Is **everyone** moving to subscription based licensing? Networking |
- Is **everyone** moving to subscription based licensing?
- How is Cloudflare's public DNS (1.1.1.1) so fast?
- Configure iPv6 Automatically, Manual, or link-local only?
- Total "Threat Prevention Throughput" Through An Appliance
- NetFlow impact?
- Skinny on Aruba Networks
- Capturing packets at 10Gbps or greater.
- Interviewing at a ISP for a internship in the NOC
- Aruba VSF and MAD-VLAN
- Is an EEM script the best option?
- Cisco ASA - VPN using Identity/CDA for ACL Rules
- does a normal switch impact VoIP?
- Connecting two small offices that are close, but in different buildings
- Verify tcp windowing on Windows
- L2TP + Site-to-Site VPN
- Cisco 9300 Reflexive ACL
- Netflow analyzer ranking
- Adding a stand-alone web filter without replacing gateway?
- IP addresses blacklist providers
- Using Routemap to Filter traffic using multiple ACL statements
- Server Colocation Connectivity
- Need advice with an infrastructure planning
- Semi cheap fiber optics testers for OM1 to 3 and OS 1 and 2
- Creating a WiFi Bridge with Cisco's Mobile Express deployed
Is **everyone** moving to subscription based licensing? Posted: 07 Feb 2020 09:06 AM PST I am curious if any manufacturers are continuing with old school perpetual licenses? Specifically interested in Aruba, Palo Alto, Arista, Juniper. This whole move to subscription based licensing is going to cost a lot more and may kill the used market. [link] [comments] |
How is Cloudflare's public DNS (1.1.1.1) so fast? Posted: 07 Feb 2020 07:28 AM PST I can ping 1.1.1.1 in < 1ms, Google's DNS is 14ms, OpenDNS is 14ms, Quad9 is 45ms, . This is across AT&T fiber. Do they have better peering agreements or what? Just a coincidence they have a better peering agreement on ATT's network near me? I trust Google's DNS more so that's what I use, but I'm just curious. [link] [comments] |
Configure iPv6 Automatically, Manual, or link-local only? Posted: 07 Feb 2020 03:34 PM PST What iPv6 configuration is better is terms of security or speed? (if speed has to with it) [link] [comments] |
Total "Threat Prevention Throughput" Through An Appliance Posted: 07 Feb 2020 01:26 PM PST Hey All, I was curious how you accurately gauge your company's overall "threat prevention throughput" for a security appliance [Cisco ASA, Palo Alto NGFW, etc]. Our company is in the middle of refreshing our Palo 5050, but from what I am seeing this box [and likely the entire 5000 series] seems overkill for our mini-enterprise. Trouble is, our sales engineer was concerned with us moving down to the 3000 series and was pushing for us to stick with the new 5220 platform. He looked at the output for "show running resource-monitor" and claimed this was cause for concern. If you look at the column for AVG CPU use, it is hovering at a constant 0-2%.... I mean really? So what if the peaks are hovering at 20-40%, isn't the average the main concern? If so, we are barely putting a dent in the 5050s horsepower. I can't help but feel like there is heavy sales bias here. We also peak at 130,000 connection streams and have an aggregate of 30-50k connection streams on any given day. I will reply to this post w the output. Thanks for any feedback! Cheers, [link] [comments] |
Posted: 07 Feb 2020 03:58 PM PST Preface : I am not primarily a network engineer, but a sysadmin whose networking knowledge tops out at a CCNA R&S/Sec. I wanted to get a community opinion on the impact that enabling NetFlow/sFlow across ~800 Juniper switches would have. This is in the context of implementing Cisco StealthWatch, and I understand that it's entirely dependent on topology, but bear with me. Our senior network engineer is concerned less about bandwidth and more about resources on said switches, stating that he'd crashed a Nexus 9K with NetFlow, and that he's been burned numerous times in the past by enabling it. My understanding is that if it's configured correctly, and you're not trying to ship out every piece of data under the sun, you're likely going to fair well. Is he paranoid, or am I naive? [link] [comments] |
Posted: 07 Feb 2020 05:45 AM PST Hi All, My company is doing an evaluation on wireless in the coming months. As I gaze into the all knowing magic quadrant I see Aruba showing as a top contender. I am however aware that they are owned by HPE. My question to everyone is Aruba operating as it's own company or is HPE running it? I hear HPE ruins most things it buys, so i'm curious if HPE is doing what Cisco does with Meraki and let's it operate like a red headed step child or puts a ring on it and operate it like an owned product of HPE? [link] [comments] |
