Tag network

Article (PSA‑0021)

What You’ll Need Before You Start

• Wi‑Fi network name (SSID) and password.
• Printer’s user manual (or a quick look at the online PDF).
• Computer(s) that are already on the SAME Wi‑Fi network.
• The printer should be within about 4 ft of the router for the initial setup (clear line‑of‑sight is best).

Two Ways to Connect a Wi‑Fi Printer

1️⃣ Printers with a Touchscreen

1. Power the printer and open its **menu**.
2. Navigate to **Network** → **Wi‑Fi Setup** (the exact wording varies by brand – see the manual).
3. Select your Wi‑Fi network from the displayed list **or** choose “Manual Entry” and type the SSID exactly as it appears.
4. Enter the Wi‑Fi password – remember passwords are case‑sensitive.
5. Confirm and wait for the printer to show a solid “connected” light.
6. Once connected, you can move the printer anywhere within your Wi‑Fi coverage area.

2️⃣ Printers without a Touchscreen (WPS Method)

1. Locate the **WPS button** on the printer (often labeled “WPS” or shown as a wireless‑plus‑arrow icon). Press it – the printer will now be in “WPS pairing” mode.
2. Within 2 minutes, press the **WPS button** on your router or access point. (If you’re not sure where it is, check the router’s quick‑start guide.)
3. The printer will blink while it searches; a solid light means it’s successfully connected.
4. Like the touchscreen method, you can now relocate the printer within the Wi‑Fi range.

3️⃣ Adding the Printer to Your Computer

1. Insert the installation CD that came with the printer **or** download the latest driver/software from the manufacturer’s website.
2. Run the installer. When prompted for the connection type, choose **Wi‑Fi**.
3. The setup program will scan the network and list any printers it finds. Select your printer (usually identified by make + model).
4. Follow any remaining on‑screen prompts – most will finish automatically.
5. Test the setup: open Notepad (or any text editor), type a line of text, and click **Print**. The printer should produce a page.

Quick‑Troubleshooting Tips

• Can’t see the printer? Ensure both the computer and printer are on the **same** SSID (not a guest network).
• Printer won’t connect? Double‑check that the Wi‑Fi password was entered correctly and that the router isn’t set to “AP Isolation” (which blocks devices from communicating).
• Signal is weak? Move the printer a bit closer to the router or add a Wi‑Fi extender.
• Still stuck? Restart the printer, the router, and the computer – then repeat the steps.

When to Call for Help

If you run into any of the above issues—or if the instructions don’t match your specific printer model—give PSA Computer Services a call at (707) 506‑6802. We’ll walk you through the process or handle the setup for you.

Article (PSA‑0020)

What to Expect

Most consumer printers ship with at least one of three connection options: USB, Ethernet, or Wi‑Fi. This guide walks you through the two most common scenarios:

1. Printer used by a single computer (desktop or laptop).
2. Printer shared with one or more computers on the same network.

Scenario 1 – Single‑Computer Setup

️ Connection Options

• USB – simplest, but limits where the printer can sit (cable length is usually 3‑6 ft).
• Ethernet – use a network cable to the router (covered in Scenario 2).
• Wi‑Fi – covered in a later article.

Step‑by‑Step USB Installation

1. Locate the installation CD/DVD that came with the printer or download the latest driver from the manufacturer’s support site.
2. Run the installer **before** plugging the USB cable in. The software will prepare the driver and may ask for a reboot.
3. When prompted, connect the printer’s USB cable to the computer. The installer should detect the printer and continue automatically.
4. Follow any remaining on‑screen prompts (e.g., naming the printer, setting it as default).
5. Print a test page to confirm the installation succeeded.

⚠️ Note on Sharing a USB Printer

You can share a USB‑connected printer with other Windows computers on the same network via Printer Sharing. This adds extra steps (share the printer from the “Devices & Printers” control panel and install the shared driver on each client). If you need help with that, give us a call.

Scenario 2 – Network (Ethernet) Printer

Why Use Ethernet?

