Study to work, or work to learn

On the one hand, the system of education and retraining that has developed in Ukraine is usually criticized for being cut off from the real world and seemingly useless. On the other hand, we have the richest choice of courses and trainings that are now available face-to-face or online and are either developed in Ukraine or available online on the websites of leading universities or training platforms.

Take, for example, the field of information technology in a broad sense: not only programming and development, but also classical Windows / Unix administration, building complex heterogeneous infrastructures, deploying clouds, and applying IT in the life of all citizens.

From a technical specialist, in addition to mastering his field, knowledge of many related areas is required (at least to understand his area of ​​responsibility, although the ability to integrate different products and solve global problems is much more in demand).

A non-technical employee or manager , if he is going to compete in the labor market with the same job seekers or robots / automation programs, must have a number of skills at the level of a professional user, at least office products (Excel, Project, etc.) mind is the work, and not the creation of its visibility, knowledge of the possibilities and limitations, the ability to quickly understand a new version or a similar software package amazon solutions architect salary.

An official , in the light of the general course towards reforming the sphere of public administration and organizations like housing and communal services, must deal with electronic document management, registers, portals, learn English and prepare for competitive selection for positions.

A citizen of any age will also not be able to do without a basic set of IT knowledge: working with the OSMB portal / school / university website, enrolling in electronic queues, paying for goods and services, registering and using electronic documents, managing personal finances and self-organization.

All this requires knowledge and skills that most of them did not even hear about 20 years ago.

Many of these people at one time spent about 15 years studying at a school / university, then worked in their chosen field for 10, 20, perhaps 40 years, and now they suddenly find that their skills are beginning to be lacking even at the everyday level. Some of them try to get the missing knowledge in online courses, but they rarely complete them. Self-education attempts usually end even faster, at the stage of drawing up a plan and choosing the correct sequence for mastering knowledge.

An additional nail in the coffin of intellectual development drives a business that often needs either already established specialists or people who can google / quickly solve an arisen problem here and now, even if the side effects from a quick solution are guaranteed to come out in the future.

TC Network Technologies, authorized and copyright trainings

One of the first organizations in Ukraine that has been offering such training services for 20 years is the TechExpert Training Center “Network Technologies” under the leadership of Tatiana Shtompel.

“Why do you keep doing this? Aren't you afraid that at some point the same will happen to classic fundamental courses as to paper books or photographic film - new formats and available tools will appear that will very quickly squeeze out existing players? Given that this is already happening, for example, in the form of e-courses. ”

TS: “We have read and will continue to read! An online course must be a quality product, and it’s not enough just to post a video on the Internet. At a minimum, it should be created by a smart and charming practitioner. In addition, there are a lot of courses for which, due to the specifics of the technologies and equipment used, it is very difficult to create an online course in a mass format, but training is still required. We are mastering distance formats, developing a portal for training / testing, but so far nothing has been able to replace live communication. Plus, for many of our students, only the classroom format allows them to focus on the subject being mastered. "

Over 20 years of work in the Training Center, more than 45 thousand students have been trained and certified, many of whom have helped to reach the heights of career growth, and now they themselves send their subordinates to new courses, because they know that training an employee leads not only to the growth of his personal productivity, but also allows you to quickly come to the desired result for his entire department or even the entire company (for example, due to the fact that other people do not have to work to eliminate the consequences of his ignorance).

- What will we do if we train them and they go to another employer?

- And what will we do if we do not train them, and they stay?

Business joke

The Training Center believes that learning needs a balance between the classical university approach (the availability of a program, materials, certification of the center and teachers, regulations and other elements that have proven their value) and an individual approach to students and the task at hand (you need to choose a suitable course, conduct a pre-training diagnostics, sometimes even listen to the formulation of the problem from the business / TOP and offer its solution in the required skills of the staff). With this approach, the training center bears responsibility for the result not only of the training itself, but also of its application in practice.

TC Network Technologies team in partnership with NATO

Social responsibility

In this regard, the TC is especially proud of the training of civil servants in the framework of various NATO and EU initiatives, the purpose of which is professional training followed by the introduction of critical reforms.

In addition to civil servants who directly influence our present and future, Network Technologies introduces the world of IT to schoolchildren who are already growing up in the world of information technology, mastering it almost intuitively.

In addition, after a summer series of cyber attacks, Network Technologies prepared and released a series of security webinars to the public.

Microsoft Software Assurance is canceled

Microsoft is ending Software Assurance for its products. Microsoft voucher training and implementation planning services will end in the next two years.

Termination of the program will take place gradually, in several stages. As early as February 2020, it will become impossible to receive training services for the implementation and deployment of Microsoft products. Software Assurance training vouchers can be created and redeemed until January 2022, with Microsoft Azure training becoming unavailable in February 2020. In February 2021, training days will no longer be counted for calculating the number of vouchers. And the days of study accumulated before this period can be converted into vouchers until June 30, 2021. All training vouchers must be activated by January 1, 2022, after this period they will be deleted.

So, let's summarize. Training Vouchers will be completely phased out in two years, and they will not be able to pay for Microsoft Azure training or Deployment Planning Services even earlier aws solutions architect salary.

To get the most out of Software Assurance, the Networking Learning Center recommends that you check for vouchers and spend them as soon as possible on training courses on Microsoft products and technologies.

