Archive for category Network
Internet Without Wires: How Far Can It Go?
New developments in the industry show that there is much movement with regards to wireless technologies and networks. From U.S. President Obama’s talk about wireless, to Telstra in Australia expanding their UMTS/HSDPA/HSUPA aka 3G networks to the latest 4G and LTE (Long Term Evolution) technologies, the landscape of wireless internet access is by no means a stagnant market.
Australia’s Exetel CEO John Linton now reveals that 35% of his customers use 5G or less per month and that their new 3G plans of $25 for 5G without a land line through Optus is now on par with many of it’s DSL offerings but are unique in that it is inherently portable. This means that for approximately the same price as a fixed line DSL connection, you can take your internet with you wherever you go and it will still seem like you are home.
Vividwireless, after operating for a time in and around Perth, are now trialling their LTE offerings in Sydney, Melbourne and Brisbane. Vividwireless were one of the few wireless providers to introduce and unlimited downloads plan last year.
Of course, many users will have to purchase or upgrade existing wireless modems, access stations and routers to take advantage of the difference frequencies that the various systems use. Current 2G and 3G use 850,900,1900 and 2100Mhz, but with the freeing up of existing frequencies from old analogue television, a whole lot more room is now at our disposal for more carefree and portable internet solutions.
Is the future of internet access all wireless or physical connection via fibre? Perhaps it is a mixture of both. One idea is to connect all the back-end infrastructure via cables and convert most areas into wifi hotspots, therefore still providing convenient wireless access, at cheap bulk data prices via fibre/xDSL.
Whatever the answer is, one thing is sure; we as consumers win this challenge for finding the best internet access.
Is Cloud Computing Just A Dream?
The basic idea of cloud computing is an extension to the “dumb terminal” idea from the 1980′s, that is, there is one master server or place where all the data is kept and all the processing is done and give small dedicated “thin client” machines (basic PC systems with very streamlined features and specifications) a connection to this to perform their work.
Current examples of everyday web-based services that are now finding themselves in the envelope of the cloud computing description are services such as GMail.
Now with virtualisation overtaking the workplace, the hardware idea from the past becomes software, and software-as-a-service (SaaS) and platform-as-a-service (PaaS) seems like the logical next step: desktop machines, laptops, netbooks and other dedicated remote access clients such as smartphones provide access to the data externally, but everything else is in the server room and data center. Sounds like every network and system administrator’s maintenance dream right? But some are a little critical of the purported promised land of networked computing.
Richard Stallman, Founder of the Free Software Foundation, said recently likened cloud computing to a trap and that users are leaving their data and privacy in the hands of companies they do not control and they cannot be guaranteed data integrity or user privacy. “Do your own computing on your own computer with your copy of a freedom-respecting program. If you use a proprietary program or somebody else’s Web server, you’re defenseless. You’re putty in the hands of whoever developed that software,” he said.
Proponents of cloud computing, such as Google, say that cloud computing has many benefits. They believe that netbooks used for cloud computing are secure as third-party programs cannot be installed, which means viruses and spyware will have more difficulty in making life difficult for users.
However the path to future computing runs one thing is for sure, aspects of cloud computing today are here to stay.
NBN to announce huge increase in speed
The national broadband network will enable speeds of one gigabit per second on its fibre optic network, 100 times faster than originally planned, the company building the network will announce today.
The speed is significantly faster than the maximum speeds promised by the opposition in its broadband policy, and highlights the growing gap between what a fibre-based broadband network can offer compared with existing technology.
It has also emerged that NBN Co told staff to ignore political attacks on the company by the opposition, after its finance spokesman, Andrew Robb, called it a ”stodgy” bureaucracy, labelled its staff ”talentless” and promised to close it down if elected to government.
One gigabit per second is 17,500 times faster than a dial-up connection and 167 times faster than the average ADSL broadband connection. ”I am trying to make sure people understand what it is that NBN Co is going to deliver,” its chief executive, Mike Quigley, said.
Increasing the speed would not add to the $43 billion construction price tag and the fibre could be upgraded to provide even faster speeds in coming years, Mr Quigley said.
