If you're a small business, and don't want to be hassled with messing around with the internals for your firewall/VPN device, consider the following:
1. Purchase a Cisco PIX firewall for both ends of your VPN.
2. Purchase a SmartNET 1-year subscription with one of the firewalls.
3. When you get them inplace behind your T-1, DSL, Cable modems, put a call into Cisco and use your SmartNET support contract to have the Cisco technicians configure your VPN.
The Cisco SmartNET team works 24x7 in addition to eating, breating, and living PIX configuration.
They can also answer any question you have about VPN and security.
As a small business network admin for approx. 50 people, including several remote offices, the Cisco PIX line of firewall/VPN devices have been a lifesaver. Better yet, as you add on small home offices, you can puchase the Linksys (a Cisco subsidiary) BEFSX41 series firewalls to connect home users to your VPN very easily.
Cisco also provides a software VPN client that works with the PIX line of firewall/VPN endpoint devices. We have the VPN software client deployed across our army of laptops. If a laptop user is on the road in a hotel or at home, they simply dialout or connect tot he internet with a DSL line. They then tell their software VPN client to connect. 5 seconds later, once they're connected, they have access to our entire corporate intranet.
The final selling points for the PIX firewall/VPN endpoint are the cost and ability to fine-tune:
The cost is relatively cheap. For under $1K, you can equip multiple offices with a VPN connection. At the same time, you're protecting your offices with an enterprise-level firewall. Configuration of the firewall can be very easy via a web interface, but you can also restrict particular IP ranges from using certain ports, protocols, or just plain restrict them from access to anywhere in your entire corporation. The possibilities are endless.
Many assymmetric encryption schemes only use public/private key pairs to establish a secure connection. Once a secure connection has been established, most schemes generate a private key that will be used for symmetric encryption.
The reasons for switching to symmetric are many, but primarily it is done for speed. Symetric encryption algorithms are very fast compared to assymetric. Also, symertic algorithms can easily be implemented in hardware, thus, speed boosts are even greater when switched to symetric algorithms.
This kind of answers your question, but there are still a few crazy zealots out there that insist upon the sole use of assymetric algorithms - it is more secure, but worlds slower.
So, not only are students going to be forced to carry yet another form of ID, but they'll also have to give a third-party company (Verisign in this case) detailed personal information.
What about student's rights - they have the right to enter chat rooms, etc.
I can envision the next step - restricting web sites based upon age, then it will be restricting web pages based upon being a student, finally, just restricting overall.
Luckily, we won't have to worry about this being a wide-spread problem - the system is too flawed to go very far; however, I feel for those that WILL be made to use it.
Bottom line is that NOBODY should HAVE to use this system - somehow it should infringe upon their right to freedom of assembly. Albeit, a *virtual* assembly, it's an assembly!
I've heard of this before - also called 1. login to GMail site with web browser of choice (I use FireFox), 2. minimize browser window.
For those of you using GMail already, you know that it automatically refreshed itself and diplays the number of unread emails on your taskbar already.
Anyway, the last thing I want is yet another icon flodding my task bar and consuming system resources. I already use my web browser for that.
Come on Google! Sometimes, too many options and features is too much. Your search engine was successful not only because it is powerful accurate, it's also simple. Your main page isn't littered with links and junk like Yahoo and MSN. Today's phrase of the day: "Simple, yet elegant."
"We'd sure love to just be able to point the web tier at a new data source but that is unattainable due to a convoluted tangle of db specific code."
I'm not proclaiming that.NET is the answer to our problems; however, Microsoft has made a good step in the right direction with.NET. With a few changes in lines of code, you can switch data source types.
I know the above is a bit vague, but as we move into "more managed" code environments (which is where we're headed), programming language interface with the hardware and other software products will become much easier and robust.
The JVM from Sun was just the beginning;.NET is version 2.0. I'm excited to see what's coming in the next 10 years.
Good point - I shouldn't have used "nailed". What i really mean is that at least someone out there in a position that counts has noticed that this was a problem.
With all the problems in our government, I'm surprised anything happened to Microsoft at all. Granted, it was minor, but something happened, which I consider a great feat.
Read the white paper on 802.11i and watch a few web casts from wifi.org you idiot. 802.11i is far more secure than it's predecessors.
Read some more, become educated, and perhaps take a few security classes CWRU boy, then come back to the forum.
My 2 cents is better than your 10 cents.
In my experience, diagnostic software has never been better than my intuition and experience.