Scrum, BPM CBOK, TOGAF

Scrum is a flexible project management standard that helps businesses acquire project-specific specifics and therefore stay afloat and grow. The standard allows an organization to build a Developer Operation and make always controlled changes to the business and its infrastructure. To understand the essence of the standard, the most important Scrum principles are formulated.

People and interactions are more important than processes and tools.

The work is done in small teams.

Performance is assessed at the team level, not the individual.

Self improvement roi solutions jobs.

Iterations. After each iteration or sprint, a working "product" should appear.

The Scrum standard is chosen when you need a simple, straightforward, logical, transparently manageable tool.

Scrum approaches to project implementation are extremely popular in companies that develop computer applications. Scrum courses are taught in IT training centers and specialized educational organizations.

The Business Process Management Common Body of Knowledge (BPM CBOK) is changing the way businesses view process management and the role of automation in managing processes and workflows within and between enterprises. This evolving standard, coupled with automation, has revolutionized rapid change management. BPM CBOK provides an innovative opportunity to optimize interactions with customers, suppliers and employees. The following BPM CBOK principles are formulated.

Transform, not just improve processes.

Give leverage to clients.

Make processes global, standardized and “human”.

Leverage big data.

Doubling the focus on process competencies.

BPM CBOK uses a unified conceptual base of terms and provides a holistic approach to creating and managing business processes. Benchmarks for the implementation of BPM CBOK have been developed and logically justified.

BPM CBOK courses are taught in business schools and education centers that develop project management curricula.

The Open Group Architecture Framework (TOGAF) allows you to assess the need to build an enterprise infrastructure and control changes in it. The main principle of TOGAF, any activity and changes in the infrastructure should create either new business opportunities or optimize existing activities. The main goal of TOGAF approaches should be the creation of the Value Chain. It is an architecturally holistic tool for building and maintaining infrastructure that can accommodate current and future business needs. 

TOGAF is necessary to create a long-term development plan for the company, for example, with the aim of obtaining investments or entering an IPO. It is a powerful tool for building a stable IT infrastructure for enterprises and organizations that will work reliably in the face of large changes. This ensures business continuity. TOGAF approaches help stabilize or increase business capitalization. It has tremendous benefits in the long run.

Note that TOGAF concepts are gaining popularity now. TOGAF courses are taught in IT and business educational centers, as well as in business schools.

Pearson VUE and Certiport reopened

Dear Testing Candidates!

We inform you that our test centers will resume their work from May 26, 2020.

Test centers Pearson VUE® Authorized Test Center Select and Certiport Authorized Testing Center, operating on the basis of the Network Technologies TC, resume their activities and operate normally. All postponed and postponed exams will be accepted on schedule.

To ensure the safety of candidates and office visitors from COVID-19 infection, the test center adheres to all sanitary and epidemiological standards senior data architect salary.

We remind you that you can only register for an exam, change the date of an exam, or cancel it on the official Pearson VUE® Authorized Test Center Select and Certiport Authorized Testing Center websites.

Pearson VUE Certified by TechExpert

Are you planning to take an exam at the TechExpert Test Center , but have never taken it before? We have prepared for you answers to frequently asked questions of candidates.

TechExpert Test Center is an official Pearson VUE partner with Authorized Test Center Select status. Here you can pass Microsoft and Linux certification , GMAT and other specialized certifications. Test Center "TechExpert" is a test platform that meets all international testing requirements. Exam registration and payment is handled by the candidate through the Pearson VUE website.

How to register for an exam at the TechExpert Test Center?

You can find out information about registering for the exam you need at  Pearsonvue.com , where more than a thousand exams in various areas are presented. After selecting the For test takers tab, use the search bar to enter the exam name or the A to Z list to go to the home page of the test organization. The exam developer's page always contains comprehensive information useful for candidates for testing. There you can find out about available exams, register for an exam, reschedule or cancel it, find a test center nearby, determine if you can take an exam online, find program-specific rules, find customer support contacts, and exam preparation materials.

Where can I find information about my exam?

Each exam has its own nuances, which candidates for testing should familiarize themselves with in advance. Many organizations that develop examinations on their page post all the information candidates need, for example, instructions for passing the exam, which contains information about the structure and format of the exam, what questions will be considered, and much more. You can also find out if there are additional requirements that a candidate must meet to register for the exam.

Exam developer pages: cloud architect job outlook

Microsoft - go .

Linux Professional Institute (LPI) - go .

Project Management Institute (PMI) - go .

GMAT - Go .

Others - go .

How is the registration process for the exam? How can I find out if the registration was successful?

Registration for the exam is conducted by candidates independently and takes place online through the Pearsonvue.com website  . After registration, a letter will be sent to your e-mail confirming the successful registration for the exam (if there is no letter, please check your spam folder). Also, information about the planned exam will be displayed in your personal account.

How do I pay for the exam?

Payment for testing is carried out online when registering for an exam on the Pearson VUE website. Payment is made once, you don't need to pay extra in the test center.

What days does the test take place and can you choose the date of the exams yourself?

During the registration process for the exam, the candidate independently chooses the test date from the available ones to choose from.

Can the exam be rescheduled or canceled?

You can reschedule or cancel an exam through  Pearsonvue.com . Please note that fees may apply for these and some other services, depending on the testing organization. Therefore, we advise you to postpone or cancel the exam in advance.

What documents do I need to have for registration?

You can find a list of documents required for passing the exam either on the website of the organization that developed the exam, or in a letter sent to your email address after registration. Please note that documents must be originals, not photocopy or photocopy, and not in electronic form.

