We help IT Professionals succeed at work.

ISP SELECTION - ADVICE

Ive been doing some reading and Im aware that some so-called ISP's are not really what I recognize to be proper ISP companies.

In the UK the proper ISP I think are:

- BT - Deal with both residential, small-to-medium & corporations
- ATOS Origin - Deal with both residential, small-to-medium & corporations
- AT&T - I think deal more with Government stuff rather than commercial
- O2 Airwave - I think mainly mobile company

Not so real ISP companies

- Virgin Media
- NTL - I think are a sub-sidery of Virgin Media but last time I heard deal with the Business Internet connection
- SKY - Mainly tv packages but yes offer internet service
- Talk Talk - Offers internet services
- PlusNet - Offers internet services

How to go about receiving the correct information on what an ISP specifically provides, rather than later finding out after signing the contract that the advice was ambiguous even though it may well be able to be provided but causing extra complex configurations on the customer side or even having to pay for so-called extra service on top of the so-called already agreed contract, or the service that I wanted was not there or NOT compatible with my own equipment etc..

The only option I can think of is saying 'NO' to payment as received 'ambiguous advice and not been provided with the service as per what was discussed' as they are supposed to be giving the advice I thought although some claim 'NOT' to be advisors so they are not responsible.  This I find total ludicrous.

This question maybe more related to corporations without me realising this..

The advice would be appreciated..

Qns1. Should I really have to get an IT Lawyer to draw up a contract for these types of unforeseen issues, rather than just signing their own contract - ?
Comment
Watch Question

Most Valuable Expert 2011
Commented:
I think you have a wrong view of what an ISP is.

An ISP is anyone who provides an Internet connection to ANYBODY,....and usually can offer more than one type of Connection Technology (Frame Relay over copper, Frame Relay over Fiber, MPLS, DSL).

AT&T is just a phone company that branched out into other things.  They also deal with anybody.  Our DS3 Fiber is an AT&T line but we chose to use a local ISP to broker it between us an AT&T because I don't want to have to deal with AT&T Support for our needs.  So I call the local ISP and they take care of us.

CableTV ISPs are in their own little world and are primarily build around the Homer-User concept.  They often provide their service in only one way in terms of technology.  They may offer different speeds,...but that is not a change in technology,...it is just a matter of throttling.

Bottom line,...Why ask us?  

You just have to:

1. Know what you need,...rather then let them tell you what you need.  They are always going to try to sell you what is convenient for them, not you.

2. Spend some quality time with the sales people of those providers to determine what is going to serve you the best.  You would never accomplish this if you are a marketing guy yourself or a bean counter,...you must be a solid technical guy to cut through all the crap and get what you really need.  You need to know what kind of Line Technology and IP Structure serves your cause,...a marketing guy or an accountant in your company is not going to know those things, they would just try to go with what is cheaper and you would be screwed.

3. There is no such thing as an IT Lawyer.

Author

Commented:
Hi pwindell, My knowledge is around Win 2003 & 2008 and ccnp level..It was just a query to see what Experts would say so that I can guage my own thought process..

When you say I need to know what kind of Line Technology and IP Structure serves my cause Im not sure what you mean as like you mention 'An ISP is anyone who provides an Internet connection to ANYBODY,.... and usually can offer more than one type of Connection Technology - FR over copper, FR over Fibre, MPLS, DSL'

As for IP Structure that would only be added to the Outside part of a network, unless the ISP provides their CPE equipment.  For example I have a residential Netgear router at home with a built in 'DHCP' which I can disable in order to make use of my Win 2003/Dns/Dhcp DC Server for eg which I have tested.  So I was able to ignore their own IP Structure from my side.  But if it was an issue then NAT or something..

I understand what you are getting at though so advice is appreciated..!!

Once upon a time I did buy a Business Line at my home with Virgin Media and their Business side of things was dealt with via NTL who I think was bought out.  I told them I wish to manage my own Win 2003 server at home and they said no problem but they kept losing the plot depending on who I spoke with.  In the end they told me they they could not do what I wanted then 3 months later after numerous emails and phone messages left a Team Leader rang me up to say YES they could do it and somewhere down the line there was obviously a break in communication... They insisted I should pay and I said you did not provide the service I was after so 'NO', but eventually had the bill cleared after persistance but in the end I wanted shot of their services.. Nightmare.!!

