Go Premium for a chance to win a PS4. Enter to Win

x

Network Management

13K

Solutions

14K

Contributors

Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.

Share tech news, updates, or what's on your mind.

Sign up to Post

What are the steps to add IP address DHCP MAC address reservations to a SonicWALL TZ 600 router?
0
Dear Wizards, can you please suggest on this scenario?

If a physical host (with 4 physical NICs) connect to Core Switch Cisco  3925, can we use the Link Aggregation Control Protocol (LACP) to increase the bandwidth for that host? And if so, how to increase the maximum bandwidth for virtual NIC of VMs inside that host?

Many thanks in advance!
1
hi guys

Are any of you working on implementing GDPR that plans to come into effect next March?

If so, do you have a list of things that need to be implemented technically on infrastructure, storage and network security?
I am looking for something that would have a list of 'to-do's' like:

"Must implement password complexity of one letter, number and eight characters that change every 30 days"
"Transfer of data from local source to destination must be recorded and its location known"

I just made the above up, but basically are there any lists that one could follow as guidance for the entire infrastructure?

Thanks for helping
Yashy
0
Hello, I have deployed a HP MSR router into production but I am having 2 issues ...

I can connect to the web interface fine on IP 172.19.60.20, but when I try to telnet or ssh to it I get a "connection refused". What do I need to do in order to allow telnet and ssh through this IP?
0
Building a server room for 75 to 100 users office.
Gen. Contractor designing the room with wall-mount patch panels.  I never seen/worked with these before.  Normally just on the rack so you can have access both sides.  
Any suggestions/input?  Thanks.
0
We have a Class C network and are running out of IP addresses.  We have multiple switches throughout our company and don't want to incur the expense of upgrading all of them to be VLAN capable.  In order to expand our addresses, is it possible to only upgrade one of our switches to a VLAN capable switch and configure it as follows:
1.) The DHCP server is plugged into one of its ports which is configured to be on the default VLAN.  
2.) Any other switch plugged into it will be plugged into a port configured to be on the default VLAN.  
3.) Any other device (printer, computer, etc.) plugged directly into it will be plugged into a port that is configured to be on a secondary VLAN.
4.)  The DHCP server is configured to hand out a different scope of addresses for devices on the secondary VLAN.
5.) The switch is configured so the VLAN's can communicate with each other.

Again, if all we need to do is expand out addresses, is it necessary that any of the other switches are VLAN capable?  Does anyone have a alternate, perhaps simpler way of expanding the addresses?  We could convert to a Class A or B network.  Please advise, and thanks in advance.
0
Looking for an elegant solution.

Have VOIP PBX system on the LAN that connects to a SIP trunk provider. Have 2 ISP circuits and a basic Fail Over - one circuit is DSL. When the primary circuit goes down, fails over to the DSL. I want to block traffic from the VOIP PBX through the DSL circuit because it's too slow (The PBX will actually failover to its POTS lines if it can't reach the internet, which is what I want)

Access rules don't work because they are zone based and the PBX is in the LAN zone.

Was advised to specify the outbound interface in the NAT policy to the interface of the primary circuit, but this didn't seem to work because there's a default policy that kicks in for Any outbound interface.
0
Hi, I realize that I do not have a large enough network to generally require subnetting, but I am temporarily hosting one of my client's systems while they rearrange their business. They currently have a Windows 2008 SBS with a domain and 5 Windows 7 clients. My home/office had a Windows 2003 SBS and a domain, but I am willing to remove the server and domain from my installation, as it is not really needed. I have a single connection from my ISP (Comcast) with the Google Wifi mesh network (3 router/AP's) serving my various pieces of equipment (workstations, printers, Tivo's, wireless devices, etc.) Although I could simply shut off one of the DHCP servers and put all my client's equipment on my network, I would prefer to keep them separate. Also, we both plan to RDP into our various systems.

The question is, what is the best way to handle this? I am thinking I will have to provide a router at my ISP modem that will split my network into two sections (subnets???) that I can put my Google WiFi system on one and their router on another. That said, I am just guessing and would be happy to hear advice.