What can you take with you to the test room?

All personal belongings of candidates for testing are in special individual lockers that are locked with a key. Bringing food and drinks, as well as other personal items, except for the document and the key to the locker, into the test room is prohibited by the rules. Food and drink may only be used during the break if testing is required.

How is the testing process going at the TechExpert test center?

Applicants must arrive at the test center on the day of the exam 30 minutes prior to the start of registration. You must have identification documents with you. From arriving at the test center to receiving the test results, at every stage, you will be accompanied by an administrator.

MIGRATION ARCHITECT

SberCloud is a cloud provider of the Sberbank Group. By providing customers with cutting-edge cloud technologies that are compatible with their business's usual IT application architecture, we enable technological breakthroughs. We are creating the SberCloud cloud platform, using many years of experience in developing the IT infrastructure of the Sberbank Group.

You have to: cloud architect jobs

Sales support (technical presale)

Writing technical documentation for clients, as part of the implementation of integration projects (TOR, description of technical solutions, preparation of presentations, explanatory note to the project)

Interaction with internal divisions of the company, participation in the development of the company's product line

Preparation of hardware and software specifications

Leading the technical implementation of projects as a system architect

Requirements:

Work experience over 6 years

Experience in sales (technical presale) of infrastructure IT solutions and services

Experience in writing technical documentation

Knowledge of network technologies and solutions based on Cisco equipment

Hands-on experience in administering a VMware vSphere virtualization environment

Experience and knowledge in building cluster solutions

VMware / Azure / AWS Architect certification is a plus.

Terms:

Office near metro Arbatskaya, Library named after Lenin, Borovitskaya, Alexandrovsky Garden

VHI + dentistry

Corporate discounts for employees of Sberbank Group

Corporate fitness

Flexible start of the working day

Preferential terms for lending

For which I respect Tucha

Our company, which is logical, long ago abandoned the local infrastructure in the office in favor of the cloud one. Computers have turned into diskless stations and continue to serve us well and faithfully. Each employee has his own workspace in Tucha, which is available to him at home, in the office or elsewhere. For example, MacDonald's.

A couple of days ago I shared my personal system of organizing work in Tucha, today I want to develop the topic and dwell in detail on some of the many fat advantages that are of the greatest value in my work and help me solve work problems more efficiently and comfortably. It is cross-platform and data storage reliability.

Available cross-platform or one OS on all devices

I use several devices for work. But unfortunately, all the devices I deal with have different operating systems installed. And it turns out that if one version of the program works on one device, then it refuses to do it on the others. :) And for each version, of course, you need to purchase a separate license.

But that's not all the nuances. When working with layouts of various formats, from * .Eps to * .Cdr, a few more unpleasant surprises await the user, for example: what are entry level it jobs

sky-high file sizes - it is very inconvenient and takes a long time to transfer from one PC to another (if you know what it is to constantly move files weighing 1.5-2 GB from device to device, then you will probably understand what I mean);

incompatibility between versions - saved in the wrong version and, please, the printing house does not accept the layout (yes, many typographers do not accept innovations and use old versions of graphic editors, unfortunately);

if the OS used does not yet support the version of the program, then you will not be able to quickly resave the file in the required version - you have to "move" to the desired computer, and this, you understand, is the time that is often not enough (such an outrage, in particular, is observed on macOS, which runs CorelDraw up to version 11, and newer versions have not been released for it).

Earlier, being out of the office, it was not always possible to work and quickly send the file. I was forced to rush to the office urgently to change some letter "I" to "A". Now all this is over, and I can use these "obstinate" applications without problems. After all, a MacBook Air with MacOS or a netbook with Ubuntu (for Linux CorelDraw was last released in 2000) is just a window in Tucha! :) I only need them to connect to the workplace in Tucha and that's it. And in Tucha, my desktop is a good old licensed Windows with a full set of applications and all my working files.

CUSTOMIZING GOOGLE DRIVE FOR WORDPRESS

Install and activate the plugin.

In the "Configure Google" tab, you need to link your account to work with this plugin. To do this, you need to enter the Client ID and Client secret so that the plugin can interact with Google Drive through the Google API. Just in case, at the end of the note there is an instruction on how to generate the Client ID and Client secret system support analyst.

Go to the "Backup Settings" tab to set the initial plugin parameters.

In the "Backup Folder" section, in the "Enter the Backup Folder Name" field, enter a template for the backup name.

In the "Mail Options" section, in the "Custom Mail ID" field, enter the email address to which you will receive notifications when the backup is complete.

In the "BackUp Schedule" section, in the "Set Time Interval" drop-down list, select the backup frequency.

Then go to the "Manage Database" tab to configure the parameters of the database backup.

In the "Exclude Database Tables" section, select the tables that should not be backed up.

In the "Database Backup" section, select whether or not to include the database in the ZIP archive. In the archive, it will be placed in / wp-content / db /.

In the "Manage Database" section, select the number of database backup versions from the drop-down menu.

Click the Save button to save your changes.

Next, go to the "Manage Files" tab to configure the backup of site files.

In the "Exclude Files" section, select the files to exclude from the backup.

In the "Manage Files" section, in the "Set Backup Limit" drop-down list, select the number of backup versions.

All! Now your WordPress site will be backed up to your Google Drive on schedule!

Note. To make a backup copy in manual mode, go to the On Time Backup tab.