The faster capability was already built into the equipment which the company was installing in homes and Mr Quigley said he decided to enable it after discussions with internet providers and the competition watchdog.
Telecommunications industry figures have given support to parts of the Coalition’s policy even as others decry the lack of investment and ”vision” in Tuesday’s $6 billion announcement.
The opposition communications spokesman, Tony Smith, announced the Coalition would spend $750 million on a fixed broadband optimisation grants program to overcome technical restrictions that stop 1 million households from using ADSL, the most common technology for broadband services.
The decision received praise from industry figures, who said it was a cost effective way to offer timely broadband to significant numbers of people using existing infrastructure.
”If you’re looking at an incremental approach to getting towards high-speed broadband, that’s the way to do it,” said an industry consultant, Kevin Morgan.
An Ovum broadband consultant and former Liberal policy adviser, David Kennedy, said mobile phone carriers, in particular Vodafone Hutchison Australia, had spare spectrum capacity in regional areas and could offer wireless broadband.
Ian Birks, the chief executive of the Australian Information Industry Association, said the Coalition’s plan showed a lack of commitment to broadband, but was ”reasonable” within the fiscal restraints imposed.
”I don’t think the Coalition policy recognises the vision for a digital future in Australia, that’s what makes it disappointing,” he said.
NBN Co has been instructed to replace Australia’s copper telephone network with fibre optic cable to 93 per cent of the population and high-speed wireless and satellite to remote areas.
NBN Co would offer unlimited download capacity at one gigabit per second wholesale rates to retail internet providers, but service provider Internode said it was not reasonable to give consumers unlimited downloads.
Information Source smh.com.au
Cisco ASA 5510 Firewall : Basic Configuration Tutorial
Continuing our series of articles about Cisco ASA 5500 firewalls, I’m offering you here a basic configuration tutorial for the Cisco ASA 5510 security appliance. This device is the second model in the ASA series (ASA 5505, 5510, 5520 etc) and is fairly popular since is intended for small to medium enterprises. Like the smallest ASA 5505 model, the 5510 comes with two license options: The Base license and the Security Plus license. The second one (security plus) provides some performance and hardware enhancements over the base license, such as 130,000 Maximum firewall connections (instead of 50,000), 100 Maximum VLANs (instead of 50), Failover Redundancy, etc. Also, the security plus license enables two of the five firewall network ports to work as 10/100/1000 instead of only 10/100.
Next we will see a simple Internet Access scenario which will help us understand the basic steps needed to setup an ASA 5510. Assume that we are assigned a static public IP address 100.100.100.1 from our ISP. Also, the internal LAN network belongs to subnet 192.168.10.0/24. Interface Ethernet0/0 will be connected on the outside (towards the ISP), and Ethernet0/1 will be connected to the Inside LAN switch.
The firewall will be configured to supply IP addresses dynamically (using DHCP) to the internal hosts. All outbound communication (from inside to outside) will be translated using Port Address Translation (PAT) on the outside public interface. Let’s see a snippet of the required configuration steps for this basic scenario:
Step1: Configure a privileged level password (enable password)
By default there is no password for accessing the ASA firewall, so the first step before doing anything else is to configure a privileged level password, which will be needed to allow subsequent access to the appliance. Configure this under Configuration Mode:
ASA5510(config)# enable password mysecretpassword
Step2: Configure the public outside interface
ASA5510(config)# interface Ethernet0/0
ASA5510(config-if)# nameif outside
ASA5510(config-if)# security-level 0
ASA5510(config-if)# ip address 100.100.100.1 255.255.255.252
ASA5510(config-if)# no shut
Step3: Configure the trusted internal interface
ASA5510(config)# interface Ethernet0/1
ASA5510(config-if)# nameif inside
ASA5510(config-if)# security-level 100
ASA5510(config-if)# ip address 192.168.10.1 255.255.255.0
ASA5510(config-if)# no shut
Step 4: Configure PAT on the outside interface
ASA5510(config)# global (outside) 1 interface
ASA5510(config)# nat (inside) 1 0.0.0.0 0.0.0.0
Step 5: Configure Default Route towards the ISP (assume default gateway is 100.100.100.2)
ASA5510(config)# route outside 0.0.0.0 0.0.0.0 100.100.100.2 1
Step 6: Configure the firewall to assign internal IP and DNS address to hosts using DHCP
ASA5510(config)# dhcpd dns 200.200.200.10
ASA5510(config)# dhcpd address 192.168.10.10-192.168.10.200 inside
ASA5510(config)# dhcpd enable inside
The above basic configuration is just the beginning for making the appliance operational. There are many more configuration features that you need to implement to increase the security of your network, such as Static and Dynamic NAT, Access Control Lists to control traffic flow, DMZ zones, VPN etc.