Thanks you
0
Hello

We need to connect to a router which we do not have direct connection via BGP  , it is in an other datacenter

Our Datacenter .   ----------------  INTERNET ---------------- Other Datacenter ------------- Our server
Juniper MX                                                                               Their Router  <--- BGP <--------  |
         |_______________________________________GRE TUNNEL _____________________________|

we need to put a server on their side and need to complete bgp over it.
How should we do this  what should be the best operation for this ? gre tunnel or anything else ?
0
How can I find all traffic logged from 172.18.128 using Splunk search? This much be the simplest thing. But I can't get the dern thing to return a thing!
ScrnGrab2313-170929-12.56.jpg
ScrnGrab2314-170929-12.57.jpg
ScrnGrab2315-170929-12.58.jpg
0
We access an external vendor's site who provided us some sort of service.

However, about 300 of our staff, mostly contract staff needs to access this
service but they currently are not granted Internet access on their PCs, so
we permit by firewall rules for entire organization to access that vendor's
site as going by proxy, we'll need to grant 300 proxy entries (ie by their
AD Id) to 3 URLs as that site will call/redirect to 2 other URLs.

By permitting at firewall rules & letting these contract staff bypass the
proxy, the contract staff can only access these 3 URLs & not any other
links/sites on Internet so this is still "secure" in my view as these 3
URLs are "trusted" sites.   This method of bypassing proxy is also to
facilitate that should new contract staff joins, the staff could access
as the 3 URLs while if we go by proxy, each time a new staff joins,
have to request for it & each time a staff leaves, have to remove that
staff's AD Id from proxy: quite an enormous admin task (for the
proxy admin as well as supervisors of these staff).

Q1:
Now, we just found that this vendor has coded another module to call
Google's "Captcha" service (which is  www.google.com/..... ) : what's
the entire subnet range of google.com ?  Is it a Class A, B or C or a
mix of many Class C  ranges ?

Q2:
Our firewalls can't resolve via public DNS currently so if permit to
access a large range of public IP, what's the security/risk implications?
Any other safe way …
0
We have a couple of servers that requires "outgoing" access to PlayStore & Appstore
from our Development as well as Production environmt.

As Appstore is a Class A subnet while Playstore is rather large as well (I don't know yet
what are its subnet ranges), what are the best ways to secure this?  Are the following
reasonable ways ?

I heard permitting too wide a range is risky.  Why?  Can appstore/playstore's IP addrs
range get spoofed or those 2 stores can get compromised or what's the reason?


1. Production has to go thru our proxy as our proxy resolves the URLs of appstore &
   playstore?

2. As our Development does not have its own proxy & has no connectivity to our
   Production proxy, permit only about ten Class C ranges for Development/testing
   purpose.  Ten Class C means 2540 IP addrs

3. Any other best practices to secure this?

4. Would placing these app servers behind WAF help?
0
if you replicate data between your primary SAN to a DR SAN, what assurances and checks need to be performed to verify the health/reliability of the link between the sites and the replication process? What risks are there with such a setup, and what best practices/monitoring need to be in place to minimise those risks? what evidence could be requested to verify these risks are well managed with best practices?
0
Our firewalls are not sync'ed to public DNS so we can't create rules by URL of playstore or appstore.

Our corporate mobile devices need to have push notifications & apps install :
what's the range of IP for appstore & playstore required & the ports to permit?

I heard appstore is a Class A subnet while playstore is probably a Class B:
is it a good practice to permit firewall rules to such big subnet ranges ?
0
Hi

Beside of Skype for business for video conferencing.

What other video conferencing solution example to recommend?

Like highfive
0
Hi,

Earlier this week we switched ISP's and started to use a new physical router with a different IP address on our lan.

At the same time we updated the default route on the Extreme switch so that it used the IP address of this new router as its gateway (therefore internet traffic goes out via this new router) .   The default route on the extreme switch is configured to use the "VR-Default" VR.

Everything has gone well with our production network, but we also have WiFi connections on a number of different  IP ranges (away from our production network).  We are unable to get an internet connection to clients on these WiFi networks.

These WiFi networks are also configured to use a different gateway (with an Ip in the range of the network) which ultimately returns them back to the the Extreme switch.  These WiFi networks/routes are also configured to use the "VR-Default" VR.