GETTING CLIENT ID AND CLIENT SECRET IN GOOGLE CONSOLE

Go to the Google Console using the link specified in the plugin settings.

In the window that opens, return to the classic view of the console by clicking on the link "Return to original console", which is located at the bottom of the screen.

Then press the button "Create another client ID ...".

In the window that opens, select "Web application", then select "http: //" from the drop-down list and enter in the field the link that is indicated on the plug-in configuration page and highlighted in bold. After that click "Create client ID".

In the window that opens, find the "Client ID for web applications" you created and copy the Client ID and Client secret.

Go back to the plugin settings page in the WordPress admin panel and paste the copied Client ID and Client secret from the Google Console. Then click "Allow access".

If everything went well, a page will open with a confirmation that the plugin can work with your account. Click "Accept", after that you can go to the plugin settings.

Additional opportunities and arguments for working with clients

We also offer partners: System support analyst

Ability to transfer non-core tasks . If a client has a question that lies outside the area of ​​our competence, we recommend partners who can efficiently solve this problem.

Joint activities and promotion of the partner's business . This format implies the dissemination of information about partners and their special offers through our information channels: in mailings, social networks, in person. We also actively support and promote events organized by our partners. 

Interview and website . In addition, we regularly communicate meaningfully with partners, and then publish these interviews on the blog and promote them through our channels. We also post information about partners in a special section on the Tucha website. 

Providing presentation materials . Each partner receives a selection of presentations about Tucha services and solutions. Upon request, we develop individual offers for clients.

Partner training . Our partners regularly take part in trainings and training from Tucha, where they receive up-to-date information about services, solutions and opportunities, exchange experiences, and also expand their own circle of partners. All this is free.

Additional opportunities and arguments for working with clients

Priority for testing Tucha services . When a partner requests a test period for himself or his client, we immediately issue resources without any questions.

Ready-made templates for clients . If required, we help to create and store ready-made templates for quick deployment of virtual machines for solving typical tasks of the partner's clients. For example, if a client needs to place a boxed version of Bitrix24 in the cloud, accounting or take out the workstations of employees, and all this with some specific custom settings, templates will help solve these tasks even faster.

The best technical support and exceptional attention to tasks . All customers and partners know that Tucha's technical support service is available 24/7. The off-line response time to customer requests is 13 minutes on average.

Help and support at all stages of cooperation . We are maximally involved in solving clients' problems and lead the user by the hand throughout the entire period of cooperation, often doing more than promised.

Clarity and transparency . We have clear transparent tariffs without hidden fees, and cooperation with us takes place on the basis of a public agreement (offer) . We accept payments to current accounts with the issuance of all accounting documents both in electronic and paper form. Payment for services is made in UAH with reference to the NBU rate on the first day of each month and already includes VAT for payers of this tax.

And that is not all

We also offer partners:

Ability to transfer non-core tasks . If a client has a question that lies outside the area of ​​our competence, we recommend partners who can efficiently solve this problem.

Joint activities and promotion of the partner's business . This format implies the dissemination of information about partners and their special offers through our information channels: in mailings, social networks, in person. We also actively support and promote events organized by our partners. 

Interview and website . In addition, we regularly communicate meaningfully with partners, and then publish these interviews on the blog and promote them through our channels. We also post information about partners in a special section on the Tucha website. 

Providing presentation materials . Each partner receives a selection of presentations about Tucha services and solutions. Upon request, we develop individual offers for clients.

Partner training . Our partners regularly take part in trainings and training from Tucha, where they receive up-to-date information about services, solutions and opportunities, exchange experiences, and also expand their own circle of partners. All this is free.

Goal

How to become a Tucha partner

If you know who we can recommend our services to, and you see that we are on the way, become our partner. This simple process consists of just a few steps:

Sign up for the affiliate program by filling out a short form .

We will promptly contact you and outline a partnership roadmap. 

Use all the opportunities that we will offer, these are working practices. 

Offer cloud services to your customers as a beneficial addition to services or upon specific request.

Receive regular rewards, as well as our care and support.

The more your recommendations, the more happy customers and the more significant the amount of partner reward. Let's add even more value together! 

Inbound rules in Windows Firewall

Over the past week, we have recorded several similar requests from users who could not connect to the remote desktop after rebooting their virtual machines.

The problem appears to have appeared after installing one of the operating system updates. The Internet, which was mistakenly identified as private, is now defined as public, which can result in inbound connections being blocked if no permissive rules have been set in the firewall.

How to fix it support.tech

Before rebooting the system again, go to the firewall configuration control panel and pay attention to the rules for incoming connections:

Remote Desktop - user mode (incoming TCP traffic) - Advanced tab - enable for Domain, Private, Public profiles .

Remote Desktop Services - enable user mode (incoming TCP traffic) for profiles: Domain, Private, Public .

screen

As you can see, everything is simple and fixable in two minutes.

If you have any questions or need help, please contact us at any time. We are always in touch. And we are glad to see you 24x7.

Seamless server-to-server migration scenario

Step 1. Set up one-way replication of all data on the old server to the new one. 

Create a copy of the site on a new server. We test, launch, see how the site reacts to requests. If everything works fine, set up database replication. What does it mean? When a request from visitors arrives at the old server, it notifies the client about the new data. The new server receives all data about changes from the old server within a matter of seconds (most often, even in 1 second).