As for IT Lawyer its because when I whatch tv and they talk about issues with ISP's for example or something to do with the Internet it is mentioned that Lawyers will have to agree things etc so I was wondering about this as if there is a Lawyer who is knowledgeable enough about IT, they can obviously argue the case more efficiently in their favour..
Most Valuable Expert 2011
Commented:
When you say I need to know what kind of Line Technology and IP Structure serves my cause Im not sure what you mean as like you mention 'An ISP is anyone who provides an Internet connection to ANYBODY,.... and usually can offer more than one type of Connection Technology - FR over copper, FR over Fibre, MPLS, DSL'

I don't understand why you don't know what I mean by that,...you just quoted exactly what I meant by that.  You need to know if Frame Rely (fiber or copper), or DSL, or MPLS, or something else serves your needs.  Those are Line Technologies.  Your IP Structure is of course on the public side,...but that does not make it unimportant.  It involves how many public IP#s you get,...are they a clean subnet break?,...by what mechanism are they made available?  Can you just assigned them to a device on the public side of your network as you see fit or are they done with some kind of goofy tunneling mechanism where some piece of hardware from the ISP has to make it happen (like CableTV Internet).

For example I have a residential Netgear router at home with a built in 'DHCP' which I can disable in order to make use of my Win 2003/Dns/Dhcp DC Server for eg which I have tested.  So I was able to ignore their own IP Structure from my side.

That was not the ISP's IP Structure,...It had nothing to do with the ISP.  Whether or not you used DHCP on the Firewall or a Server on your LAN is totally irrelevant to your ISP.   Side note:...the Netgear was not a router,...yes they call them that in retail stores, but it is bogus,...they are not routers,...they are cheap, low-dollar, NAT Firewalls.

Once upon a time I did buy a Business Line at my home with Virgin Media and their Business side of things was dealt with via NTL who I think was bought out.

That was only called a "Business Line" because of marketing smoke & mirrors.  The line technology was still home user technology,...it was not industrial technology.   Your bad experiences with them after that just proves that,...they still had a "home user" mentality in their business practices with you..

Homer User Technology = DSL, CableTV

Industrial Technology = "Dry Pairs", Frame Relay [copper or fiber] (T1, DS3, OS3, etc), and MPLS.   MPSL can be built with T1s, DS3s, OS3s, etc.

To put that into perspective, a DS3 Fiber in our areas costs $6000.00 a month (or $72,000.00 per year),...compare that to a DSL or Cable TV connection at $50-$75 a month.   But you get what you pay for,...pay cheap prices,...you get cheap quality.

Those are only examples,..not exhaustive,...there can be other technologies the fit into those categories.

Author

Commented:
Hi, Ive been reading other stuff apologies for the lapse..:)  Yes I do actually realise Netgear Router is 'NO' router really & yes although they call it Business it is really a 'home user' equipment.  Just sticking to the norms...

You mention about the $72,000.00 & $50-$75 - In what sense does a customer get what they pay for or is this when these so-called ISP companies offer 20mb/gb or 50mb/gb line but the customer actually does not get this.. ?

Thanks for the advice interesting..!!
Most Valuable Expert 2011
Commented:
You mention about the $72,000.00 & $50-$75 - In what sense does a customer get what they pay for or is this when these so-called ISP companies offer 20mb/gb or 50mb/gb line but the customer actually does not get this.. ?

Yes, that is pretty much it.   Also on the home user setups your speed is only the download speed,...your upload speed maybe less than 1mb,...sometimes only half an mb.   You usually only get one Public IP# and even if you get more, it often is not a clean subnet break, and it usually involves goofy methodologies to try to make use of them,..to the point where they may almost be unusable.

With our DS3 we get 40mb in both directions solid. It is our line, not shared with anybody,...there is an 8foot high by 19inch wide equipment rack full of equipment brought into the building for it and there is a fiber optic bundle as big around as your thumb coming into it.  I have 128 address based off of a clean subnet break with a /25bit mask.  I can assign any public IP from that to any piece of equipment I place on the public side of the network and there are no hoops to jump through.  Now granted I don't need 128 addresses,...I could get by for a long time if all they gave me was 16 (I've only used about 7 or 8 of them), but I have the capacity and the growth room to do whatever I want.

The background on that fiber...
We are a TV Station,...and AT&T wants to get into the "CableTV business",...so they brought a 24-pair fiber bundle into our build (that 8foot rack is theirs).  They use 2 paisr out of that 24-pair bundle to run our TV Broadcast output into their system so they can redistribute it to their customers.  Just one Pair of fiber can run the DS3 and there were 22 Pairs left unused.  So I got the idea to call our ISP which we currently ran a pair of Bonded T1s with and asked them if they could broker with AT&T for a DS3 that could make use of that wasted fiber that was just sitting their.    