Step-By-Step Configuration Guide For The Cisco Asa 5505 Firewall
The Cisco ASA 5505 Firewall is the smallest model in the new 5500 Cisco series of hardware appliances. Although this model is suitable for small businesses, branch offices or even home use, its firewall security capabilities are the same as the biggest models (5510, 5520, 5540 etc). The Adaptive Security technology of the ASA firewalls offers solid and reliable firewall protection, advanced application aware security, denial of service attack protection and much more. Moreover, the performance of the ASA 5505 appliance supports 150Mbps firewall throughput and 4000 firewall connections per second, which is more than enough for small networks.
In this article I will explain the basic configuration steps needed to setup a Cisco 5505 ASA firewall for connecting a small network to the Internet. We assume that our ISP has assigned us a static public IP address (e.g 200.200.200.1 as an example) and that our internal network range is 192.168.1.0/24. We will use Port Address Translation (PAT) to translate our internal IP addresses to the public address of the outside interface. The difference of the 5505 model from the bigger ASA models is that it has an 8-port 10/100 switch which acts as Layer 2 only. That is, you can not configure the physical ports as Layer 3 ports, rather you have to create interface Vlans and assign the Layer 2 interfaces in each VLAN. By default, interface Ethernet0/0 is assigned to VLAN 2 and it’s the outside interface (the one which connects to the Internet), and the other 7 interfaces (Ethernet0/1 to 0/7) are assigned by default to VLAN 1 and are used for connecting to the internal network. Let’s see the basic configuration setup of the most important steps that you need to configure.
Step1: Configure the internal interface vlan
——————————————————
ASA5505(config)# interface Vlan 1
ASA5505(config-if)# nameif inside
ASA5505(config-if)# security-level 100
ASA5505(config-if)# ip address 192.168.1.1 255.255.255.0
ASA5505(config-if)# no shut
Step 2: Configure the external interface vlan (connected to Internet)
————————————————————————————-
ASA5505(config)# interface Vlan 2
ASA5505(config-if)# nameif outside
ASA5505(config-if)# security-level 0
ASA5505(config-if)# ip address 200.200.200.1 255.255.255.0
ASA5505(config-if)# no shut
Step 3: Assign Ethernet 0/0 to Vlan 2
————————————————-
ASA5505(config)# interface Ethernet0/0
ASA5505(config-if)# switchport access vlan 2
ASA5505(config-if)# no shut
Step 4: Enable the rest interfaces with no shut
————————————————–
ASA5505(config)# interface Ethernet0/1
ASA5505(config-if)# no shut
Do the same for Ethernet0/1 to 0/7.
Step 5: Configure PAT on the outside interface
—————————————————–
ASA5505(config)# global (outside) 1 interface
ASA5505(config)# nat (inside) 1 0.0.0.0 0.0.0.0
Step 6: Configure default route towards the ISP (assume default gateway is 200.200.200.2)
—————————————————————————————
ASA5505(config)# route outside 0.0.0.0 0.0.0.0 200.200.200.2 1
The above steps are the absolutely necessary steps you need to configure for making the appliance operational. Of course there are much more configuration details that you need to implement in order to enhance the security and functionality of your appliance, such as Access Control Lists, Static NAT, DHCP, DMZ zones, authentication etc.
Download the best configuration tutorial for any Cisco ASA 5500 Firewall model Here.