Thus, on the new server, the copy of the database is constantly updated and remains current. As for static information (files, cache), here you need to establish one-way synchronization from disk to disk. You can use both simple technologies and more complex (distributed file systems). In our experience, rsync running in an infinite loop is sufficient. It is quite suitable for solving such problems, although the issues of statics synchronization can be solved using any other known and convenient methods.

As a result, we get 2 servers. The old one contains the old site, which users still visit. And even after we make changes to the DNS, for at least another 5 minutes, users will get to the old server. 

All information from the old server is replicated to the new server. It turns out that we have a complete replica of the old site on the new server. An important point: files are replicated with a slight delay. you must first calculate what exactly has changed.

Step 2. Testing the new server.

After setting up replication, we test the site on the new server. In order for your local computer to access a new copy of the site without changing the DNS settings, you need to make a change to the hosts file (in Windows it is usually C: \ Windows \ System32 \ drivers \ etc \ hosts) by adding a line like IP.address .new.server (e.g. 13.13.13.13) yourdomain.com www.yourdomain.com

If you need to perform a mechanical check of a large number of records, we do it using a script that sequentially executes a series of requests and compares them with the responses. 

Step 3. Set up proxying to redirect web traffic to the new server.

Before making changes to DNS, we transfer the work of the site on the old server to the new one. To do this, we will use the proxying mechanism, which is available in both NGINX and Apache HTTP Server. 

In the configurations of the web server, we indicate that if something came to the old server with the address 6.6.6.6, you should contact the new server 13.13.13.13 with the same request, and then send its response back to the client on your behalf. The client accesses the old server, where the site no longer exists, but there is a proxy web server. The proxy web server with the address 6.6.6.6 accepts requests from the user, secretly addresses them to 13.13.13.13. Thus, the clients, although they are referring to the old server 6.6.6.6, are actually already working with the site on the new server 13.13.13.13. 

Another advantage in working with a proxy server is that it can be set to fall-back (fallback): if the required file is not on the 13.13.13.13 server, then you need to look for it in the local directory. This solves the problem of file syncing lag.

Step 4. Disconnect the old server.

Change the site's DNS records to 13.13.13.13. When a visitor arrives who is still accessing 6.6.6.6 (within the first 300 seconds after the changes are made, such requests will still come), the proxying web server processes his requests by passing it to the new web server with the address 13.13.13.13. And when the user directly addresses the new address 13.13.13.13, it will be processed by the new server normally. This eliminates the problem of database splitting, since clients work with the same database, with the same set of files, with the same site. 

We are waiting for the time that we indicated in the TTL (if you remember, even before the transfer, we set it to 300 seconds), and wait for the requests to the old server to stop arriving. In order to finally make sure that all clients and requests from them go directly to the new server, we wait a day and confidently turn off the old server computer tech help. 

Done! Now your site has successfully moved to the new server.

Seamless migration service cost

You can transfer the site yourself. We are always ready to help with advice and quality instructions. Or entrust the move to us, and we will do everything for you. We do site transfer using a "stub" or "splitting" method for free. The seamless migration technique requires training and knowledge, and also takes more time, so this service is paid. The cost of seamless moving service is 100% of the server cost for 1 month, but not less than 30 euros. Our experts will help you transfer a high-load project painlessly, smoothly and without compromising the site's performance.

Summing up

Although migrating a website from server to server is a responsible and painstaking process, our seamless migration technique allows you to do this without downtime and loss of customer orders. 

If you need help changing hosting, please contact us! We will help you transfer a project of any size painlessly and smoothly. The main thing: site migration is not scary at all, if you entrust it to an experienced and skillful provider. 

How to set up port forwarding to a server located on a private network

We share useful information for users of virtual machines. Clients often contact Tucha's technical support service with a question on how to configure port forwarding to a server located on a private network, and each time we send a detailed and clear instruction in response. Now we decided on the basis of these letters to create a useful article that will help other users to understand this process.

Why configure such port forwarding at all? Let's look at an example. By following all of the following steps, you can establish a TCP and UDP connection to a server connected to a private network. In this case, port 3389 of this server will receive what will arrive on port 13666 of the external interface of the virtual router.

By the way, if you are interested in how it all works, we recommend that you look at the article "What happens when connections inside and outside the VPN tunnel", namely, the sections "Position two" and "Position three".

So, setting up port forwarding to a server located on a private network is very simple: help desk support jobs

1. Go to the Network section, select our network (NET-2019111913000635), and then select View IP Address:

2. Next, select the IP address - 195.3.205.13 (since we have several addresses, select the one for which Source NAT is enabled):

3. Now we need the Configuration tab:

4. Select the firewall settings mode:

5. After that, select the source prefix (Source CIDR), the protocol (Protocol) and the range of ports (Start Port, End Port), access to which must be allowed. Next, click the Add button:

6. Then we return to the previous menu and go to the port forwarding control mode: 

7. Select the range of ports on the server to which traffic should be forwarded (Private Port), select the range of ports on the virtual router (Public Port) and the protocol (Protocol). Next, click the Add button:

8. The last step is to select the server to which this traffic should be forwarded, and its address:

That's all. As you can see, there is nothing complicated in the process of setting up port forwarding to a server located on a private network. 

On the security of working in the cloud

How to scale resources

Often, the initial configuration is sufficient for comfortable operation for a long time. However, if more resources are needed over time, adding the required amount can be simple and quick.