• Places the printer anywhere on the LAN, not just next to one computer.
• Provides a stable, high‑speed connection—ideal for larger print jobs.
• Allows multiple computers to print without additional cables.

Ethernet Installation Steps

1. Connect one end of an Ethernet cable to the printer’s LAN port and the other end to an available port on your router or switch.
2. Power on the printer and let it obtain an IP address (most printers will print a configuration page showing the address). Tip: Note the IP address for later use.
3. Insert the installation CD/DVD or download the driver from the manufacturer’s website.
4. Run the installer. When asked to choose a connection type, select **Network (Ethernet)**.
5. The installer will scan the LAN for printers. Choose your printer from the list (identified by model and IP address). If it doesn’t appear, you can manually enter the IP address.
6. Complete the on‑screen wizard and print a test page.

Adding the Same Printer to Additional Computers

Repeat steps 3‑6 on each additional computer. Because the printer is already on the network, the installer will detect it automatically.

Quick Troubleshooting Checklist

• Printer not detected? Verify the cable is firmly seated, the printer shows a “ready” light, and the router’s LEDs indicate a link.
• Wrong driver? Download the driver that matches your exact printer model and Windows version (or macOS version).
• Print jobs stuck in queue? Restart the print spooler service (services.msc → Print Spooler → Restart) or reboot the printer.
• Multiple computers see different printers? Ensure all PCs are on the same subnet (e.g., 192.168.1.x) and that any guest‑network isolation is disabled.
• Wi‑Fi later? When you’re ready, we’ll cover Wi‑Fi setup in the next article.

Ready to Print?

Once the test page prints, you’re good to go. If any step didn’t work as expected, don’t worry—just give PSA Computer Services a call at (707) 506‑6802 and we’ll walk you through the process.

Alert (TA18-276A)
Using Rigorous Credential Control to Mitigate Trusted Network Exploitation
Original release date: October 2, 2018

Redirects to the Official website of the Department of Homeland Security
[US-CERT – United States Computer Emergency Readiness Team]

To read article visit: https://www.us-cert.gov/ncas/alerts/TA18-276A

Article (PSA‑0009) – Introduction to Virtual Private Networks (VPN)

A Virtual Private Network (VPN) creates an encrypted “tunnel” that carries your Internet traffic through a public network (the Internet) to a private network – typically your workplace, home network, or a commercial VPN server. All data that travels through the tunnel is cryptographically protected, so anyone who intercepts the traffic sees only gibberish.

What Can You Do With a VPN?

• Network security & privacy – Public Wi‑Fi (coffee shops, airports, hotels) is a hot spot for “sniffing” attacks. A VPN encrypts every packet, preventing eavesdroppers from seeing which sites you visit or what credentials you type.
• Remote access to work or home resources – Once connected, you appear to be on the same LAN as the VPN server. You can reach file shares, internal web apps, printers, databases, and other services that are otherwise blocked from the public Internet.
• Access geo‑restricted content – By selecting a server in another country you can make websites think you are physically located there, letting you watch streaming services, use region‑locked tools, or test websites from multiple locales.
• Bypass censorship – In countries where governments block social media, news sites, or messaging apps, a VPN routes traffic through a server outside the jurisdiction, restoring open Internet access.

How a VPN Works

A VPN consists of two main components:

1. VPN client – Software you install on a device (Windows, macOS, Android, iOS, Linux, routers, etc.). The client authenticates to the VPN server and negotiates an encrypted tunnel.
2. VPN server – The endpoint that receives your traffic, decrypts it, and forwards it to the destination network (or out to the public Internet). The server also enforces authentication (username/password, certificates, MFA) and may apply additional policies such as split‑tunneling or DNS filtering.

All traffic inside the tunnel is encrypted with modern ciphers (AES‑256‑GCM is the current standard). When the tunnel is up, the client routes either all traffic (full‑tunnel) or only selected traffic (split‑tunnel) through the VPN.

Common VPN Protocols (2025)

• WireGuard – Fast, simple codebase, strong modern cryptography. Typical use: modern commercial VPNs and self‑hosted solutions.
• OpenVPN (UDP/TCP) – Widely supported, mature, highly configurable. Typical use: enterprise remote‑access and cross‑platform compatibility.
• IKEv2/IPsec – Excellent for mobile devices (auto‑reconnect), strong security. Typical use: corporate mobile‑device VPNs.

