Reason #1 - Fortigates do AntiVirus, AntiSpam, Intrusion Prevention, VPN, high availability/failover, WAN load balancing/failover, plus basic firewalling out of the box. You can set up and configure them to do all this in about an hour. I'd like to see someone try to do all this on a Linux/*BSD PC, and see how long it would take to set up , and see what kind of throughput they could get with all the packet processing going on here. Good luck with that.
Reason #2 - When you're running a business, you don't want to waste time looking for some high school kid to fix your firewall or rebuild you one every time something goes wrong. Support contracts mean that your issue will be solved by professionals within hours - guaranteed. You don't have to stop what your doing and manage the "fix the firewall" project.
Yes, it's certainly possible to build a basic firewall for a small company from PC hardware, but I'd only recommend this if the company was severely budget-constrained and had Linux expertise in-house.
Ok, enough with the "set up a Pentium II and run Linux+IPChains" or whatever. That's fine for your home, but for a business, spend some money and buy a reliable firewall product with warranty, support and maintenance. Dedicated hardware firewalls will always be my choice for many reasons.
Fortigates are simply awesome. I've set up and maintained Pix, Checkpoint, Juniper/Netscreen and others, but Fortigate wins hands down in almost category you choose.
Ironic, because now it IS posted somewhere thanks to AOL. I just found 175 probable SSNs in the searches, some with names, addresses, DOB, etc contained in the same search. Wow this is bad.
I'm currently a system administrator. Then why in college did I take economics, psychology, music, french, math, and philosophy?
College is to teach you how to think about the world in different ways than you may be used to. None of these courses taught me to be a good systems administrator, but they certainly opened my eyes to a lot of things, gave me different perspectives on life, and made me a more well-rounded individual.
Enjoy your time in college - take some time. I know it's easy with today's job market to just want to get to a job as soon as possible to cash in, but this is the only time in your life when you have the chance to easily learn about all sorts of things, not just CS.
I work for a large mortgage company, and we just got screwed with this a few weeks ago. An admin accidentally made a change to our external DNS when the change was supposed to be internal only. Our TTL was set at 24 hours and it was not changed. An incorrect A record for our site was put in place for maybe 30 minutes, and then corrected. Our off-site monitoring (third-party) sites picked up the change in DNS and kept the incorrect IP for almost TWO WEEKS until our correct IP finally got picked up again. They swore up and down that they ran plain vanilla BIND DNS, but I don't see any other explanation other than caching time. I did check all of our slaves, and they did receive the correction right away. I wish people would just follow the rules!
The last few hops of a traceroute to the 1x1 image at g6589dcs.nyc2.aens.net:
10 tbr1-cl1.n54ny.ip.att.net (12.122.10.1) 131.906 ms 95.429 ms 104.953 ms 11 gar4-p300.n54ny.ip.att.net (12.123.3.2) 89.893 ms 101.538 ms 101.920 ms 12 mdf16-gsr12-2-pos-7-0.nyc2.attens.com (12.122.255.214) 101.880 ms 182.536 ms 104.979 ms 13 mdf18-bi4k-2-eth-1-1.nyc2.attens.net (63.240.0.222) 92.881 ms 191.542 ms 104.929 ms
And the traceroute to the site itself:
10 tbr1-cl4.wswdc.ip.att.net (12.122.10.29) 96.025 ms 89.429 ms 89.945 ms 11 gbr5-p10.wswdc.ip.att.net (12.122.11.170) 92.848 ms 86.531 ms 89.952 ms 12 gar3-p360.wswdc.ip.att.net (12.123.9.65) 89.904 ms 89.535 ms 86.961 ms 13 mdf1-gsr12-1-pos-7-0.wdc1.attens.net (12.122.255.182) 89.883 ms 89.537 ms 89.938 ms 14 mdf1-bi8k-2-eth-2-1.wdc1.attens.net (63.240.192.250) 101.848 ms 101.584 ms 101.936 ms
They look similar, no? AT&T hosts the site, and the image isn't necessarily a "tracking" image at all. To jump to this conclusion is a bit paranoid.
One of the most important things to remember is to get a good charger. These batteries will last much longer if they are charged slowly and kept cool when charging. Quick chargers will decrease the life of the batteries! I like the Maha chargers myself.
This is a good one
I was surprised to learn that my nieces and nephews in New Zealand are not learning cursive writing in school. The teachers felt it's unneccessary. What a shame, IMO.
In many cases, finding solutions through commercial support has been much more expensive in terms of the actual contract cost and *time* spent.
It takes a lot of time (and luck) to call the support number, wait for a call back, and maybe get someone that knows about your problem and an appropriate solution.
I'd say that in 70% of the support calls I've had to make, I've had to escalate the call because the level one techs don't know how to solve the problem, and this takes time. Sometimes, I've even had to escalate to the developers of the product, which were only available 8-5 weekdays, further delaying a fix.
Searching for a solution to an open source problem is easy. Search Google or a product's bug tracking system for someone else having the same problem and see how they solved it, or if a solution exists.
The main disadvantage of going the open source route is you don't have anyone depending on your support $$, who will fix problems for you in a timely manner. You can write to the developers or enter a bug request, but this doesn't guarantee a fix within any particular timeframe, which can a substantial risk from a business point of view.
I use a KX-TG2550 phone (the blue one), and interference with my 802.11b network isn't a problem unless I'm using the handset right next to the wireless node. Even 4 feet away is fine, and my network signal level stays in the "good" range. But if I forget and answer the phone as I type at my laptop, my net connection goes bye-bye completely.
Slashdot Mirror
Hmm now it's back to "2.0.0.0". But only 1.5 was available for the last 30 minutes or so. They must be doing some version-shuffling.
Wonder what was broken?