TuchaFlex + is scalable by adding an arbitrary number of resources - the required number of processor cores, the amount of RAM and the size of the hard disk. Also, if necessary, you can add HDD disks if there is no intensive data access, and other useful options.

TuchaBit service is scalable by virtual units - adding a certain set of resources at once. Recall that 1 unit consists of 1 GB CPU and 25 GB SSD. You can also separately add the required number of additional processor cores (by default, a certain number of cores have already been added to the server, depending on the number of units that make up the server), IP addresses (one address is added to each server by default) and other useful things.

In order to increase the amount of resources for a virtual machine based on any of the services, just contact us. We will recommend a new configuration in accordance with current needs: for example, if the load on the IT infrastructure has increased or the staff of the company has expanded. Already during the day it will be possible to conveniently work on new resources.

On the security of working in the cloud

As noted, the rental price for each virtual machine already includes a useful data protection tool - snapshots. Not so long ago, we prepared an article about the conditions under which snapshots are created and how two snapshots of each disk of the client's virtual machine are stored.

What are snapshots useful for? A snapshot can be useful for recovering a machine disk to the state it was in when the snapshot was taken. In addition, you can upload the snapshot and use it as an image of a new virtual machine, or add it as an additional disk to any server within our cloud infrastructure.

Additionally, backups will help to protect individual files and documents from loss. To do this, we propose to use the TuchaBackup service , which will reliably place backups in secure data centers outside Ukraine (mainly in Germany). The cost of the solution is quite affordable: the minimum configuration, which includes 50 GB of cloud storage, costs only 5 euros / month. If more storage is needed in the future, it is easy to expand it.

Among other things, we offer useful tools for protecting your data in the cloud: tech support jobs near me

special server templates with disk encryption enabled;

the ability to encrypt communication channels;

service "Anonymity on demand" ;

additional IP-addresses with Ukrainian or foreign geolocation;

additional full snapshots of virtual machines disks;

mechanisms of panic buttons.

Is it possible to test services before paying

Of course, you can test most of our services for free for 7 days. This period is usually enough to ensure the quality of our services, the prompt work of the technical support service and a quick response to any requests. We will also advise on working with a remote office and help you move your employees' workplaces to the cloud.

How to easily organize cloud migration

If you decide to move your office work to remote servers, you should take care of the safe migration of all data to the cloud so as not to lose anything. This can be done, for example, by your company's IT specialists, but if they are not there, just contact us. We will help you to transfer all programs and data to work with high quality, and the whole process for a small infrastructure usually takes place within one day. The cost of the migration service is the same as the amount of renting a virtual machine for 1 month.

About technical support

High-quality technical support is an important factor that determines the comfortable work in the clouds for the entire team. In numerous reviews of Tucha, customers and partners claim that our technical support is the best among Ukrainian (and not only) cloud providers.

We advise you to learn about the types of support and determine which one meets the company's needs best, already at the stage of testing services. In general, you can choose one of the following types:

Basic support (free).

Permanent server administration (50% of the server cost, but not less than 30 euros / month).

Hourly server administration (€ 20 / hour).

Warranty support (free).

More details about each of the types of support can be found on the website .

It is important that no matter what type of support you choose, our team will be in touch around the clock and will quickly help in solving any problems. Communication channels with the service include telephone, e-mail and ticket system. And to get the most out of working with the Tucha team, life hacks for working with the technical support service will help .

Some legal and financial issues

When working with Tucha, each client receives a complete package of accounting documents: acts of completion, tax invoices (for those who need them), original invoices, etc. We also provide the possibility of electronic document management, but we also work with the help of "pigeon mail".

As for payment for services, a large selection of payment methods is available at your discretion: current account, payment by card through Privat24 or PrivatBank terminals, online payment LiqPay. The fees for our services can be attributed to the expenses of the enterprise. Despite the fact that prices are indicated in euros and are tied to its rate, payment for services is carried out in national currency at the NBU rate for the first day of the current month. Also, prices already include VAT (for those who are payers of this tax).

It is important that all our prices are transparent: they are published on the website and are initially the same for all customers. And cooperation with us is based on a public contract (offer) . If the client needs a paper version of these documents, we will also provide an application for joining the public offer agreement.

Automation of CI / CD processes

Speaking of DevOps, it is also worth mentioning that the platform provides for the automatic execution of operations related to testing, compiling and containerizing an application. The platform allows you to upload the application code to the Git repository, after which every time you make changes to the code (or rather, every time you commit these changes to the repository), the compilation, testing and packaging processes are automatically started. The platform then creates an image of the container, which goes into the private repository. The modified version of the application is first published in a test environment so that QA engineers (testers) can check its work. When a decision on a new release is made based on the results, it is carefully delivered to the production environment, while the orchestration system first launches a new version of the program, makes sure that it works,

A farm instead of one pet

Using the platform means using containers - completely isolated environments in which only the components most necessary for its operation are available with the application. When the platform needs to launch an application, it creates new containers (and not one, but several identical ones), deploying them from the image that is available to it in the repository. No matter what happens inside the container, these changes will no longer go back to the repository, containers are constantly created and destroyed. Such an application will not be able to break and add any bookmarks to the code. Why? Firstly, all program files are tightly protected from writing, and, secondly, even if changes were somehow made, all these files are just a copy of the application: they are in a temporary ephemeral container,

Analysis and protection

At the same time, the platform allows you to analyze every request coming from the Internet for potential threats. Before being processed by the load balancer, the request goes through the web application firewall, which determines whether or not it should be allowed through. The firewall checks requests, guided by the signature database, which is constantly updated, while the customer has the ability to both open certain checks and add his own.