I did it through our ISP even if it may have cost a little more because I didn't want the Support I would have to deal with from a large "nameless", "faceless" national organization like AT&T.  Our ISP is within driving distance,..I can drive over there and "look them in the eye" or "grab them by the shirt" if I have to.  So I deal with the local ISP and they handle our domain Names and DNS Hosting,..and I let them worry about dealing with AT&T for the Line itself,...they already had dozens of AT&T lines they dealt with so it was no problem for them.
Most Valuable Expert 2011
Commented:
Probably the cheapest industrial line is the frame relay based T1 Line over copper.  It is only 1.5mb but it is both directions solid and has the other characteristics I previously described,...speed is not everything you need to look at.   You can also add multiple T1s together to increase bandwith (a process called "bonding").   If you bond it at the connection level it will remain at 1.5mb but can handle many more devices running over it before it degrades.  If you bond it at the Packet Level it will raise the speed itself but sometimes a device may not like their traffic being split over multiple lines where the packets can arrive out of order (like streaming video or audio or anything using UDP).

Also remember that Bandwidth is the load a line can handle,...it is not the speed.  The speed is the Throughput.  Compared to a road, bandwidth is the number of lanes, while throughput is the speed limit on the road.  Now throughput and bandwidth are closely tied together,..but they are not the same thing.  This is something you won't hear from the home-user ISPs.

Author

Commented:
Yes Im beginning to understand.  And yes AT&T do seem to be faceless.

I have wondered what bare minimum equipment some of these Pretend ISP companies use so Im assuming stuff like:

- 7200 - For T1
- 3800
- ASA Firewall
- L2 switches or L3 - For office Tech employees
- Backup in office or at Datacentre - Whatever decided
- Plus the ability to either logon remotely to each router and configure as per a customer needs
- If a problem then an employee would visit Datacentre just like you do

Just trying to put the practical pieces together in my mind which assists in the learning curve..

Thanks again for your clear and useful advice..!!
Most Valuable Expert 2011
Commented:
Hi pwindell, My knowledge is around Win 2003 & 2008 and ccnp level.

I'm only 2003 and older, no 2008,...and ccna rather than ccnp,...and the ccna expired in 2006

Author

Commented:
Sounds like your in a good position to be aware with those hands on..
Most Valuable Expert 2011
Commented:
I have wondered what bare minimum equipment some of these Pretend ISP companies use so Im assuming stuff like:

- 7200 - For T1
- 3800
- ASA Firewall
- L2 switches or L3 - For office Tech employees
- Backup in office or at Datacentre - Whatever decided
- Plus the ability to either logon remotely to each router and configure as per a customer needs
- If a problem then an employee would visit Datacentre just like you do


They don't have anything to do with your internal LAN.   The ISP only comes up to an "touches" your External Interface on your Firewall,...that is it,...they have nothing to do with the rest of it.

Author

Commented:
Yes the Home user ISP's appeared not to have some knowledge as it appeared all their knowledge was more remote gui configs rather than hands on like mine but a lot self taught and trying to get back in the market..

Author

Commented:
What I meant was these ISP companies would have their own Techy staff for their internal network issues, even though providing external customers/businesses their own service.

''touches'' - ?

Due to my somewhat broad experiences I always speak in the sense of doing everything..!!

Ive worked for BT and carried out some testing via simulation of Backbone & Border Routers 7200 for connectivity via L2 switches and Laptops to confirm IP Addressing was subnetted correctly and then documented.  Ive also seen T1 lines on the 7200 although configures where already pre-configured and I just copied them on and tested connectivity.
Most Valuable Expert 2011

Commented:
If you have a CCNP you should be able to get back in the market.  I don't even have a CCNP,.. never will.

I've got around 15 years or so and I can retire.  I've a very wide range of skills and experience in completely unrelated fields,..so I can almost just pick what I want to do, or even be self employed.  If I ever lose this IT position I am in now, I might even leave IT,....I'm actually kind of tired of IT, been doing it a little over 12 years.
Most Valuable Expert 2011
Commented:
What I meant was these ISP companies would have their own Techy staff for their internal network issues, even though providing external customers/businesses their own service.

