Search results

  1. B

    SSL VPN

    Narrow it down to Juniper and Cisco. Contact account teams from both companies and request a demo box to play with. We used Juniper (Netscreen/Neoteris) where I worked before joining Cisco and it was great. 3 years ago, Juniper owned Cisco on SSL VPN...now they don't. ASA 8.0 has very easy to...
  2. B

    WOW! New CCNP/CCDP tests are very hard

    I finished up taking all the new CCNP/CCDP tests at the end of January. I'm in the Associate Systems Engineer training program at Cisco and they mandated that we all take the new exams. I'd never taken the old ones, so I had nothing to benchmark them against. I took the BSCI/BCMSN composite exam...
  3. B

    PIX Question

    What version are you running on the PIX?
  4. B

    blogs for project management?

    Wordpress is an awesome blogging tool. You could also use something like vBulletin, phpBB, or YaBB bulletin boards for this. Bulletin boards would probably work better if you're expecting heavy feedback for each post.
  5. B

    Network Infrastructure Recommendations

    I'd have them get their own internet connection. What you're wanting to do is technically possible, with the ability to reasonably secure your own network from threats. However, the liability you create (as illustrated above), and the steps you'd need to take to make sure they don't use all your...
  6. B

    Cisco ASA 5500 Series Appliances

    The last version I played with in a production network was 7.2 on a 5510 at my last job. It was very, very stable. We replaced a 515 with it. The initial release, 7.0, was incredibly buggy. The bugs were fixed rather quickly though. I have only played with them in the lab since then. Stateful...
  7. B

    Does this mean Cisco will be its own ISP?

    Given how much time we've spent building our partner model, and given that service providers are a MASSIVE part of that model, I would be very very surprised if Cisco ended up trying to form it's own service provider. It doesn't make business sense. I'm with cmetz...looks like a defensive...
  8. B

    Tracing message board posts...

    It doesn't look like he's using cross-site scripting...at least in his posts. He may be using it in a PM. However, it looks to me like what he's doing is PM'ing someone to click a link to some sort of external page. Could possibly be a map that dynamically loads a map based on the IP address of...
  9. B

    Questions about routers and firewalls

    Since you're just learning, you might as well learn correctly. Routers dont do anything but route traffic. They don't block anything. "Network Address Translation" and "Port Address Translation" (NAT/PAT) are features on routers that allow you to have multiple computers on your home or...
  10. B

    Get around a firewall

    If you just need to fill out a bit of paperwork, go do that. Once you get it done, go research how to get around proxies. Like someone else mentioned, theres a thread on this a little ways down the page. While you may have completely noble intentions, others who read this forum may not. Also...
  11. B

    Access-list question

    In all the IOS versions I've used, you cant use the "access-list <name> line <#>" command to insert an entry into an ACL. You have to remove and rewrite the entire ACL. This is a function that should be implemented in IOS...but it's not in all the versions I've used.
  12. B

    Is there a "best" server brand?

    Also, make sure you stay up on your licensing from the very beginning. I was put in a situation at my last job of going through all the old software and bringing us up to date licenses for 200 employees. It was a giant PITA. It also has the perception of being cheaper to keep your licenses up to...
  13. B

    Is there a "best" server brand?

    The IBM servers have a good reputation with people I know. The HP's do too, though. At my previous job, we used Dell servers. The servers were good, but the support sucked.
  14. B

    IDS - Snort for commercial purposes?

    Yeah it works pretty well.
  15. B

    Can't seem to find a decent wireless router

    FWIW, I've always had good luck with ZyXel wireless routers. I've got a ZyXel Prestige 334W and it works great. I've never had a problem with it. Just offering this up in case you start looking at another brand.
  16. B

    Hardware Firewall/Router Opinions

    I would have to disagree with you somewhat Jack. This holds true on a lot of small soho devices like Netgear, DLink, Linksys, etc. On bigger devices and in corporate speak, DMZ != no protection. An an example the PIX 515 is available in a 3-interface model called the "DMZ Bundle." The third...
  17. B

    Why do some people run around with their mouths closed?

    You're supposed to breathe through your nose and exhale through your mouth, but I know people who do both through their nose.
  18. B

    Whats the difference between Cisco 831 and Soho 91?

    Just from glancing over the specs, it looks like the 831 has more features: Dynamic DNS, IDS, a DMZ port, the ability to do web filtering via websense or N2H2, hardware-accelerated encryption, EasyVPN (which is nice to have should ever want to VPN back into your home network - it makes setup...
  19. B

    cisco 1811 equivalent out there?

    Fortinet and Netscreen both make units similar to what you're looking for (although I don't think they support VLAN's for the price range you're in). They're closer to $600. The units I'm thinking of would be the Fortigate 60, and the Netscreen 5GT or XT. Can't remember. You're sure you want...
  20. B

    Verizon Loses Internet Connection when Bit Comet is Running.

