Network Management

13K

Solutions

15K

Contributors

Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.

Share tech news, updates, or what's on your mind.

Sign up to Post

The Dude
0
Get your problem seen by more experts
LVL 12
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Hi ,

we have subsidiary company with around 150 Users . it is linked to us (HO ) over IPVPN (1 MB)  and services getted from Us are :

1- CISCO IP telephone ( currently around 75 Users)
2- ERP ( about 50 USers)

thier existign Setup :

1- Domain COntroller ( seprate totally from us ) + Antivirus server ( 1 physical box)
2-finance system
3-Backup Server
4-Sonicwall NSA2600
5-Switches
7-Router for IPVPN

the managment is thinking to host the setup for the subsidary company so my questions are:

1- how I can do the proper sizing for the link ? so i ensure the users are not feeling slowness
2-what equipment should i move from there and what i should not ? best desing fro myour experince
3- how the internet should be provided to thier users ? from us or locally ?
4- what are the adv and disadvanage for such plan? should we recommend this plan or let them continue as they are
5- risks?
6- what are the pre requisits needed in the HO Data Center for hosting those equipment
0
It seems that the documentation about IPsec/IKE setup on an SRX to Azure s2s VPN is conflicting.  There are 3 pain points:

1.  Can IPsec/IKE be used on a policy-based VPN for Azure? It seems that Azure is clear about "no" but the suggested Azure config includes IPsec & IKE config
2.  Which IKE version is best for SRX to Azure - v1 or v2, when using Policy Based or Route-Based VPN? (see attachment)
3.  If a trust sec zone (internal interf.) and an unstrust sec. zone (exter. interf.) already exists, how can I add interfaces that are in one of those zones already to a new "Internal & Internet Zone" for the Azure VPN Tunnel as documentation suggests?  I receive an SRX error about adding interfaces to multiple zones prohibited and if using PB VPN there is no st0.x to that config and/or I don't understand how to utilize or place the traditional interface under the st0.x iface.

SRX ERROR:

commit check
[edit security zones security-zone Internal]
  'interfaces ge-0/0/1.0'
    Interface ge-0/0/1.0 already assigned to another zone
error: configuration check-out failed



I found this on Azure's site - https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-ipsecikepolicy-rm-powershell

Azure IKE Doc found on Azure Site
Azure States no IPsec for Policy-Based
Azure IKE Doc found on Azure Sitejuniper-no-ikev2.png
0
What would a good "Gap Analysis" look like? I had a recruiter call and they needed someone with a bunch of networking experience.
But the 10 month long gig was to travel to their various offices and data centers around the world and do a "gap analysis". It sounds
intriguing enough. I just wondered if anyone had an example document or general thoughts as to what the output of such a
project/assignment would look like in the end. ??
0
Hi everyone,
                       iI have a serious issue: All my tapes in my tsm 6.4 are on filling status and unavailable/readonly access. Even if i label several fresh scratch tapes , after a couple of minutes the tapes goes from scratch to filling status and no scratch are available to reclaim, migration , move data,

Please can you help me with this?

Thanks in advance,
0
Trying to connect Netgear WNDA3400 to act as a wireless access point behind a SonicWALL SOHO. I read post from other users about same issue. I tried but no success. Can anyone help me figure this out?
0
Got called in to look at a very strange network the other day...  They were running a business off a (A) Linksys E2500 home wireless router.  Now off of this router is one cable going to a (B) Mako dual wan appliance, which then goes to a (C) Cybera appliance which hosts a VPN connection as well as a (D) Cisco RV042 router.  Now the other cable off the original router goes to another (E) E2500 Linksys router which only has a laptop and provides wireless to a printer and cell phones for employees.  

