We help IT Professionals succeed at work.

Network Management

13K

Solutions

15K

Contributors

Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.

Last week our firewall reports identified a new SaaS application in use: New Relic going to bam.nr-data.net/

I know what the application does, I just don't know how it got there.

We've tried pulling PCAPs, firewall reports, asking app dev if they installed it, asking the vendor if someone is paying for it, even searching for redirects to the site in Windows.

Experts, can you please provide some recommendations on how else to find the source of the redirect?

Some tools we have available: Wireshark, firewall, endpoint clients, SCCM, lite SIEM, unfortunately no web application firewall.

Regards,
Steph
0
I was hoping that you can point me in the right direction, and provide some instructions on how to complete switch port mapping.
I would like to discover MAC and possibly IP addresses of all devices connected, and match each with a specific switch port.

- Cisco SNMP configuration
- Recommended network tool (paid version is fine)

We are dealing with multiple Cisco network switches, mostly SG-500s and SG-250s.
Simple flat network for now, two VLANs default and voice.

Please let me know, your help is much appreciated.

Thank you,
0
I have a Windows(ver. 1903) 10 Dell 9020 desktop.  
1. This computer is part of a domain
2. I have mapped several UNC (to the servers) drives from M to P
3. All of the drives function properly with the exception of the M drive
4. After mapping the M drive ( have tried both with an IP Address and a Computer Name) the drive functions properly.  I can view the contents of the drive.
5. HOWEVER, each time the computer is restarted the M drive is disconnected (I cannot see the drive in Windows explorer).  
6. All the other drives continue to function properly.
7. After the computer has restarted I can map the M drive again and it functions properly until restart.

Notes: a. I click to reconnect on restart
b. The M drive is mapped to a folder that goes to an Accounting program (in other words if the M drive is disconnected the Accounting program does not open.
c. Other computers on the network are able to use the M drive successfully.  It is only one computer.
d. I have used the netuse command "net use x: /delete" followed by "net use x: \\server\share" however the drive does not show in Windows Explorer.
e. I have browsed but the local group policy and the startup folder for anything related to override or disconnect the M drive

Please Advice
Thanks in Advance
0
Hello Experts,

I am looking for feedback on this.

I have client that is expanding and the clients signed a contract for unmanaged wavelength from their data center on premise to the new site office ,  do you know what to expect exactly from the ISP.

The internet access will be from the data center.

Thanks,
0
Links and hints for deploying LAPS would be helpful.
Which procedure available on the web is the one you  prefer?
Or, perhaps you just use Microsoft instructions as you set it up?

I found this:
https://blog.thesysadmins.co.uk/deploying-microsoft-laps-part-1.html ... and -part-2.html
Is it reasonable?  There are clearly a number of things that are needed that could be intrusive.

Particular "hints and kinks" that you suggest?
Warnings?
0
I want to change the Vlan assignments on port 7 on an HP Switch.

Currently this port has no untagged vlans.  But it does have 2 x Tagged Vlans.

I think that was done by mistake and currently when I plug ethernet cable into that port no data comes from it.  I think the solution is to change 1 of the Vlans on that port to be untagged.

I hope it is as simple as:

>Vlan ##<enter>
>untagged 7<enter>
>write memory<enter>

Can anyone confirm?

Or should I
>vlan ##<enter>
>no tagged 7<enter>
>write memory
>unstagged 7<enter>
>write memory<enter>
0
refer to attached.

What does "20/30 sec" under "cp attack" mean?
Was googling for various Aruba docs but can't
locate any documentation on this.