Capturing packets at 10Gbps or greater. Posted: 07 Feb 2020 07:43 AM PST How do you guys packet capture at 10Gbps or greater? Looking for a portable way to do this. The only thing I see that isn't basically a monitor bolted to a desktop with a handle is ProfiShark 10G. They don't give pricing on the website so I doubt it's in a realistic price range that my company would pay for. [link] [comments] |
Interviewing at a ISP for a internship in the NOC Posted: 07 Feb 2020 03:51 PM PST What questions should I ask as the candidate? Also what is a good way to prepare for the interview? [link] [comments] |
Posted: 07 Feb 2020 03:17 PM PST New to VSF and I am not understanding the MAD-VLAN. I understand that is to help detect a split in the VSF, but not how is it used/implemented. Any examples on how to properly implement would be helpful [link] [comments] |
Is an EEM script the best option? Posted: 07 Feb 2020 02:54 PM PST We have data data center A and data center B connected via dark fiber and iBGP peered over that. Both data centers are advertising the same /24 public IP subnet to separate ISPs. The devices in said subnet are at DC B. DC A is the primary path. Problem is, if the cross connect between data centers goes down DC A is still advertising the preferred attributes to the internet. Is an EEM script applying a route-map based off an iBGP peer down syslog message the best option? All BGP. Edit: For cost reasons it is not an option to make DC B the primary for this subnet. Edit: Yes, DC A does have the /24 BGP network statement. I shall lab up removing that to be safe and simulate xconnect failure. Thank you all for pointing out this (what should have been obvious) solution. [link] [comments] |
Cisco ASA - VPN using Identity/CDA for ACL Rules Posted: 07 Feb 2020 04:38 AM PST Hello, As the title suggests - has anyone got Identity/CDA working when using user rules in a filter access list? What I want to achieve is users VPN in using their AD credentials. From here, there's a Filter ACL that limits what users can access depending on their user group. When authenticating - I can see the user on CDA with the IP address of the VPN subnet, however i cannot pass traffic. If I remove the ACL or put an IP any any at the top, traffic works fine. Any suggestions? [link] [comments] |
does a normal switch impact VoIP? Posted: 07 Feb 2020 09:32 AM PST we have been getting some funnies with delay figures with a cisco switch in front of some Voip equipment we have. it's narrowed down to the switch or voip equipment. what i wanted to know is... do you need to set up QoS on a switch if it's simply being used as layer 2 distribution in a VLAN (nothing special being done on the VLAN) ? or is the ASIC architecture fine and fast enough to process packets fast enough in its default setup? [link] [comments] |
Connecting two small offices that are close, but in different buildings Posted: 07 Feb 2020 06:23 AM PST My company is expanding into the building next to us, and door to door, it's less than 100' away. There's approximately 5' of permeable ground between the buildings. Both offices are wired for cat 6. My plan is to have a contractor pull any required permits and run (weatherproof exterior) cat 6 between the offices, burying and going up walls and over the roof as needed. I'll join the second office's network into a switch in the first office. I'm considering that maybe I should run multiple lines in exterior conduit for scaling and failure, or fiber, but this may be overkill. Thoughts? Is there a better way? Something I'm not thinking of? [link] [comments] |
Verify tcp windowing on Windows Posted: 07 Feb 2020 10:46 AM PST Apologies if this is obvious but I haven't been able to find an answer on the gbase. I am looking for a way to verify that TCP windowing is enabled on windows, I know that it should be enabled by default but also read that certain versions of Windows server may have it disabled. What's the best way to verify that windowing is enabled? [link] [comments] |
Posted: 07 Feb 2020 09:53 AM PST Hellow everyone! I want to create a VPN network for different mobile clients which connect to Cisco ASA 5505 and pass their traffic through two tunnels. The main idea is clients have access to the Internet with global source ip address of Debian (look at the topology). I got an idea to create a site-to-site VPN between ASA and Debian and pass traffic through it. I have already created ordinary L2TP/IPsec to ASA, but I'm not sure that it will pass clients' traffic through the second (site-to-site) tunnel. Please, can anybody help me to understand is it a good way to provide that scenario? [link] [comments] |