Now router (A) is controlling PPPoE from a bridged DSL modem.  Router (A) IP is 192.168.1.1 and servicing everything via DHCP (This will change in near future).  Router (E) acting as an access point is also LAN IP of 192.168.1.1 and handing out DHCP.  The laptop connected to (E) also has a secondary NIC via USB that connects to some point in the other side of the network.  The Mako fails over to secondary ISP (Cellular) after only a few minutes and generally won't return.  I believe either the laptop router (E) is creating the problem.  Router (A) is experiencing over 2,000ms latency and over 5% packet loss.  So I removed router (A) and reconfigured the DSL modem to handle the PPPoE and this now becomes router (A) in the equation.  This router is set to 192.168.0.1 and has around 25ms latency with less than 2% packets loss and everything works great!  We are keeping an eye on this for a week or so, before any more changes are made.

Eventually the Mako should be the router and…
0
We have a Watchguard XTM 2 firewall device.

We have set it up successfully with a static IP address through our modem.  The modem works and plugged it directly into the computer with IPv4 manually set.

We have the WAN in X0 and the LAN is X2.

When we setup the device with the Trusted Interface of 192.168.0.1/24 with DHCP range of 192.168.0.2-192.168.0.199 it works but does not get Internet.   The DNS server is set and the computer has no problem getting a DHCP address.

The only thing that looks wrong is this picture with the gateway is showing up as 0.0.0.0 but don't see a place to change it nor do I see any settings wrong.  Help!
20180503_110739.jpg
0
I have a block of public IP addresses from my ISP, and I'm only using one (small operation here). I need to use a second one and have the incoming traffic pointed at a specific server (runs our video security system), and I have no idea how to do that. Can anyone give me step-by-step instructions?

I have a Sonicwall NSA-3600 running SonicOS Enhanced 6.2.9.0-21n

Thanks!
0
We have watchdog devices in every server room/closet every location in our company.  Every device have an IP/hostname with cname.  So I can go by the name of the room.
Issue is I still have to go to individual every IP to monitor.  Is there an easy way to consolidate into one single page with links, that doesn't require a lot of html coding.  
Any advice?   Solution using Watchdog15 devices with temp, and flood probe attachments.
http://www.itwatchdogs.com/temperature-humidity-climate-monitor-watchdog-15-p71

Thanks in advance.
0
Free Tool: Path Explorer
LVL 12
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Qnap NAS TS-1635 connection to server

i just bought a QNAP, i would like to connect it to my server is it better to

1 - add the NAS as a network store and add that way
2 - buy SFP connector and use fiber to connect it to my server with a Fiber card
0
Good afternoon All

I am looking for community help to get me started on a Dell PowerConnect X4012 (2switch stack) configuration for 3 Dell XC servers with Nutanix on them.  I also have a TOR switch stack of 2 x Dell 3024 switches.  I have found in the past best practice documents for configuring Dell kit for VMware but I can't find anything conclusive for the above.

What vlans am I going to require for Nutanix AHV HCI?  

Any help gratefully received.

Thanks
0
Any reference on configuring Fortigate Analysis into my existing Fortigate 100D environment ?

Thx
0
I have been ask by PCI QSA regarding what is SonicWALL using for PCI industry hardening standard.

I have been searching the internet and talking to SonicWALL support but couldn’t get the answer. So I will try here.

Anyone know this information or any PCI expert here that can tell me what to do with PCI Req 2.2 regarding system hardening standards?

Please advise.

Thank you
0
Do I still need Cisco Smart Assist Service Contract if I already have Smart Net Total Care?  Does anyone know the average price of Smart Assist?
0
I have SonicWALL Firewall/Router and 5 public IP address. I am going to have 1G Fios connection soon; however, the my soniwall won't give the 1G connection speed due to the DPI.
I would like to create second network that outside of firewall and wondering if I can split by public IP address with separate router.  Do you have any solution for this?
0
Q1:
Is there a product to centrally manange hundreds of Cisco routers/switches ACLs ?
Can TACACS+ do this.

By management, need to be able to see how many hits on a specific rule in ACL,
add/remove/amend ACLs without logging into each router/switch.