Don't waste your money on software packages - spend the money you save on bettering your education and experience through training and reading. It'll pay you back, where as the software is liek throwing your money away.
I beg your pardon. Although Monopoly may appear to be a game largely decided by luck; an adept Monopoly player knows that strategy plays a much larger role.
Knowing how, when and with whom to partner with in Monopoly can defeat the luckiest of players. Albeit, these such games can last for well over 24-hours, die-hard Monopoly fans understand the importance of strategy and anti-luck tactics that can be employed throughout a game.
...the world would have jumped onto the anti-MS bandwagon proclaiming bug-striken software and the lack of security attentiveness. Instead, this is Open Source...let's just slap their wrists and shrug it off again...
A "good" RPG needs a serious storyline. Of course, there needs to be blod and guts, the attractive women, a love story (if it's Final Fantasy), a cool beastiary, and sweet weapons, but the most significant aspect that can make-or-break an RPG is the storyline!
I'm in the process of doing research into network topology and the effect(s) of server and/or router outages will have on the network topology and the overall connectivity of the network. Essentially, my research focuses determining the optimal locations for servers and/or routers for any given network topology.
I'd just like to give my regards to Dan Rather. If anyone else was glued to their television for 5 hours yesterday evening watching CBS and Dan Rather, you know what I'm talking about. It was evident that by 12:30 AM, Dan had run out of creative material and had to resort to some original material. I'll just say that I now know why Dan Rather is not a comedian.
I give him credit however. Not many other people can keep an entire nation interested for over 5 hours.
Also, did anyone catch the point where laughter almost exploded on live television after comments regarding the death/tragedy of Missouri's Democratic governor?
Slashdot Mirror
If you're a small business, and don't want to be hassled with messing around with the internals for your firewall/VPN device, consider the following:
1. Purchase a Cisco PIX firewall for both ends of your VPN.
2. Purchase a SmartNET 1-year subscription with one of the firewalls.
3. When you get them inplace behind your T-1, DSL, Cable modems, put a call into Cisco and use your SmartNET support contract to have the Cisco technicians configure your VPN.
The Cisco SmartNET team works 24x7 in addition to eating, breating, and living PIX configuration.
They can also answer any question you have about VPN and security.
As a small business network admin for approx. 50 people, including several remote offices, the Cisco PIX line of firewall/VPN devices have been a lifesaver. Better yet, as you add on small home offices, you can puchase the Linksys (a Cisco subsidiary) BEFSX41 series firewalls to connect home users to your VPN very easily.
Cisco also provides a software VPN client that works with the PIX line of firewall/VPN endpoint devices. We have the VPN software client deployed across our army of laptops. If a laptop user is on the road in a hotel or at home, they simply dialout or connect tot he internet with a DSL line. They then tell their software VPN client to connect. 5 seconds later, once they're connected, they have access to our entire corporate intranet.
The final selling points for the PIX firewall/VPN endpoint are the cost and ability to fine-tune:
The cost is relatively cheap. For under $1K, you can equip multiple offices with a VPN connection. At the same time, you're protecting your offices with an enterprise-level firewall. Configuration of the firewall can be very easy via a web interface, but you can also restrict particular IP ranges from using certain ports, protocols, or just plain restrict them from access to anywhere in your entire corporation. The possibilities are endless.
Hope this helps a bit.
You're correct - somewhat.
Many assymmetric encryption schemes only use public/private key pairs to establish a secure connection. Once a secure connection has been established, most schemes generate a private key that will be used for symmetric encryption.
The reasons for switching to symmetric are many, but primarily it is done for speed. Symetric encryption algorithms are very fast compared to assymetric. Also, symertic algorithms can easily be implemented in hardware, thus, speed boosts are even greater when switched to symetric algorithms.
This kind of answers your question, but there are still a few crazy zealots out there that insist upon the sole use of assymetric algorithms - it is more secure, but worlds slower.
https://gmail.google.com/gmail/a-fea94a8d51-e35229 7873-210772fff0 f b973-c4ce903288 9 1db7-81ee7cd86a 4 f1d3-8717e7c8bb
https://gmail.google.com/gmail/a-fea94a8d51-cd300
https://gmail.google.com/gmail/a-fea94a8d51-7f154
https://gmail.google.com/gmail/a-fea94a8d51-d54fd
Oh, come on! A radio - I immediately thought it to be a rather bulky bullet proof vest.
So, not only are students going to be forced to carry yet another form of ID, but they'll also have to give a third-party company (Verisign in this case) detailed personal information.
What about student's rights - they have the right to enter chat rooms, etc.
