenance inspection is to determine what tools, materials, and labor are needed to keep them in good working condition.

Why are maintenance inspections important? Maintenance inspections can identify minor issues before they turn into costly repairs. Inspections ensure machines are working correctly and helps prevent equipment downtime.

Just about every plant or facility must conduct regular inspections as part of its overall maintenance program. Electrical systems, mechanical systems, and instrumentation components must be checked and subsequently serviced.

Ideally, inspections are scheduled, completed on time, and documented with a maintenance managment system or similar maintenance software. With the advanced technology available today, mobile devices can make the inspection process simple and efficient. Handheld tools can provide step-by-step instructions as well as an easy way to record sensory observations and test results.

New Update for last maintenance:

[ ] New Components (Platform Distribution EndPoints)

### Cloud Maintenance 101 The following types of planned maintenance are included.

Backend and internal maintenance Backend and internal maintenance typically involves reconfiguring physical assets or installing software patches. It doesn't affect normal consumption of the assets being serviced. With redundant NICs going to each physical rack, normal network traffic and private cloud operations aren't affected. You might notice a performance impact only if your organization expects to use the full redundant bandwidth during the maintenance interval.

Portal maintenance Some limited service downtime is required when the control plane or infrastructure is updated. Maintenance intervals can be as frequent as once per month, and are expected to decline in frequency over time. VMware Engine notifies you about impending portal maintenance and makes an effort to keep the maintenance interval as short as possible. During a portal maintenance interval, the following services continue to function without any impact:

VMware management plane and applications

vCenter access
All networking and storage
VMware infrastructure maintenance

It's occasionally necessary to make changes to the configuration of the VMware infrastructure. These intervals can occur every one to two months, but the frequency is expected to decline over time. This type of maintenance can usually be done without interrupting normal private cloud consumption. During a VMware maintenance interval, the following services continue to function without any impact:

VMware management plane and applications
vCenter access
All networking and storage
Updates and upgrades
VMware Engine is responsible for lifecycle management of VMware software (ESXi, vCenter, PSC, and NSX) in private clouds.
Hypervisors
Virtual machines/operating systems
Virtual appliances
Networking components
Applications
Storage components
Clusters

Software updates include the following:

Patches: security patches or bug fixes released by VMware
Updates: minor version change of a VMware stack component
Upgrades: major version change of a VMware stack component
VMware Engine tests critical security patches as soon as they become available from VMware. Per SLA, VMware Engine targets a roll out of security patches to private cloud environments within one week of their availability.

When a new major version of VMware software is available, VMware Engine works with customers to coordinate a suitable maintenance window for applying the upgrade. VMware Engine applies major version upgrades at least six months after the major version is released and notifies customers two months in advance of applying major version upgrades.

VMware Engine also works with key industry vendors to ensure that they support the latest VMware software version before rolling out a major version upgrade.

What's next Preparing Public Release

05 December 2022 at 4:59:00 PM

Prologe

For the past years, December 12 has been the most awaited day for shopaholics since it celebrates the National Online Shopping Day or locally known as ‘Harbolnas’ in Indonesia. PopIt Snack Platform is one of the official partner doing Harbolnas by Ministry of Trade of the Republic of Indonesia and Indonesia E-Commerce Accosiation (idEA). Bank Indonesia (BI) Governor Perry Warjiyo predicts that e-commerce transaction in Indonesia will rise to Rp530 trillion in 2022. For more information about HIndonesian Harbolnas 2022 you can find at their official site on http://harbolnas.idea.or.id/

Purpose

Server maintenance is process of keeping a server software updated and running so that a computer network can operate smoothly and avoid downtime or loss of data. Regular maintenance will keep the server running as expected and will help avoid a total or partial network failure.

A server maintenance plan is a plan that is initiated by a company to ensure the hardware and software that are essential to the company's sustenance run the way they are expected to.

[ ] Penetration Testing
[ ] Server Maintenance Checklist

Double-Check & Verify Backups.
Check the RAID array.
Verify Storage Utilization.
Review Server Resource Usage.
Update Control Panel.
Update Software Applications.
Examine Remote Management Tools.
Verify Network Utilization.

What is penetration testing?

Penetration testing (or pen testing) is a security exercise where a cyber-security expert attempts to find and exploit vulnerabilities in a computer system. The purpose of this simulated attack is to identify any weak spots in a system’s defenses which attackers could take advantage of.

This is like a bank hiring someone to dress as a burglar and try to break into their building and gain access to the vault. If the ‘burglar’ succeeds and gets into the bank or the vault, the bank will gain valuable information on how they need to tighten their security measures.

Who performs pen tests?

It’s best to have a pen test performed by someone with little-to-no prior knowledge of how the system is secured because they may be able to expose blind spots missed by the developers who built the system. For this reason, outside contractors are usually brought in to perform the tests. These contractors are often referred to as ‘ethical hackers’ since they are being hired to hack into a system with permission and for the purpose of increasing security.

Many ethical hackers are experienced developers with advanced degrees and a certification for pen testing. On the other hand, some of the best ethical hackers are self-taught. In fact, some are reformed criminal hackers who now use their expertise to help fix security flaws rather than exploit them. The best candidate to carry out a pen test can vary greatly depending on the target company and what type of pen test they want to initiate.

What are the types of pen tests?

Open-box pen test - In an open-box test, the hacker will be provided with some information ahead of time regarding the target company’s security info. Closed-box pen test - Also known as a ‘single-blind’ test, this is one where the hacker is given no background information besides the name of the target company. Covert pen test - Also known as a ‘double-blind’ pen test, this is a situation where almost no one in the company is aware that the pen test is happening, including the IT and security professionals who will be responding to the attack. For covert tests, it is especially important for the hacker to have the scope and other details of the test in writing beforehand to avoid any problems with law enforcement. External pen test - In an external test, the ethical hacker goes up against the company’s external-facing technology, such as their website and external network servers. In some cases, the hacker may not even be allowed to enter the company’s building. This can mean conducting the attack from a remote location or carrying out the test from a truck or van parked nearby. Internal pen test - In an internal test, the ethical hacker performs the test from the company’s internal network. This kind of test is useful in determining how much damage a disgruntled employee can cause from behind the company’s firewall. How is a typical pen test carried out? Pen tests start with a phase of reconnaissance, during which an ethical hacker spends time gathering data and information that they will use to plan their simulated attack. After that, the focus becomes gaining and maintaining access to the target system, which requires a broad set of tools.

Tools for attack include software designed to produce brute-force attacks or SQL injections. There is also hardware specifically designed for pen testing, such as small inconspicuous boxes that can be plugged into a computer on the network to provide the hacker with remote access to that network. In addition, an ethical hacker may use social engineering techniques to find vulnerabilities. For example, sending phishing emails to company employees, or even disguising themselves as delivery people to gain physical access to the building.

The hacker wraps up the test by covering their tracks; this means removing any embedded hardware and doing everything else they can to avoid detection and leave the target system exactly how they found it.

What happens in the aftermath of a pen test?

After completing a pen test, the ethical hacker will share their findings with the target company’s security team. This information can then be used to implement security upgrades to plug up any vulnerabilities discovered during the test. These upgrades can include rate limiting, new WAF rules, and DDoS mitigation, as well as tighter form validations and sanitization.