Good news!

This year we launched the TuchaKube platform , which provides a range of features. Often, the independent implementation of such functions requires long and painstaking work, comprehension of many fundamentally new concepts, as well as painful searches for an answer to the question: "Why do I need this?" And these functions are not just about security. The platform provides things like:

monitoring a huge number of metrics;

automatic horizontal scaling (by creating the required number of identical containers on various computational nodes, taking into account the current load);

automatic issuance of certificates for TLS connections;

automation of DevOps functions.

How we got there

Since last year, thanks to the wishes of some partners of our company, we were faced with the need to solve the problem of ensuring the automation of CI / CD processes. This led us to heavy use of Docker containers, and then to the use of the Kubernetes orchestration system. Having accumulated a sufficient amount of practical experience, we decided to systematize this experience and derive additional benefit from it for everyone: this is how the revolutionary TuchaKube platform appeared.

Where to find us systems support analyst

By the way, on our YouTube channel you will find two detailed video reviews that demonstrate:

automation of CI / CD processes ;

metrics monitoring and automatic horizontal scaling.

And very soon, we will release two more video reviews that demonstrate how to ensure data persistence and how to use a web application firewall.

Data center security and additional data protection

About the reliability of data centers

All Tucha facilities are located in secure data centers that meet the security level of Tier 3 and higher. This means that sites have both main and backup communication channels, among which are Internet channels, power supply, cooling systems, etc. Both preventive and maintenance processes inside the data center occur without stopping the systems, so the servers are available at any time.

About backups

In order to enhance the security of your data and further protect it from loss, we recommend that you regularly create backups and store them in the cloud. Cloud backup hosting based on the TuchaBackup service is useful for this . It will help you place backup copies of website files and databases on remote servers (mainly in Germany) and have round-the-clock access to them. The initial configuration is 50 GB and costs 5 € / month. The amount of cloud storage can be easily expanded as needed.

Service testing

Of course, our clients can test the work with the website in the cloud from Tucha for 7 days for free. This time is usually enough to check the speed and stability of the website in the cloud, to assess the ease of use of the service and the quality of interaction with the technical support service.

Before starting cooperation, we will help you choose the right service and configuration, deploy a virtual machine and help with data transfer, if necessary.

Technical support

Simple and understandable communication with the technical support service, its availability 24 × 7 and quick response to requests are what each of our clients receives. And, of course, the uninterrupted operation of virtual servers where the site or online store is located. We work around the clock to ensure that the system works stably, and clients receive the best service. You can choose one of the following types of technical support : Technical analyst job description

Basic (free).

Permanent server administration (50% of the server cost, but not less than 30 euros / month).

Hourly server administration (€ 20 / hour).

Warranty support (free under certain conditions).

Financial, accounting and legal issues

About payment for services

Payment for all Tucha services and services is carried out in UAH. The cost is fixed for the whole month at the NBU rate on the first day of each month. Note that the price already includes VAT (for those who are payers of this tax).

As for the methods of payment for services available in Ukraine, these are payment to the company's current account, payment by credit card (through the Privat24 application or PrivatBank terminals) and online payment using the LiqPay electronic wallet.

If you need to pay for cloud services in euros using PayPal or Bank Transfer (classic bank transfers), you can use the services of our partner in Poland.

About accounting documents

Each client receives a full package of necessary accounting documents: originals of invoices, certificates of work performed, tax invoices, etc. We actively support electronic document management, however, if paper versions of documents are needed, we will definitely provide them.

About legal security

Cooperation of clients with Tucha is based on a public contract (offer) . If you need a paper version of it, we will also provide an application for joining the offer agreement.

Outcome

Hosting sites and online stores on Bitrix: Site Management in the clouds from Tucha provides reliable data placement, high performance indicators and guaranteed service availability at 99.0-99.9% levels. And you will receive the best technical support 24 × 7, transparent terms of cooperation, as well as our care and prompt assistance in resolving any issues.

Oh-oh-oh, our site was hacked! What to do?

 We went to your site in the morning, and it is full of foreign banners or is it completely blocked? Most likely, it was hacked or infected. Council number 1 - do not panic, everything is fixable. Most importantly, do not despair, and even more so do not agree to the offer to "buy back" your site back (yes, it happens). We personally do not negotiate with attackers. And we will show you how to deal with them.

Who is the pest?

It would seem, well, what normal person needs to hack someone else's site, spend time and resources on it? For what? Just blackmail the owner? In fact, the list is much broader. Most often, cybercriminals hack websites in order to:

Use it for "phishing" - a type of Internet fraud, when accounts, bank card details and other personal information are stolen from visitors on fake sites.

Send spam from a hacked site.

Use the site for malicious activity, DDoS attacks.

Forward visitors to other sites.

It is corny to annoy a competitor by disrupting the work of his site.

Therefore, even the fact that you do not store personal data of users on your site and do not conduct financial transactions will not save you from falling into the field of view of hackers.

Symptoms

Of course, if cybercriminals have placed their banners on the site or when they enter the site, they transfer visitors to other resources, you will probably notice this without additional diagnostics.