Should You Use a VPN?

Even if you never need to reach a private network, a VPN adds a useful layer of protection whenever you use public or untrusted Internet connections.

Benefits

• Encrypts traffic, defending against passive eavesdropping and active “man‑in‑the‑middle” (MitM) attacks.
• Hides your real IP address, making it harder for trackers or malicious sites to profile you.
• Allows secure remote work without exposing internal services directly to the Internet.

Potential Downsides (and how to mitigate them)

• Performance impact – Encryption adds overhead. Choose a fast protocol (WireGuard), a nearby server, and a reputable provider with sufficient bandwidth.
• Trust in the VPN provider – The provider can see your traffic. Opt for a no‑logs policy, audited by a third party, or run your own self‑hosted VPN (e.g., a Raspberry Pi running WireGuard).
• Split‑tunneling vs. full‑tunnel – Split‑tunneling improves speed but may leak DNS or other traffic. Enable DNS‑leak protection and a “kill switch” that blocks traffic if the VPN disconnects.

Best‑Practice Checklist

1. Select a trustworthy VPN (no‑logs, reputable jurisdiction, independent audit).
2. Use modern protocols – WireGuard or OpenVPN with AES‑256‑GCM.
3. Enable a kill switch to prevent accidental exposure if the tunnel drops.
4. Configure DNS‑leak protection – ensure all DNS queries travel through the VPN.
5. Prefer full‑tunnel for public Wi‑Fi unless you have a specific reason for split‑tunnel.
6. Combine with MFA for the VPN authentication step.
7. Keep client software up to date – VPN apps receive security patches just like any other software.

When to Consider a Self‑Hosted VPN

If you need full control over the server, have compliance requirements, or simply want to avoid any third‑party logging, you can install a VPN on your own hardware:

• Raspberry Pi or small Linux box running WireGuard or OpenVPN.
• Edge/router‑based VPN (many ASUS, Netgear, and Ubiquiti routers include built‑in VPN servers).
• Cloud VM (e.g., AWS Lightsail, DigitalOcean) with a VPN installed for remote‑access to cloud resources.

Bottom Line

For everyday users, a reputable commercial VPN provides a quick, user‑friendly way to protect privacy, secure public‑network use, and reach remote resources. For businesses, pairing a corporate VPN with a zero‑trust architecture (MFA, least‑privilege network policies, and conditional access) offers the strongest protection.

Disclaimer

This article is for **informational purposes only**. PSA Computer Services does **not** provide VPN services, nor do we sell, install, or manage VPN solutions. For assistance selecting a VPN provider or setting up a self‑hosted tunnel, please consult a qualified network or security specialist.

“There is wisdom in a multitude of counselors.”

Tip (ST18-001)
Security Tip – Securing Network Infrastructure Devices
Original release date: June 21, 2018

Redirects to the Official website of the Department of Homeland Security
[US-CERT – United States Computer Emergency Readiness Team]

To read article visit: https://www.us-cert.gov/ncas/tips/ST18-001

Article (PSA‑0006)

A firewall is a security barrier that separates a **trusted** network (your home or business LAN) from an **untrusted** network (the Internet). The term comes from fire‑prevention: just as a special type of wall can slow/stop a fire from spreading, a firewall can stop unwanted traffic from reaching your local devices.

Types of firewalls

• Software firewall – Runs on an operating system (Windows Defender Firewall, macOS Application Firewall, Linux iptables/nftables, third‑party tools).
• Hardware firewall – A dedicated appliance or a router with built‑in firewall capabilities.
• Cloud‑based firewall (FWaaS) – Managed firewalls delivered as a service (e.g., Azure Firewall, AWS Network Firewall, Cloudflare Zero Trust Gateway).
• Next‑Generation Firewall (NGFW) – Combines traditional packet filtering with deep‑packet inspection, intrusion‑prevention, application control, and often integrated sandboxing.

