July 2009 Tech Tip

Almost everyone uses some type of backup program to backup critical servers and data, but what about your firewall, routers and switches. Have you ever considered backing those devices up? What happens if one of those devices crash and you do not have a good backup?

We at JSO have and have a great tip for a great program that will help you. The program is called CATTOOLS from Solar winds. CATTOOLS works with numerous vendors and numerous devices. It can be setup to backup devices daily, weekly or however often you desire. It can also create a report and email you what has and has not been backed up. It can also send you a report of the changes since the last configuration. This can help you detect unauthorized changes.

This program is free for the first 20 devices and is a nominal fee after that. Best of all it is JSO Technology tested and approved. CATTOOLS can be downloaded from http://www.solarwinds.com/register/kiwi_registration.aspx?Program=881&c=70150000000Es8Y

Juniper EX Switches

I have just completed a large project that I have just replaced Cisco Switches with the Juniper EX 4200 and 3200 series of switches. The Juniper EX series of switches are designed very well.

The have redundant hot swappable power supplies, which allow you to replace the power supply without replacing the switch. They also have hot swappable fan trays.

Juniper EX series switches also have full 15.4 power over Ethernet across all ports. Most Cisco and HP switches do not provide that in a stackable switch.

Juniper also has a great stacking technology called Virtual Chassis. Virtual Chassis allows you to stack up to 10 ten switches and manage them as one. They have a 128GB back plane and great failover. You can also extend the virtual Chassis to a remote location over 10 GB fiber.

One of the best features I like is the ability to compare configuration changes from command line. You can compare a current config, to an older configuration and see the changes. You can also rollback a configuration if a mistake is made.

They also have a very clean WEB UI that is easy to use and allows you to do a majority of the changes you will need.

Finally, they have layer 3 build into each switch. I was able to move my client to a Layer 3 configuration and provide them fail over of less than 1 second. I could not do that in the prior environment.

The local Juniper SE was also very helpful in the process. Staying late to ensure the project was successful. Overall I think Juniper does a very good job in the Channel and will ensure their customers are treated right.

They also take care of their partners with extra help when needed. Overall, I think you should consider reviewing Juniper before making your next switch upgrade. You can find more information about Juniper Switches here http://www.juniper.net/us/en/products-services/switching/.

Virtualization

We have been working on numerous Virtualization projects using either VMWARE or Citrix XenServer this year. This technology has been big in the enterprise the last few years and is staring to take off in the small to medium business market.

For a small business, you can get into virtualization for no cost. You just have to purchase the correct server. We have been recommending that for a few of our clients. They have the ability to consolidate older hardware and also make better use of their hardware. It also puts the correct pieces into place to allow them to move to a DR very easily.

VMWARE and Citrix Xenserver both have free options available. You can start out with the free option and then upgrade to the premium edition when you are are ready.

I think all small to medium businesses should consider virtual servers. VMWARE and Citrix both make it easy to start.

Tech Tip for June 2009

Most of us are trying to save some money these days. Did you know that can you purchase refurnished computers and equipment for up to half the cost of new equipment? You can also purchase maintenance contracts from 3 parties and also save money.

Dell has an outlet site, outlet.dell.com that you can purchase servers, desktop computers and laptop for a big discount. We purchase most of our equipment from that website.
Virbrant Technologies has refurbished equipment for HP, Dell, Cisco and various others. Most times the refreshed equipment is returns and is good as new. They are also typically guaranteed by a warranty.

Network hardware resell http://www.networkhardware.com/ offers both Cisco gear and Cisco smartnet contracts. You are able to save up to 80% on smartnet contracts. I had one of my clients move to this service and the results were great. They were able to receive parts in a timely fashion.

In this difficult economy, it pays to check out options like this to save money.

Fortinet 4.0 firmware Release

By the time that you read this article, will we have already held the Fortinet event discussing the 4.0 firmware release? The 4.0 release adding some additional functionally and features that make this release a worthwhile upgrade.