I would like to understand how I can examine the details/configuration of the 'VR-Default' VR to understand what IP address it is using to route out to the internet on.
0
We have two IP ranges at our office. 10.0.0.x (Static) for the internal IP phones and 192.168.101.x with  DHCP for the office PCs, etc.
The internet breakout is via the default gateway 192.168.101.254.

We run a Software based PBX that runs of a windows 10 PC. This PC has 2 NICs.
NIC1 - Static IP for the 192.168.101.x range for office network connectivity and internet.
NIC2 - Static IP for the 10.0.0.x range to connect to the phones.

How can I get the 10.0.0.x range to get internet access through the PC that have both NICs and IP ranges?
0
In an audit finding, critical PCs (used to transfer large funds n these PCs do not hv Internet
access Nor email clients in them)  were found to be pingable n could map drives to normal
PCs ( to hv internet access n drive sharing can propagate ransomwares/malware) in same
subnet.

We were told these 2 different categories of PCs she'd be logically segregated.  As we don't want
To create separate Vlans n do major network restructuring, Can we do
1. Super sub netting n use Cisco ACLs to segregate the 2 groups of PCs?  Is this ACLs
     using MAC address?
2. Create Windows firewall rules on the critical PCs
3. What else?
0
Have a environment where I want to restrict internet to all computers except of 2.
Looking for a router that instead of blocking the once I want to restrict I should be able to block all and allow the the few I want to allow (a ip range)
Not a big network no fancy router simple
it's about 25 devices all have a static ip configured on the device
0
I am trying to add a non cisco SFP between two catalysts, and am getting the error %PHY-4-SFP_NOT_SUPPORTED: The SFP in (PortNo#) is not Supported.

I have tried running the commands:

Switch(config)#service internal
Switch(config)#no errdisable detect cause gbic-invalid
Switch(config)#service unsupported-transceiver
Switch(config)#int gi0/49
Switch(config-if)#no shutdown
Switch(config-if)#do copy run start

However, the issue is still occurring. I have rebooted the switch after the above with no joy. Cable being used is a StarTech 3m SFP+ 10-Gigabit Ethernet (10Gbe) Twinax Cable. I will be upgrading the firmware to 15.2.6 while waiting for a reply.

Any help will be appreciated.

Switch Ports Model                     SW Version            SW Image            
------ ----- -----                     ----------            ----------          
*    1 50    WS-C2960X-48TS-LL         15.2(2)E6             C2960X-UNIVERSALK9-M
0
Hello, so this firm has a Windows Server SBS 2011 which is mainly used for Exchange and for sharing purposes.

Lately one strange problem has emerged: you open a file from a client (the file is on the server and shared) and you get the usual warning about someone else using the file right now, the file is read-only and so on.

Mind you, I'm not talking about a particular file, this can happen with any file actually.

Problem is, the file is not being used by anyone else, we have verified this many times.
After a while, it will just "unlock" and became fully available.

So, does anyone know how to address this problem or try to diagnose it? It never happened to me in many a year. Thanks.
0
What training sources are available so I can better learn how to use  Dell Remote Access Controller (DRAC) & OpenManage to manage and monitor Dell servers?

Are there any videos or CBT's available?
0
Hi

I'm setting up a Huawei layer 2 switch Monday morning. Haven't done one of these before. I'm familiar with HP and Cisco. Could some one assist with some cli commands.

I need a few vlans configured and a trunk port from the firewall.

Thanks
0
Has anyone used a free bandwidth monitor.  We can't afford the ones that are out there that cost.

Any help would be appreciated.
0
We have a Fortigate FG200D behind a dirty switch. We upgraded our ISP bandwidth from 50x50 to 1Gbx1Gb.
With a device plugged into the dirty switch I speed test about 850x850 consistently.

Behind the firewall my speed tests are 500x100 consistently.
I have turned disabled all web filtering, AV, IPS, etc to test, and it doesn't make a difference filtering or not. Still the same degraded speed.

Anyone know what else I can test/check for the bottle neck?
0

Network Management

13K

Solutions

14K

Contributors

Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.