    Odds are that you're maxing out your connections. Try reducing the number of connections, not just the number of downloads.
  21. B

    So who has the most sophisticated home network?

    I dont run my Cisco gear on my home LAN. I use it for testing and learning. Home LAN: ZyXel Prestige 334W 802.11g router/firewall that I got for free for beta testing some Trend Micro stuff. Lab: Cisco PIX 501 Cisco 2600 router Cat 2950 switch
  22. B

    ICSA Labs Certified Router/Firewall

    Sonicwalls tend to have buggy software, and are notorious for horrible tech support.
  23. B

    ICSA Labs Certified Router/Firewall

    I've used many different 3com, Netgear, and USRobo (the USRobo of today is NOT the USRobo of old) products. Of those three, Netgear is the most reliable and easy to use - and it's hit or miss with them. Even within a certain model, there are way more "bad batches" than with other brands I've...
  24. B

    ICSA Labs Certified Router/Firewall

    The Linksys RT/RV042 is the only one out of any firewalls you've posted that I'd even consider purchasing. The netgear comes close to getting a consideration, but all the other brands/models are not reliable and/or not easy to use.
  25. B

    ICSA Labs Certified Router/Firewall

    Look dude, 3com, watchgaurd, netgear, usrobo, trendnet, hotbrick...it's all crap man. Just go down to CompUSA and get the $15 Belkin router special, pick up some tin foil at the grocery store and it's all good. Shoot, Belkin even got the Maximum PC "Kick Ass" award for their swag. Thats...
  26. B

    firewall comparison

    Assuming all of them meet your requirements....(it would help to know what those are, too) I'd take the ASA over the Juniper. I dont know a lot about the X505, but if as much thought went into it as did the UnityOne then I am sure it's an awesome product.
  27. B

    ICSA Labs Certified Router/Firewall

    Gee, excuse me. And where in your postings have you mentioned that you knew who Fortinet is? Right. If you want to go with Watchgaurd, go ahead. Have fun.
  28. B

    What's the Most Common VPN Topology

    The most common is a star topology - aka: wagon wheel, or hub-and-spoke. Basically its A -> B, A -> C, A -> D, A -> E, etc. Whether or not B, C, D, and E will be able to communicate with each other will depend on your VPN equipment. I have no idea about the netgear stuff, but I'd guess and...
  29. B

    ICSA Labs Certified Router/Firewall

    www.fortigate.com
  30. B

    To 3DES or not to 3DES?

    Yeah there is no practical attack on 3DES other than brute forcing the key. However, if an attacker can somehow get access to the S-Boxes used to create the key then you're screwed. The last I heard, AES was approved for government use with non-classified material. The ciphers used to...
  31. B

    how to deal with bruteforcing

    Might be a good idea to send the logs with your email.
  32. B

    To 3DES or not to 3DES?

    I think you're incorrect about 3DES being easily crackable. Do you have any links, or can you explain?
  33. B

    To 3DES or not to 3DES?

    DES is considered to be insecure. Someone built a purpose-built machine (~10 years ago?) that brute-forced DES in just a couple of days. There are other methods of attacking DES that are faster than brute-force but to my knowledge none of those methods are practical yet. 3DES has more...
  34. B

    How to secure the office environment

    VPN hardware offloads the whole VPN process from the local client systems. VPN hardware has the ability to create one VPN tunnel that can provide VPN access to every computer on the LAN. It creates a true "LAN-to-LAN" extension of your network. Software allows you to automatically create...
  35. B

    How to secure the office environment

    By software, I assume you mean a client installed on each PC? There's certainly merit to that. The only problem is that each client is going to take up (typically) a lot of resources on the host computer. The processing overhead is not as much as it used to be because of newer generation CPU's...
  36. B

    Network Topology

    Thanks, I'll check it out.
  37. B

    How to secure the office environment

    Yes. NOD32 - This is the best package around, IMO. It's very compact, and catches almost everything. Trend Micro - Either the Client/Server Suite or NeatSuite, depending on what your requirements are. There is a nice table at the link that shows the differences between the packages. The...
  38. B

    Do standard household routers work for T1 lines?

    Not really. There are greater differences than that, but probably not many you'll notice as a home user.
  39. B

    Do standard household routers work for T1 lines?

    Please, lets not confuse ourselves even more here. A T1 connection will use an RJ45 and it can use CAT5e cabling too. The difference is in the wiring inside the plug, and the signals that travel over the wires. Saying that it's an ethernet plug or CAT5e really means nothing. You need to get...
  40. B

    Network Topology

    QFT. A star is nothing more than a hub-and-spoke, or wagon wheel, design. Where every end node connects back to the same central hub. A network where everything has redundant paths to everything else is a fully meshed network. I'll also chime in and say that I'm also very interested to...