In addition, if the hackers have already managed to "naughty" (send spam, carry out a DDoS attack, etc.), your site may be blacklisted by search engines. Google puts a lot of resources into fighting pest sites, so it will probably quickly track down your site and start alerting potential visitors. Of course, this will affect the attendance.

warning-pic

Also, "symptoms" of a compromised or infected site can be unknown files in the directory and foreign code in the body or files of the site.

Finding the reason

You can identify malicious files, and at the same time weaknesses of the site, as follows:

Find infected files with an antivirus. The clamav and maldet antivirus utilities will cope with this task . If ClamAV is present in the system, maldet will use not only its own bases, but also clamav bases when scanning.

For scanning, it is important to use a command that will not move files to quarantine. Otherwise, the date of their modification will change and further "investigation" will not work. A command like this would work

Important!

Check the computer itself from which you are managing the site for viruses - if a hack is made as a result of a password leak, a new password may be stolen again after some time.

Find out the time when the virus was last modified. This can be done with the ls utility (a utility for listing directory contents).

The time the file was last modified is usually displayed. Attackers could change it:

Use less (a file reader) and grep (a string search utility) to check the last modified time against the web server logs .

It will look something like this:

Each of the five (in our case) selected scripts can be the cause of the infection.

Important!

Typically, attackers break into the site itself, not the system on which it operates. The easiest way to check is to see who owns the infected files. If the same user on whose behalf the PHP scripts were run (depending on the system settings, this is either the same user who owns the other website files, or the system users apache or nobody), most likely the hack was due to a password leak or vulnerabilities in the site code.

How to "cure" a site

After detecting viruses:

Update the CMS of the site and all modules / plugins, since the virus often enters the site through gaps (vulnerabilities).

Change the passwords for all (!) Site users and all accounts that are related to the site (access to the FTP server, hosting control panel, etc.). There is a possibility that the virus was able to inject its users into the database and already quite legally performs any malicious actions.

Remove all possible malicious files. This can be done both by manually editing files and using scripts that will delete files without breaking the site structure.

Restrict access to all site directories.

Extreme measures

If the site still failed to "cure", you will have to deploy it from a backup copy. Do you make copies every day? Then such a deployment will not cause big problems. But if days or even weeks have passed since the last copy, it is a problem, the loss of important changes is almost inevitable.

Prevention

The best treatment is prevention. To minimize the risk of being hacked: Support analysts

Check your website and virtual machine for viruses.

Limit access to the site. Each employee must have exactly the level of access that they need to get the job done.

Never use the default login and password. Choose your password carefully, use all valid characters and their variations.

Limit the number of user authentication attempts.

Take care of regular backups in advance .

Install plugins to protect your site from hacking, for example, WordFence for CMS WordPress and analogues for other CMS.

But the most important rule is to trust only professionals to manage your site.

conclusions

A hacked site is not a verdict yet. The situation is fixable even in the most advanced cases. But prevention is always better than aggressive treatment. Therefore, we recommend that you adhere to basic security rules even before attackers open up to your site. Well, for fast website loading and reliable operation, take care of high-quality hosting for both small and large-scale projects .

Procedure for the provision of technical support services

Elimination of incidents and errors

Incident (error) - an unplanned event associated with complete or partial inoperability of the standard documented functionality of the ePlat4m software or its part.

The service for elimination of incidents provides an opportunity to submit an unlimited number of requests related to the incorrect operation of the standard documented functionality of the ePlat4m software .

In the event of an incident, the technical support service has the right to request remote access to the system to carry out the necessary diagnostic actions, if it is impossible to provide this access, a visit to the software operation site is carried out at the expense of the end user.

In the event that an incident occurs due to an error in the software configuration, a corresponding revision request is created, the deadline for which is determined by the priority and the availability of a workaround solution.

Providing advice

Consultation request is an appeal related to the need to obtain clarifications or additional information about working in the system or setting it up.

A consultation request includes the ability to submit an unlimited number of requests on the following topics: Online tech support jobs

Consulting on the functionality of the system; 

Providing reference and methodological materials;

Providing advice on system installation using standard tools.

Consultation requests do not include issues related to training, development of application modules and adapters using ePlat4m software. If it is necessary to fulfill such requests, the user has the right to request the cost of providing services, after which a technical support specialist will analyze the request, assess the complexity of work, the timing and cost of their implementation, and provide information to the user.

Requests for revision

A revision request is a request to make changes to the system configuration associated with fixing errors or expanding the capabilities of the existing functionality.

Requests for revision are not included in the list of services provided under a certificate for the provision of technical support services, the order and priority of such requests are determined by the technical support specialists in accordance with the system development plan.

If it is necessary to speed up the execution of specific requests for revision, the user has the right to request the cost of the extraordinary execution of these requests, after which the technical support specialist will analyze the request, estimate the labor intensity of the work, the timing and cost of their implementation, and provide information to the user.

If the cost and timing of the revision is agreed, the user pays for the work in accordance with the terms of the contract, after which the technical support specialists proceed to fulfill the request.

Warranty service

Within 3 months after the purchase and commissioning of the product, the end User has the right to free consultations on the functionality and configuration of the software.

The warranty service does not provide for the fulfillment of requests for system revision.

Technical support cost

The cost of technical support services is determined by the ePlat4m software configuration and service provision parameters, and is calculated depending on:

The cost of software composed of:

Platform costs.

The cost of a set of standard modules and connectors used.

The cost of a set of customized (unique) modules and connectors used.

Parameters of providing technical support services:

Speed ​​reaction.

The number of hours of work of a specialist included in the cost of the contract for each of the services.