How Does a Firewall Work?

Firewalls enforce a set of security rules that decide whether to allow or block traffic. They inspect traffic at different layers of the OSI model, using one or more of the following methods.

Core filtering methods

1. Packet‑filtering (Layer 3/4) – Examines source/destination IP addresses, ports, and protocol type. Simple, fast, but limited to “allow/deny” rules.
2. Stateful inspection (Layer 4) – Tracks each connection’s state (SYN, SYN‑ACK, ESTABLISHED, FIN). Only packets that belong to a legitimate, established session are permitted, which reduces spoofing.
3. Proxy / Application‑level gateway (Layer 7) – Acts as an intermediary for specific protocols (HTTP, SMTP, FTP). It can inspect the actual payload, enforce URL filtering, and hide internal IP addresses.
4. Deep‑packet inspection (DPI) & sandboxing (NGFW) – Analyzes the full content of packets, detects malware, blocks suspicious scripts, and enforces application‑specific policies (e.g., “block Facebook app traffic”).

Do You Need a Firewall?

Absolutely. If a device can reach the Internet, it should be protected by an up‑to‑date firewall.

• Windows 10/11, macOS, and most Linux distributions include a built‑in host‑based firewall that is enabled by default.
• Home routers / ISP‑provided gateways usually have a basic hardware firewall (NAT + simple packet filter). You can tighten those rules via the router’s web UI.
• Small‑business networks benefit from a dedicated firewall appliance or a cloud‑based firewall that offers:
  • Intrusion Prevention System (IPS)
  • Application‑aware filtering
  • VPN termination (site‑to‑site and client‑to‑site)
  • Centralized logging & reporting

Quick self‑check

1. Is the host‑based firewall turned on? (Windows → “Windows Defender Firewall”; macOS → “Firewall” in Security & Privacy.)
2. Does your router have the default “block inbound unsolicited traffic” rule enabled?
3. Are any ports deliberately opened to the Internet (e.g., remote‑desktop, web server)? If so, confirm they are necessary and secured (use VPN, strong passwords, MFA).
4. Do you have a separate hardware or cloud firewall for your business network? If not, consider adding one as you scale.

Best‑Practice Checklist for Firewall Management (2025)

• Keep firmware and definitions up to date. Automatic updates are essential to protect against newly discovered exploits.
• Apply the principle of least privilege. Only allow traffic that is explicitly required; block everything else by default.
• Use separate zones. Separate Wi‑Fi guests, IoT devices, and corporate workstations into different VLANs/sub‑nets with inter‑zone firewall rules.
• Enable logging and alerts. Forward logs to a SIEM or a cloud log service to spot abnormal patterns early.
• Deploy a VPN or Zero‑Trust Network Access (ZTNA) solution. Remote users should never connect directly to the LAN; tunnel through a secure gateway.
• Regularly review rules. Conduct a quarterly rule‑audit; remove stale or overly permissive entries.
• Test your configuration. Use tools such as Nmap or external port‑scan services to verify that only intended ports are open.
• Consider a Next‑Generation Firewall. For businesses, NGFWs provide integrated IPS, URL filtering, and application control, reducing the need for multiple separate security products.

Emerging Trends (2025 Addendum)

• AI‑assisted threat detection – Modern NGFWs use machine learning to spot anomalous traffic patterns and automatically quarantine suspicious sessions.
• Zero‑Trust Network Access (ZTNA) – Replaces traditional perimeter firewalls with identity‑centric policies; each request is verified before access is granted.
• Secure Access Service Edge (SASE) – Converges firewall, secure web gateway, and cloud‑based security into a single, globally distributed service.
• Immutable, cloud‑native firewalls – Provide auto‑scaling, instant provisioning for hybrid‑cloud environments (Azure Firewall Premium, Google Cloud Armor).

Need a Firewall Review or Upgrade?

If you’re unsure whether your current firewall is configured correctly, or simply need a quick health‑check, give PSA Computer Services a call at (707) 506‑6802. We’ll assess your environment, and ensure you have a modern, reliable protective barrier.