Appreciate if can point me to the documentation
/link & indicate the page as need to explain to
Audit
Aruba_cpAttack.png
0
I am looking for some specific examples on how using a proper help desk/service desk application to handle service requests and incidents is a more efficient way of dealing with things than a general IT@ourcompany.com shared mailbox. We still offer both as ways to end users to log tickets with IT, but the shared mailbox is not linked to the service desk, it requires an officer in that team to manually create a ticket in the help desk/service desk which takes up time and things can become 'lost' shall we say. We are trying to stop users using the shared mailbox as a way of raising tickets but I could do with some key reasons why to help my case.
0
Dear Experts
We recently decided to implement MPLS connectivity between two locations, the location 1 head office which has ILL (leased line) Cisco FTD on Fire pro 1010 with cisco FMC appliance.
Since it is managed MPLS connectivity service provider has placed their router equipment in both the locations in that port 0 they have connected it to their modem and port 1 we are thinking to connect with ethernet cable to our switchs at  
At branch office
Please suggest at branch location port 1 of the service provider router equipment will be connected to the local switch and same router we have asked to the configure as DHCP server.
At head office
We have connected service provider router to local switch making use of port 1 but here we have windows AD functioning as DNS and DHCP hence service provider router is not configured to function as DHCP server.
1.      Please suggest should the MPLS router to be connected to firewall (CISCO FTD) or is it okay to connect directly to our local switch
2.      Since we are in MPLS network can we think to configure DHCP slave at branch location OR dhcp primary server
3.  please suggest is it recommend to have RODC in branch office, we prefer to join the systems of branch office to domain (windows AD) which is in head office

Branch location IP pool is 192.168.105.0/24 and head office IP pool is 192.168.109.0/24
please help on above 1 , 2 and 3 suggest the best practice design, thanks in advance.
0
How can I disable "all INTERNET access, including WIFI"
on the below #4 via gpedit.msc or something else ?

 Details
   ** Operating System = Windows 10 Pro
   ** User = 15 year old child
   ** Domain = NO

 Steps
  1. I login as me since I am a "Local Admin"
  2. All "all INTERNET access, including WIFI"
     fails since I don't need it to work
  3. my 1 year old logs in with NO "Local Admin" rights
  4. All "all INTERNET access, including WIFI" fails
0
At the new gig they were considering NSX as part of another technology purchase. But when they got the $$$ quote for NSX they begged off. I was hoping they'd do it so I could implement east-west network controls. Are there some other means to get there - that is firewall at each VM but manage the rules for all the VMs (or a subset) through a central management pane? I'd at least like to protect their most critical hosts from east west threats but I don't want to manage a bunch of firewalls on local hosts. I had heard perhaps Norton has something in this space? Does Microsoft have something? Other offerings I should consider? Thank you.
0
What "Network discovery .... software" do you recommend that will do something like https://www.solarwinds.com/engineers-toolset ?

Details
 1. Users =50
 2. VLAN = 1
 3. OS = Windows 10 Pro
 4. Switches = HP, willing to purchase NEWER models since mine are OLD
 5. Cost = under $500 if possible, but OK if more
0
What "Network device tracking software" do you recommend that will do something like https://www.solarwinds.com/user-device-tracker ?

Details
 1. Users =50
 2. VLAN = 1
 3. OS = Windows 10 Pro
 4. Switches = HP, willing to purchase NEWER models since mine are OLD
 5. Cost = under $500 if possible, but OK if more
0
SDN and SD WAN and SD Access and DNA Center

I have read about SDN and SD WAN.  if I understand They both are based on Centralized Control Plane.

So if I have  the Traditional Local Area Network  made up of Access/Distribution/Core   Layers,  and when I want to Implement SDN Technology , at what layer should I integrate SDN.
in other words if there is a hardware on which SDN is installed on, where should that hardware be located ?

SD WAN is WAN Technology , if I want to implement that technology  where should  I put the hardware that holds the SD WAN software.

if you can briefly give the    difference between SDN , SD-Access, SD WAN, DNA Center that might also help clear up the Terminology confusion.

THank you
0
I am new to Ubiquiti. On a previous installation, I used a Windows computer to set up the UniFi Controller.

Can this device replace the need to set up a Windows computer?  It is certainly more compact.

Thanks.
0
I am unsure of the functions of the Ubiquiti Unifi Security Gateway.

The installation I am working on has 8 Ubiquiti Unifi wireless access points.  At the present time I have the Ubiquiti Unifi controller running on a Windows machine.

Is the Security Gateway also a router?  The cable company - Optimum Online - provided a cable modem and a wireless router. Can I replace the cable company's equipment and connect the Security Gateway between the cable modem and the network switch?  

The website says "Integration with UniFi Controller.  This is unclear as to whether the UniFi Controller is built into the Security Gateway, or whether I need to continue using the controller computer.
(I assume that I program the Security Gateway using a computer.)

Ubiquiti also mentioned that the device allows remote management.
Does this require purchasing two units, and then setting up the VPN server?