Ah! OK  :-)

Author

Commented:
Anyway thanks for your 'real advice' on the ground, gives me another anology.  If not thought through properly the mistakes will cost...

Author

Commented:
The ccnp has changed quite a bit from speaking with others.  As long as you are aware of routing protocols, virtual links, distribute-lists, passive-interfaces, static routes, floating static, ACL's, route-map policy's, oh yeh IPv6, Layer2 for STP/RSTP, FEC, Layer 3, IP CEF -FIB/Adj table, and the Last exam is the Tshoot ie troubleshoot exam that is it and no more ISDN not that Ive used it.  Mostly my experience is self taught but I understand about what Ive just mentioned at least to do exam as I have my own 8 router and L2 & L3 Cisco network at home and have installed Win 2003 & 2008 across it to fill my gaps in knowledge practically in the hope I can get back into the game.  Ive only been in IT 7 years but been contracting mostly which was my problem with gaps in my knowledge..

Sounds like your ok from what I just read, I wish I was in that position..this economic crisist UK got going on aint helping..

Author

Commented:
Im week on the 'Firewall' side of things as not had any practical commercial experience although yes on Nokia but basic basic filtering out and nothing else.  What I intend to do though is install GNS3 and self teach ASA as Ive whatched a 'Youtube' video of how to configure from scratch.

Ive also been on a 'Checkpoint' course a couple of years ago as I had spare cash but not qualified and forgotten what I learned, but I have the VMWare software they gave me which was used on the actual course and the step by step book so once Ive figured out how to setup on VMWare Server I will go through it again.

These are my only plans while I have the time..!! Dont wont to learn anything else just that...

Author

Commented:
The firewall stuff is definately where Im falling short..Obviously I know what one is but no practical or commercial experience except filtering out an address..
Most Valuable Expert 2011

Commented:
The firewalls are my strong point, but only with Microsoft's ISA.  I've never touched a PIX or ASA. I have a Sonicwall 2040 but don't do much with it and am not very good with it.  But it can't do as much as MS's ISA so there isn't much need to learn it for me.

I am an MS MVP for Forefront (focused on ISA & TMG).   There are around 30 or so MVPs for that worldwide, but I am one of the only 2 Forefront MVP in the US.

Author

Commented:
Hi apologies for taking so long to get back..  The ISA is something Ive never really got involved with but have downloaded ISA 2006 to install when I set back up my Win 2003 Server DC and Im aware it stands for 'Internet Security Accelerator'.  Im also aware it can be used as a 'Firewall' -  http://technet.microsoft.com/en-us/forefront/bb734829

Ive just been reading about - Sonicwall 2040 - http://www.netdigix.com/sonicwall/PRO2040_DataSheet.pdf - Ive just browsed through and it seems to be an all in one box..

Qns1. Bearing in mind ISA firewall is your strong point does it protect enough - ?

Qns2. Does this mean with ISA that only a ISP modem is really required unless your company is linked to other locations THEN you may want your own router/sonicwall to take control only  - ?

QNS3. You say you dont have much to do with 'Sonicwall 2040' but from my reading it offers quite a bit so what exactly is it missing as you say MS's ISA can do more as useful for me to know - ?

TMG - http://www.microsoft.com/en-us/server-cloud/forefront/threat-management-gateway.aspx - Forefront TMG allows your employees to safely and productively use the Internet for business without worrying about malware and other threats. - This is good for those that click on any website causing Network Admins problems..

QNS4. Does this mean you use in-conjunction with ISA 2006 Im assuming and TMG although you are qualified MS MVP - ?

I hope you dont mind me picking your brain..!
Most Valuable Expert 2011
Commented:
Im also aware it can be used as a 'Firewall'

No, it IS a firewall,....that can be used as a proxy.

Qns1. Bearing in mind ISA firewall is your strong point does it protect enough - ?

It is the most capable firewall on the Market.

Qns2. Does this mean with ISA that only a ISP modem is really required unless your company is linked to other locations THEN you may want your own router/sonicwall to take control only  - ?

ISA/TMG is all you need.   "Modem"???  You're thinking "home-user" again.  Industrial connections don't have modems,..they have WAN Routers and CSU/DSUs.

QNS3. You say you dont have much to do with 'Sonicwall 2040' but from my reading it offers quite a bit so what exactly is it missing as you say MS's ISA can do more as useful for me to know - ?