Q2:
It's been ages: an ACL needs to be completely removed, amended & then reapplied
back on the interface : is there something easier like the way Firewall rules can
be changed on-the-fly?
0
Dear Experts

What is the difference between audit log enabling like setting up centralised logging like  Syslog server and  Networking monitoring enabling and setting up, does both serve the same purpose, can you please help me to understand this. what each of these does , is it recommend both to be enabled in two different servers please suggest
1
We have 30+ small office branches that connects to our Data Centre via WAN routers
& these WAN routers connect to a core switch in DC.  

Each branch has 2 flat Class C subnets : one for wired LAN & one to our corporate
Wifi LAN.   We don't expect more than 100 PCs/devices in each branch.  All devices
& PCs at each branch are connected to L2 switches (including the branch WAN router).

There are PCs & devices (Cashiers, cameras, small robots/automation, scanners and mini
databases) in the branches that run applications that do not need to communicate to
servers in the DC other than to AV EPO, SCCM patching, central encryption management
servers, HIPS (endpoint IPS) console & the likes  but backups are taken by NAS located at
branches.

However, there are some semi critical mini servers & databases which we deem ought to
be segregated from the rest of the organization to prevent DoS  though PCs for emails
& Internet access will need to go back to the DC.

Q1:
What are among the best practices for such branches network traffic?
Hub & spoke design?   Layered security?  Micro-segmentation within each branch?

Q2:
Do we treat each branch's network to be of lower, equal or higher trust levels than
DMZ, applications servers zone or backend servers zones (typical network trust
zones)?

Q3:
For traffic filtering / microsegmentation, is it best practice to configure
a) ACLs at each branches' WAN routers (as switches at branches are Layer 2 &
    at most …
0
Free Tool: ZipGrep
LVL 12
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Dear Experts

in the local network only for 3 work stations separate ip subnet to be defined and only these 3 workstations should be allowed to access the application server hosted in the same local network, the application server is a VM in ESXi server ( Vmware essential plus license), please suggest should this be done at switch level by configuring VLAN and also vlan at vmware level, please suggest , should we have to go for managed switch please suggest.
0
I'm trying to understand how DMZ work in a Windows environment ...

So I've got my LAN, no problems with that. Now I want to put a Windows web server into a DMZ.
I've configured a VLAN for the DMZ, that works. But I'm unsure about the necessary policies on my (Watchguard) firewall regulating the traffic between DMZ and LAN:

- I'd like to be able to access the web server from the LAN using Windows Explorer. Is that possible? If yes, how?
- does the web server need to be in the local AD in order to achieve this?
- can the web server in the DMZ use a serial number distributed by the KMS server on the LAN? Or how is this being handled? [update: I got that to work]
- what if the web server in the DMZ needs to execute a query on an MSSQL server on the LAN? Do I just open the port for SQL connections? I guess using a cache DB on another server in the DMZ would be better?
- how can I RDP from the LAN to the DMZ? RDP tells me the server does not exist although I have open the RDP port on the firewall ...

Thanks!
1
In short, I will be giving a guide on how to install UNMS on a virtual machine in hyper-v and change the default port for security (you don’t need to have a server, since Windows 10 supports hyper-v)
0
We have two clients in one building with one Internet connection at 75/20Mbps.
we would like to "limit" the bandwidth the second business uses, so we need to allocate maybe 5Mpbs to them.

We have a Sonicwall TZ100.

What do we need to do to accomplish this? hardware and configuration wise.
0
I had this question after viewing Do we need to upgrade the Boot Loader image on cisco switches.

I have a cisco3560  switch  and with show version BootLDR is pointing to an image the does not exist on flash , noting that switch is working  fine
with another IOS.
So how can i change it safely ?
how would this affect my environment ?
Does it  have effect in switch recovery and rommon mode ?
0
Hi we have a thousand of switches in the network. and Orion has been configured on each switches. Now we have a few of commands that need to be implemented on each of switches. How can we add these commands to each switches via Orion? Or you can send me a link for this issue. Thank you
0

Network Management

13K

Solutions

15K

Contributors

Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.