Reason #1 - Fortigates do AntiVirus, AntiSpam, Intrusion Prevention, VPN, high availability/failover, WAN load balancing/failover, plus basic firewalling out of the box. You can set up and configure them to do all this in about an hour. I'd like to see someone try to do all this on a Linux/*BSD PC, and see how long it would take to set up , and see what kind of throughput they could get with all the packet processing going on here. Good luck with that.
Reason #2 - When you're running a business, you don't want to waste time looking for some high school kid to fix your firewall or rebuild you one every time something goes wrong. Support contracts mean that your issue will be solved by professionals within hours - guaranteed. You don't have to stop what your doing and manage the "fix the firewall" project.
Yes, it's certainly possible to build a basic firewall for a small company from PC hardware, but I'd only recommend this if the company was severely budget-constrained and had Linux expertise in-house.
Ok, enough with the "set up a Pentium II and run Linux+IPChains" or whatever. That's fine for your home, but for a business, spend some money and buy a reliable firewall product with warranty, support and maintenance. Dedicated hardware firewalls will always be my choice for many reasons.
Fortigates are simply awesome. I've set up and maintained Pix, Checkpoint, Juniper/Netscreen and others, but Fortigate wins hands down in almost category you choose.
I'm currently a system administrator. Then why in college did I take economics, psychology, music, french, math, and philosophy?
College is to teach you how to think about the world in different ways than you may be used to. None of these courses taught me to be a good systems administrator, but they certainly opened my eyes to a lot of things, gave me different perspectives on life, and made me a more well-rounded individual.
Enjoy your time in college - take some time. I know it's easy with today's job market to just want to get to a job as soon as possible to cash in, but this is the only time in your life when you have the chance to easily learn about all sorts of things, not just CS.
I work for a large mortgage company, and we just got screwed with this a few weeks ago. An admin accidentally made a change to our external DNS when the change was supposed to be internal only. Our TTL was set at 24 hours and it was not changed. An incorrect A record for our site was put in place for maybe 30 minutes, and then corrected. Our off-site monitoring (third-party) sites picked up the change in DNS and kept the incorrect IP for almost TWO WEEKS until our correct IP finally got picked up again. They swore up and down that they ran plain vanilla BIND DNS, but I don't see any other explanation other than caching time. I did check all of our slaves, and they did receive the correction right away. I wish people would just follow the rules!
That's a trick a local coffee shop uses here. Free network so you'll stay an hour or two, but you can't charge your laptop to stay longer than that!
The last few hops of a traceroute to the 1x1 image at g6589dcs.nyc2.aens.net:
10 tbr1-cl1.n54ny.ip.att.net (12.122.10.1) 131.906 ms 95.429 ms 104.953 ms
11 gar4-p300.n54ny.ip.att.net (12.123.3.2) 89.893 ms 101.538 ms 101.920 ms
12 mdf16-gsr12-2-pos-7-0.nyc2.attens.com (12.122.255.214) 101.880 ms 182.536 ms 104.979 ms
13 mdf18-bi4k-2-eth-1-1.nyc2.attens.net (63.240.0.222) 92.881 ms 191.542 ms 104.929 ms
And the traceroute to the site itself:
10 tbr1-cl4.wswdc.ip.att.net (12.122.10.29) 96.025 ms 89.429 ms 89.945 ms
11 gbr5-p10.wswdc.ip.att.net (12.122.11.170) 92.848 ms 86.531 ms 89.952 ms
12 gar3-p360.wswdc.ip.att.net (12.123.9.65) 89.904 ms 89.535 ms 86.961 ms
13 mdf1-gsr12-1-pos-7-0.wdc1.attens.net (12.122.255.182) 89.883 ms 89.537 ms 89.938 ms
14 mdf1-bi8k-2-eth-2-1.wdc1.attens.net (63.240.192.250) 101.848 ms 101.584 ms 101.936 ms
They look similar, no? AT&T hosts the site, and the image isn't necessarily a "tracking" image at all. To jump to this conclusion is a bit paranoid.
One of the most important things to remember is to get a good charger. These batteries will last much longer if they are charged slowly and kept cool when charging. Quick chargers will decrease the life of the batteries! I like the Maha chargers myself. This is a good one
I was surprised to learn that my nieces and nephews in New Zealand are not learning cursive writing in school. The teachers felt it's unneccessary. What a shame, IMO.
In many cases, finding solutions through commercial support has been much more expensive in terms of the actual contract cost and *time* spent.
It takes a lot of time (and luck) to call the support number, wait for a call back, and maybe get someone that knows about your problem and an appropriate solution.
I'd say that in 70% of the support calls I've had to make, I've had to escalate the call because the level one techs don't know how to solve the problem, and this takes time. Sometimes, I've even had to escalate to the developers of the product, which were only available 8-5 weekdays, further delaying a fix.
Searching for a solution to an open source problem is easy. Search Google or a product's bug tracking system for someone else having the same problem and see how they solved it, or if a solution exists.
The main disadvantage of going the open source route is you don't have anyone depending on your support $$, who will fix problems for you in a timely manner. You can write to the developers or enter a bug request, but this doesn't guarantee a fix within any particular timeframe, which can a substantial risk from a business point of view.
I love 'while' loops from the command line. For instance, to monitor disk space every second:
..|grep xxx" or whatever.
tcsh% while 1
while? df -k
while? sleep 1
while? clear
while? end
Also good to monitor who's logged in with "who", processes "ps
I use a KX-TG2550 phone (the blue one), and interference with my 802.11b network isn't a problem unless I'm using the handset right next to the wireless node. Even 4 feet away is fine, and my network signal level stays in the "good" range. But if I forget and answer the phone as I type at my laptop, my net connection goes bye-bye completely.