Posted: 07 Feb 2020 03:20 AM PST Can anyone confirm whether the C9300 supports reflexive ACLs? It seems I cannot find a definitive answer in the guides or command references [link] [comments] |
Posted: 06 Feb 2020 08:21 PM PST I figured I'd pick the brains of some fellow IT geeks! I work for a large fortune company out of Canada. Which Netflow analyzer is the best and why? I have an idea, but I'd like to get your unbiased pov. SolarWinds, Manage engine, Darktrace, RSA, Vectra [link] [comments] |
Adding a stand-alone web filter without replacing gateway? Posted: 07 Feb 2020 12:41 PM PST Like ya dumb question but as a newb could someone explain the concept or flow of adding something like a stand alone web filter to a network, say something that might be blocking websites or ads, that doesn't require integrating into the gateway? Would you put an appliance or server like that into the same VLAN as systems you wanted to filter, and then have the gateway redirect all traffic/requests to the Internet to the appliance? I'm just looking for a simple stand-alone solution and the basics for getting started. I looked at Firewalla but I'm not sure how exactly that works. [link] [comments] |
IP addresses blacklist providers Posted: 07 Feb 2020 12:11 PM PST |
Using Routemap to Filter traffic using multiple ACL statements Posted: 07 Feb 2020 04:19 AM PST Hi all, I am trying to use Route map to filter multiple ACLs in one hit and applying them to an interface. Is there a way to this using routemaps? So basically ACLs below: ip access-list extended SSH_WebApps ip access-list extended WEBSERVICE I have 3 interfaces: GigabitEthernet0/0 192.168.1.254 YES NVRAM up up G0/0 ==> LAN G0/1 ==> Primary ISP G0/2 ==> 2ndary ISP So looking to filter on both wan interfaces Would appreciate any help Thanks [link] [comments] |
Server Colocation Connectivity Posted: 07 Feb 2020 11:35 AM PST Anyone familiar with how connectivity is supplied in colocation centers? My company are looking to consolidate hosted VM's and onsite servers into a nearby colocation center - this would be a first for us and I will be tasked with the technical end of it. We're looking at a 1/4 rack space and would be initally installing two machines with a view to expand in the future. Would I be correct in the assumption that the connectivity provider will most likely be physically delivering either cat5 or SFP? I'd imagine we would install a router also - what would be recommended/standard? [link] [comments] |
Need advice with an infrastructure planning Posted: 07 Feb 2020 01:45 AM PST Hey there, We are planning to deploy star-type network in a new office building, with approximately 30 "beams" connecting to centeral switch. Some of this are dedicated to IP cameras (like 8 switches with 90 cameras in total). My question is what kind of bandwith/bottleneck problems are possible here, how do you guys integrate surveillance traffic in to your networks? Thanks [link] [comments] |
Semi cheap fiber optics testers for OM1 to 3 and OS 1 and 2 Posted: 06 Feb 2020 05:59 PM PST Looking for some advice on decent, but cheap, fiber optics tester units for OM1 to 3 and OS 1 to 2. I'm working for a company that has a number of sites that have a large geographic foot print, often over rough terrian and we are often in need of a decent tester to determine if the cable is bad or works (can pass light, or even the dbm)? Looking for something that is decently cheap, under $500, and somewhat user friendly that can do mainly SC and LC. I'm not too concerned on know where the cable break is (2 out of 3 times a cow or something has chewed through it) or anything like that, just that it's still up or time to run a new one. Could really use some advice on a decent tester, that should it break or go missing, not to worried and can get another. Any insightful input would be great! [link] [comments] |
Creating a WiFi Bridge with Cisco's Mobile Express deployed Posted: 07 Feb 2020 09:07 AM PST Hello all, I'm managing a site that currently has a few Cisco AP1832I deployed with Mobile Express. We now need to add WiFi to a small open field (it's open but without public access) that's about 80m from the main building. The thing is, that field doesn't have any infrastructure, only power. Between the main building and the field there's a public road, so can't use cabling. Can I use a couple of AP1562s to do a transparent WiFi bridge? I plan to interconnect the AP1562 that's on the field with a direct UTP cable to another AP1562 to give WiFi to that location, since I don't have any kind of networking, am I thinking correctly? Thanks all! [link] [comments] |
You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States |
No comments:
Post a Comment