Search results

FYI, there is no such thing as SQL Scanning for AV.

You can do some version of host checking, but this largely depends on your vpn manufacturer. (regardless of whether its SSL or IPSEC). We use the Cisco Anyconnect client to do host verification before we allow a device to establish a VPN tunnel. In our particular case, we put a registry key...

I'm fairly certain that this does exist in SNMP, but you are going to have to search the 20 different MIBs that are available for ASA to find it. I know this is possible because I have an SNMP counter that I watch which tells me how many concurrent VPN users are online. That also took...

For high throughput and low budget, roll your own is the only way to go. Most companies class their firewalls by throughput, so to handle a true 150mbps connection, you are easily in the 1k - 2k range (if not higher). pfsense or untangle is the way to go.

One thing to note. Make sure you have backup power for your HVAC system. You can build all the redundancy + generator for your power needs, but it won't mean squat if your HVAC system isn't online during an outage.

Another one is PRTG by www.paessler.com We just switched our NMS package and it works well. Monitor about 150 devices, with about 2000 tests.

Wow, did not know you could delegate reverse lookups. Now requesting my ISP to point my /24 to DnsMadeEasy

As far as the network switches go, the OP would need to explain his environment before recommending for/against specific switches. The 3750's are great in IDF use and in certain low -mid size core designs. But if you push line rate on some interfaces or have a mid-size SAN, you will...

I guess the qualifier would be, "when setup correctly". I use our wireless, 8 hours a day. 4402 controllers, 1242 AP's. 802.x authentication. I guess you have had a bad streak of experiences, but to say wireless is completely unreliable is laughable at best.

Here is another way of looking at it. SNMP Polling means the Network management server (Nagios, Cacti, PRTG, etc), will poll the managed device (switch, server, etc) at specific intervals. It's like scheduling a ping test every 30 seconds. But instead of sending and ICMP packet, it will do a...

Call up the nearest colocation provider and look at all the redundancy they provide. Now think about building that out in your own new environment. Can you do it? Is it cost effective? Some things to think about. Make sure that your AC for your room + UPS are also on a circuit protect by...

Well, when they released 8.x, they only had one type of licenses for anyconnect. That licenses has now become Anyconnect Premium, with a entry level license called Essentials, mobile, etc here is a good breakdown...

So what happened is, with the release of ASA 8.x, Cisco said Anyconnect would be the only support 64 bit client. Then a year or two ago, they released a 64 bit IPSEC Client. Anyconnect 2.x is 32/64 bit however SSL VPN only. Anyconnect 3.x (secure mobility) is 32/64 bit and supports...

Lastly, the other thing you could do is keep the ASA, and have it fully managed by a MSSP and not worry about it anymore. They could fix the design issues and handle all the rule creation for the both of you.

Since your needs are somewhat modest, pfsense, smoothwall, ipcop, untangle will probably fit your bill. Which solutions does your netadmin like? Out of those, it seems like smoothwall has a commercial option that is more inline for SME (patches, support, etc). Above those level (entry level...

I think if we had a better idea of your environment, we'd probably give you a better answer. But with the few details that were in this thread, I think you could move to pfsense and be fine. It might be that the ASA 5520 is being used as a glorified NAT and packet filtering FW, which the PF...

Yes, the 5505 definitely can. I've pushed one of ours easily in the the 90's. The learning curve is a bit steeper, but well worth it. (for your career as well).

Since you think that its set for 1GB on the RVS4000, it just might be that it can't push more than 25mbps. Remember, 1GB is only Full duplex.

What do you want to do with it? Is this for infrastructure logs or apps?

SNMP traps are one way, similar to UDP packets. Depending on the solution you end up going with, it may be more secure to put a collector at each site which all the local servers send their traps to and then have those traps be uploaded to your server at your location. Since you are just...

One distinction I want to make is platforms that can monitor SNMP enabled devices and platforms that handle SNMP traps from SNMP devices. Most enterprise grade NMS systems do both, but not all NMS system do trap management. I've used some of the big boy NMS systems (Openview, Unicenter...

There is a huge secondary market for 6500 series chassis and components. If you are happy with current feature set and don't have pressures in cooling and power, just keep the unit and buy some spares. Network Hardware Resale and Prism Innovations offer support for EOL products at very...

Check with Quest software and NetIQ. They have tools to do most of the AD stuff that you are looking. It's not cheap, but they've been doing that for a pretty long time. now on the file share management... Quest and Netiq might have something. CA also. But there are these two companies that...

BGP is your friend. Are you building from the ground up or buying space in an existing colocation provider? From a customer point of view, I would expect diverse carriers at a minimum. Unless your going the super cheap hosting with 1gig cogent connection. Also, getting started, I would...

I don't even want to know how your organization decides to switch platforms prior to you figuring out how to manage them. We use Good to manage out android and apple devices, as well as BES for our blackberry platforms. However Good is more of a secure messaging platform than a mobile...

What kind of firewall do you use? We switched from Checkpoint / Websense to Palo Alto networks and its been working great. No per user fees and much granular control of things like the social media sites and stuff.

BTW, what are you going to scan the files with? No AV app is going to catch that.

If server density per RU is the only deciding factor , I can see why one would choose Dell / HP. But for sure it wouldn't be the better solution or cheaper solution. It became pretty apparent to us that the numbers were very close in a single chassis deployment, but with 2+ chassis, it...

I don't know of any FC target software that you could load to do what you want. If you went with 10gbE, you could have run FreeNAS or the Storage server add on to run your win2k8r2 instance as an iscsi target.

On our next renewal, we will be moving to paessler's PRTG. Currently on a package that is mucho bucks in maintenance and PRTG gives me all the features for a fraction of the price.

Another way is to give out a different set of IP's when connecting by VPN. We have a completely separate /24 dedicated for our Remote VPN users. From the checklist it seems like you have a sonicwall and a cisco VPN concentrator. Do you have a L3 Switch inside the network or is the...

Well, it depends on how much you want to spend. I've seen companies use Symantec Puredisk and EMC Avamar to accomplish this. Think of it like Mozy in house, but made from the companies that have experience in doing backups. If cloud providers where you use pay per use models don't work...

Keep in mind that netflow only keeps track of packets that come across a L3 interface. Thats why you don't see support for it in most stackable cisco switches. If you want to monitor traffic between hosts on the same L2 network, you need to use a packet analyzer and a SPAN port. Foundry...

Unfortunately that cable won't work for what you want it to do. It requres a central KVM to connect to. You are basically looking for a 1 server IP KVM. Something like this: http://www.kvm-switches-online.com/0su51068.html

Yea, I just bought 4 APC 3100, nearly brand new for 325 each on craigslist.

That's an interesting white paper, but would hardly call it authoritative. I'm wondering what the paper for 2010 would look like since they have archiving built in. Alot of the points that they raise in that white paper has been mitigated (since even before the e2k7 rollout). For one...

Can you cite where you read that stub files are bad? We've been running EV since the KVS days and overall been very happy with it. Yes, its enterprise grade and it requires additional resources, but I don't think there are too many options at that level. The only issue I see with Ex2010 and its...

To be frank, I don't think its possible to setup a SAN environment for 800. This type of environment is best learned when you work for a company, since they will have support and access to software to make this all work. The only labs that I have seen where one has a SAN environment are those...

Well, yes there are, but they are all about the same cost (if not more expensive) than the ASA. Checkpoint and Palo Alto have them, and i'm thinking Juniper should also over virtualized firewalls.

Well, if you use a router or put a router between your production network and netgear switch, you get to ghost AND give internet access to those ghost clients.