Thanks and Merry Christmas to all!
0
Dear experts, is there any way to do a speedtest and send the result via email each few hours? In business hours, sometimes we suffer very slow Internet speed.
0
I will begin studying for a CCNA exam come January.  (New Year's resolution.)  Wondering if anyone has a suggestion on a decent model Cisco router to purchase on eBay for my SoHo?  Thanks.
0
We just migrated second link on BGP on for customer. The link is up and advrtising customer prefix to the internet and is load sharing the traffic w/ another (different) providers' link (Separate from ours). The customer thinks that the Route distribution on our link is at least 20% less than other providers'. Can anyone comment on what could happening ? I looked thro' looking glass portals and our BGP link is not preferred (Mostly).  Please comment.

My initial question is does it depend on type of ISP Provider, (the other link is provided by Tier 1 ISP Provider)?

Thanks;
0
Are there any useful guides which break down into a set of best practices how to handle patching & vulnerability management. Every time we look into it there's just links to commercial tools which you can use to scan for out of date software but whereas it will point out where you aren't doing so well (e.g. outdated software, unsupported software etc), what I am more after is some detailed best practices on how to manage the patching/remediation process in general, considerations that are needed to help define & implement your policies and procedures around etc. If there is such a thing then that would be most helpful.  I was going to look through PCI DSS as that is a set of expected controls with some detail rather than just links to an expensive vulnerability scanner or scanning service to tell you how bad/well you are doing.
0
Group Policy Manger broken after windows updates on Windows 8.1.  I was in the middle of a policy update project, restarted my computer for windows updates and after the reboot now the management console is missing the show and hide function when looking at the group policy settings or reports.

This happened on my windows 2012 R2 servers as well, but disabling and re-enabling the protected mode for internet explorer seems to have resolved the issue there, but not on my windows 8.1 machine.
0
I'm experiencing a Linux routing problem.

Environment is SLES 12 SP2, running on some HP server machine with 8 physical, used network interfaces, running in a non-internet local network.

Most physical network interfaces (eth0 ... eth3 and eth5 ... eth7) have (local unique) static IP addresses in non-overlapping networks, and the routing table looks ok. The interface eth4 is on DHCP.

The problem is that sometimes packets seem to be sent over the wrong interface - a packet that is expected to fly thru eth6 is spit out on eth0. This happens erratic and causes to application software (managing measurement data) to loose the data stream after max ~15 minutes .

As fa s I can see,

  • the exit interface of the wrong-routed packets is always eth0
  • there are packets of at least 2 interfaces routed wrong
  • the configuration of eth0 (viewed by YaST and by inspection of /etc/sysconfig/network/ifcfg-eth0) shows no IP addresses from the other interfaces networks

If I take down eth0, the application runs smooth (but that's only acceptable for testing matters).

If I record the network traffic of the network addresses for eth2 (tcpdump), I find i.e. suspicious ARP requests originating from address on eth6 with an originating MAC address of eth0.

Any idea what happens here ?
Any idea how to fix it ?

P.S.: Due to some policies demands, I can't do any driver etc. updates on the system. Same appies to ideas like "do DHCP on all interfaces" ... I can't change that.
0
Currently a base install of Windows Server 2019 (on AWS) allows two admin users to connect to it via RDP to administer the machine.

What is the minimum (in terms of machines and MS software) required to legitimately enable 3 or more non-admin users to RDP into and run applications on the machine?  I'm guessing it needs a minimum of a licence server with CALs, and the licence server probably needs to be on a domain.

It would be really good if I could avoid the hassle of setting up a domain controller etc. The machine doesn't need to use the bloat of RDS unless its required by the licensing mechanism.
0
https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-2960-x-series-switches/eos-eol-notice-c51-736509.html
Above link mentioned it's the IOS that will be EOSL.

What's the EOSL date for Cisco 2960x hardware itself & what's the replacement model?
We need a model that has 48 more months at point of implementation.
0
Hi,

I have question. Can we manage Firepower 4110 without using FMC (Firepower management center) or I will need to buy one?
Which appliance or virtual FMC I need to buy? and is there any free license or no?

Thanks in advance
0

Network Management

13K

Solutions

15K

Contributors

Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.