That is marketing.  They ALL make it sound like they all do quite a bit.
ISA/TMG ties into Active Directory and can base its control on WHO the user is,....not simply what machine they are sitting at.  This keeps restricted users from sneaking over to a different machine to try to get around the restrictions and it also creates more accountability and tracking abilities.  You can add multiple IP#s to the External Interface on ISA/TMG,...Sonicwall 2040 is limited to 1,...or at least I have never figured out how to do more than one.

QNS4. Does this mean you use in-conjunction with ISA 2006 Im assuming and TMG although you are qualified MS MVP - ?

I don't use TMG,..but it is very very close to being the same as ISA2006,...it is just simply the "2010" version of ISA,...MS just decided to change the name.





Author

Commented:
Does this mean with ISA that only a ISP modem is really required unless your company is linked to other locations THEN you may want your own router/sonicwall to take control only  -  Oh yeh..!!

Ive actually seen in a couple of Datacentres 2 BT modems used in a Management Rack for what specifically Im not sure as in their Outbound/Inbound cabinet I did not see no other device... for Internet Access..

You say: ''You can add multiple IP#s to the External Interface on ISA/TMG,...Sonicwall 2040 is limited to 1,...or at least I have never figured out how to do more than one.''

''It is the most capable firewall on the Market'' - So I presume it is the 'Sonicwall 2040' you use to get to internet - ?


Author

Commented:
Correction ISA: ''It is the most capable firewall on the Market'' - So I presume it is the 'Sonicwall 2040' you use to get to internet - ?

Qns1. What version of ISA does your company use ?

Qns2. Do you make use of Standard/Enterprise Win 2003 or SBS 2003 or both - ?

I only ask as it gives me good grounding around something real..
Most Valuable Expert 2011

Commented:
My primary firewall is ISA2006.

The Sonicwall only handles certain "secondary" duties.

My network is more complex than you are thinking.  It is 6 subnets, with 2 remote offices besides the main facility,...5 different Internet connections (3 from the same ISP),...and 8 different devices that are classified as "Firewalls".  I do not run DMZs anywhere. Then there are all the Satellite downlinks, plus a mobile vehicle that can do Satellite both up and down,...but I don't maintain the Satellite stuff by myself.

Author

Commented:
I have 4 x 32bit Pentium 3 Pc's that Ive been using as my test servers for Win 2003.

Qns1. Have you any do/donts before I setup the following to practical learning curve as wish to learn about this ISA 2006 Ive already downloaded for later use/testing in-conjunction with my Residential/Netgear box for internet access..

Everything Ive done in the passed has worked with my Netgear box for learning curve to where I can take it but not installed ISA 2006, so not sure if there is something I could not do with this.  All Im going to do is simulate with 3 of host xp pc's and 1 x laptop I have if need be as I was going to separate the following: ?

2 x servers - Win 2003/sp2

Server01 - DC1
DNS
Dhcp

Server02
ISA 2006

or

Server01 - DC1 - All together for less work as no real network activity is going to take place anyway
Dns
Dhcp
ISA 2006

Author

Commented:
Yes I do realise your company provides alot more..!:)

Regarding the 'DMZ', I know basically that it allows services, such as DNS, Email servers to be on Int fa0/0 of a router for eg and Int fa0/1 linked toward the Internal network & then a serial link as per one of my labs Ive done, linking to a router I used to provide my internet access..

But why ever use this Im not sure of the history behind it as ISA 2006 is around and other various firewalls are available instead.  Saying that in my last Datacente I worked I was aware they had a DMZ in place so assumed it was an exact same setup as Ive just mentioned above..!

Author

Commented:
With my lab I configured the 'DMZ' was as I stated:

Router A
Int fa0/0 - Dns & Email server for simulation
Int fa0/1 - Internal network host pc for simulation
Serial0 - Connected to my other Router B which acted as my Internet Access with my Netgear router on Eth interface

Configured with CBAC for my firewall..so Im assuming splitting up the above services and Internal Network like this was the analogy behind the 'DMZ' and then using CBAC as I suggested or even ISA 2006 etc as the firewall as you have mentioned is my understanding..
Most Valuable Expert 2011
Commented:
Most Valuable Expert 2011
Commented:
ISA2004, ISA2006, TMG2010 all work on identical principles,...so many things even in 2004 material still applies to TMG2010,...MS did a very good job of keeping management operations consistent among them.

Author

Commented:
Ok thanks for that I will use this as my base for info when I set this up..  thanks for your advice I will close this thread now..!!

Explore More ContentExplore courses, solutions, and other research materials related to this topic.