I can envision the next step - restricting web sites based upon age, then it will be restricting web pages based upon being a student, finally, just restricting overall.
Luckily, we won't have to worry about this being a wide-spread problem - the system is too flawed to go very far; however, I feel for those that WILL be made to use it.
Bottom line is that NOBODY should HAVE to use this system - somehow it should infringe upon their right to freedom of assembly. Albeit, a *virtual* assembly, it's an assembly!
Linux rules!
I've heard of this before - also called 1. login to GMail site with web browser of choice (I use FireFox), 2. minimize browser window.
For those of you using GMail already, you know that it automatically refreshed itself and diplays the number of unread emails on your taskbar already.
Anyway, the last thing I want is yet another icon flodding my task bar and consuming system resources. I already use my web browser for that.
Come on Google! Sometimes, too many options and features is too much. Your search engine was successful not only because it is powerful accurate, it's also simple. Your main page isn't littered with links and junk like Yahoo and MSN. Today's phrase of the day: "Simple, yet elegant."
Use it or lose it GOOG.
Upon examining the rock, did the rover suffer from an unexplained BSOD?
I'm not proclaiming that .NET is the answer to our problems; however, Microsoft has made a good step in the right direction with .NET. With a few changes in lines of code, you can switch data source types.
I know the above is a bit vague, but as we move into "more managed" code environments (which is where we're headed), programming language interface with the hardware and other software products will become much easier and robust.
The JVM from Sun was just the beginning; .NET is version 2.0. I'm excited to see what's coming in the next 10 years.
Good point - I shouldn't have used "nailed". What i really mean is that at least someone out there in a position that counts has noticed that this was a problem.
With all the problems in our government, I'm surprised anything happened to Microsoft at all. Granted, it was minor, but something happened, which I consider a great feat.
Absolutely - Google is nearing godlike in my book. What I wouldn't give to work there. Maybe in 15 years and after a PhD, I could apply.
"OR they force windows users to use their engine." will not work - it smells of rotten, stanky anti-trust all over it again.
They tried it with Internet Explorer, and we finally nailed them. Now they'll probably try it with the new MSN Search prodcut.
Hopefully, we'll nail 'em before it causes us too much trouble.
Read the white paper on 802.11i and watch a few web casts from wifi.org you idiot. 802.11i is far more secure than it's predecessors. Read some more, become educated, and perhaps take a few security classes CWRU boy, then come back to the forum. My 2 cents is better than your 10 cents.
Hmm...let's see. I was sitting in our server room when 15 different alarms went off - at the same time that all the lights went out.
What was I thinking? At first, "oh, crap, it's loud in here..."
After preliminary radio reports came in saying that most of the midwest and new england area have lost power...terrorist attack.
Oh, I fail to mention that I live within 20 miles of a Nuclear Power Plant - makes one feel REAL safe - esspecially when this happens.
In my experience, diagnostic software has never been better than my intuition and experience.
Don't waste your money on software packages - spend the money you save on bettering your education and experience through training and reading. It'll pay you back, where as the software is liek throwing your money away.
I beg your pardon. Although Monopoly may appear to be a game largely decided by luck; an adept Monopoly player knows that strategy plays a much larger role.
Knowing how, when and with whom to partner with in Monopoly can defeat the luckiest of players. Albeit, these such games can last for well over 24-hours, die-hard Monopoly fans understand the importance of strategy and anti-luck tactics that can be employed throughout a game.
...the world would have jumped onto the anti-MS bandwagon proclaiming bug-striken software and the lack of security attentiveness. Instead, this is Open Source...let's just slap their wrists and shrug it off again...
It's not so much of an Uber-nerd thing.
...Although it may take an uber-nerd to be interested in this sort of thing.
It's more of a let's do it "because we can" thing.
A "good" RPG needs a serious storyline. Of course, there needs to be blod and guts, the attractive women, a love story (if it's Final Fantasy), a cool beastiary, and sweet weapons, but the most significant aspect that can make-or-break an RPG is the storyline!
Did anyone else see the Wizard of Oz parallel? That's all I could think of throughout the movie - yet my friends think I'm crazy.
I'm in the process of doing research into network topology and the effect(s) of server and/or router outages will have on the network topology and the overall connectivity of the network. Essentially, my research focuses determining the optimal locations for servers and/or routers for any given network topology.
I give him credit however. Not many other people can keep an entire nation interested for over 5 hours. Also, did anyone catch the point where laughter almost exploded on live television after comments regarding the death/tragedy of Missouri's Democratic governor?