WAN Acceleration

The 4.0 release introduces WAN Acceleration to the Fortinet product line. (On certain Models only). WAN Acceleration can speed up file transfers between firewalls and also from firewall to vpn client. Microsoft CIFS is a protocol that performs poorly in a VPN or WAN (Wide Area Network) environment. I have completed some initial testing and it seems to improve performance by at least 20-30%. It also supports http, ftp and tcp. This feature can really help when you are deploying a remote office and need to add some speed without adding additional lines.
Identity based Policies

Identity based policies are also introduced in the 4.0 release. This feature allows you to identify users in a firewall policy and restrict access and also log access. This allows you to create granular policies and log in detail what users are doing. It is very flexible allowing you to specific access by time of day and other additional features. You can identity users based on Novell EDirectory, Windows Active Directory or LDAP.
Application Identification
This is another nice addition to the 4.0 release. With application identification, you can identify applications such as IM and block it no matter what port it is running across. It makes it much easier to allow or block access to certain web 2.0 applications and you do not need to worry about IP addresses or port numbers.

Cloud Computing

I am again blogging about cloud computing. I just returned from a trip to Ireland and in the mail (called post in Ireland) I got a trade rag that discussed all the different cloud computing companies and options. It was an interesting read and I am going to sum it up and what I believe is going to happen in the cloud computing space.

Basically, cloud computing has existed for some time. Nicholas Carr wrote a book called the Big Switch, rewiring the world from Edison to Google (A must read and can be found here, Big Switch. In this book he coined cloud computing and the media has picked it up and ran with it.

Some early cloud computing options have been spam filtering by postini, MX Logic and others. Salesforce.com and Netsuite are also companies that have really had cloud computing options for at least 4 years. These companies are really the pioneers in this market.

Hosted Exchange email and Hosted Sharepoint is also an early adaptation on cloud computing. Microsoft started offering this with Exchange 2003, numerous providers jumped on and I believe that the market is maturing. Microsoft has launched its own live version of this service, driving many small shops out of the market.

Amazon has also offered cloud computing services since 2006, with its Elastic Compute Cloud. They have services such as SimpleDB, CloudFront and Simple Queue Services. They can also offer pay as you go options to virtual servers and virtual storage.

AT&T, the legacy phone company has a cloud computing option. They purchased a web hosting company called USinternetworking in 2006. In August of 2008 they announced a service called Synaptic. Synaptic is a pay as you go service that with access to virtual servers and storage with security. They are in a good position to offer this as they have massive bandwidth to the Internet and very well protected data centers (They have been doing data centers for years, think of the CO's, they are basically data centers).

So, I think many companies have started with cloud computing already. It could be hosted spam filtering or applications such as salesforce.com or Netsuite.

The next step for small business is going to be hosted email. Email is becoming a huge part of every ones business and they can not be without it. To build the redundancy that is needed is very expensive to build and maintain. I do believe you are going to see this as a first wave towards major business applications going towards the cloud. At about 9.95 a month per user, you can not go wrong. You eliminate the up front capital cost and also the long term expense cost.

The next wave I believe you will see is small to medium businesses look to visualizing their servers in the cloud. Servers for most small businesses are getting to the point that they need to be replaced. I predict that with all of the cloud computing options that we have available, it is going to make sense not to purchase that server and move it to the cloud. The recession and the need to cut capital costs is going to drive this. Also, with more of the workforce telecommuting and the ability to hire anyone from around the country, it makes more sense to have it in the cloud then at single location.

This is going to be a game changer for most businesses, you will need to start reviewing this sooner rather than latter. For IT professionals it will not be enough just to understand the technology. You will need to have the ability to commuicate and understand how to run a business and how your business is run. It would be a good idea to diversify your skill set and either take a few business classes at your local college or self study.

The next 5-10 years are going to be exciting.

GIPAW-Next Generation Firewalls

I presented to the GIPAW group. GIPAW is an association of all the local Wisconsin government IT Managers.

The presentation that I gave was about Next Generation Firewalls and how they can save money and better protect their network.

Most businesses are trying to solve security problems by throwing multiple solutions to fix the security issues that they are having. This usually does not solve the security problem and is usually more difficult to manage and maintain. You usually have a web filter, IDS, Anti-Virus gateway, IM Gateway. With the next generation firewalls, you have only one appliance. It allows for a single managed interface and the ability to better view your traffic.

You can also have it preform authorization against your directory service to get granular on what users can access. You can also restrict bandwidth down to the user and group.

I really do believe a next generation firewall will save you money and provide you better protection.