Tips

Tips

• Cisco PIX ASDM: How to install

  Learn some helpful hints for installing and troubleshooting Cisco's Adaptive Security Device Manager (ASDM) for PIX firewalls in this two-part tip.  Continue Reading

• Cache poisoning attacks and how to prevent them

  Want something scary to think about? A compromise of your name servers could cut you off from the Internet or redirect your customers to a competitor. It could even shunt sensitive electronic mail through an intermediate mail server or reroute your ...  Continue Reading

• VPN security: Where are the vulnerabilities?

  SOX compliance mandates have pushed organizations to deliver end-to-end VPN security. This means that the VPN itself is no longer enough. Robbie Harrell explains how organizations can apply security policies to the VPN in this tip.  Continue Reading

• Router Expert: Building 802.11Q VLANs

  Network segmentation can be a great way to increase security. This article covers segmenting with VLANs and the 802.1Q standard.  Continue Reading

• Understanding the differences between IDS and IPS

  We all know that the Internet is a haven for cyber criminals who use the connectivity to launch an unprecedented number of attacks against enterprise networks. IDS and IPS have been developed to combat these threats, but they are not one in the same...  Continue Reading

• Keeping it all separate with VRFs

  A Virtual Routing and Forwarding (VRF) instance can deliver separation across both a shared infrastructure and shared devices, ultimately simplifying management.  Continue Reading

• The network administrator's guide to forensic first response

  The time between discovery of an incident and the handover of digital evidence is critical for the possibility of successful evidence retrieval. Mishandled evidence, whether to be used in court or solely in house, can damage the integrity of the ...  Continue Reading

• Practical configurations: Extending the OSPF network

  Doug Downer continues his series on network configuration with a focus on adding external prefixes such as static routes into your newly created OSPF network and also how to manipulate these routes as they travel across each layer.  Continue Reading

• RIP security

  If you're stuck with RIP, it doesn't mean you can't improve your system's security. Assuming you have a Cisco router and version of IOS released this century, this tip will explain the few easy commands required to prevent people from sending you ...  Continue Reading

• Practical Configurations, Part 3

  This section explains how to configure your distribution and core devices to route traffic to its proper destination and includes some simple commands to help validate your configuration.  Continue Reading

• Hardening your router in 9 easy steps

  For most enterprise LANs, the router has become one of the most critical security appliances in use. Configured properly, it can keep all but the most determined bad guys out, and if you want, it can even keep the good guys in. But an improperly ...  Continue Reading

• Router Expert: Standard interface configuration for a WLAN proxy server

  Our router expert continues his series on building a secure WLAN with a Linux base. This article covers standard interface configuration of the http proxy server.  Continue Reading

• EventCombMT: Search for specific events on Windows event logs

  If you've ever wanted to do quick and dirty searches on event logs for multiple Windows machines, contributor Serdar Yegulalp says don't go without: EventCombMT. Find out how to use it in this tip.  Continue Reading

• Troubleshooting Windows VPN servers

  There are several aspects of the Windows remote access server that can create issues when a VPN client connects. This article focuses on some common trouble spots on the server side and offers steps to help pinpoint the problem.  Continue Reading

• IPv6 renumbering

  Renumbering IPv4 networks has always been a difficult job for network administrators. With IPv6 it becomes easier. The protocol's ability to support multiple addresses on a host enables a gradual conversion.  Continue Reading

• What Ping doesn't tell you

  Ping distinguishes certain states of network functionality that are the cornerstones of everyday network troubleshooting. Learn how to gain greater insight into your network.  Continue Reading

• Wireless LAN deployment and federal regulations

  A look at the bare minimum requirements to keep your WLAN compliant with federal regulations.  Continue Reading

• Secure WLAN best practices and topology

  Expert Michael Martin provides a list of wireless security "dos and don'ts" and a sample topology for a secure WLAN.  Continue Reading

• Interconnecting hubs and switches

  Connecting hubs and switches in your network would seem to be a fairly common and basic procedure, but there are a few things to look out for.  Continue Reading

• Routing protocol basics, part 1

  A detailed look at the characteristics of IGP routing protocols RIP and IGRP/EIGRP.  Continue Reading

• Transition IPv4 to IPv6: How address formats are used to convert IPv4

  What the longer IPv6 addresses can do and how to ease the transition from IPv4.  Continue Reading

• PIM RP configuration methods

  How to configure Auto-RP, a method of setting the RP, or rendezvous point, on a PIM-SM network.  Continue Reading

• IPv6 address types

  Part one of a two part series describing IPv6 address formats and how they are used.  Continue Reading

• Seven steps to ensure project success

  The Value Manager recently had a project fall well below expectations. He reviewed what happened and came up with seven key steps for managing technical risk and one golden rule.  Continue Reading

• Authentication weaknesses

  This tip focuses on hardening network access against brute-force attacks.  Continue Reading

• The Multi Router Traffic Grapher

  A short review of a free network traffic monitoring tool called the Multi Router Traffic Grapher.  Continue Reading

• Router Expert: Filtering with MAC addresses

  This month our router expert discuss some strategies for controlling host network access using MAC address filtering.  Continue Reading

• Focus Windows port scanning with the netscan command

  How to use the netscan command to focus Windows port scanning.  Continue Reading

• Multicast trees

  How multicast propogates in a tree style and what to expect from source trees and shared trees.  Continue Reading

• Redundant security

  With trusted algorithms being cracked left and right, here's a way to implement layered security controls.  Continue Reading

• Why Do You Need a Firewall? from 'Firewalls For Dummies'

  Why Do You Need a Firewall? Chapter 1 of "Firewalls For Dummies" provides an excellent overview of what a firewall is, what it does and how it works.  Continue Reading

• Testing network cable

  Here's some of the terms used in high performance cable testing, and a description of what they mean.  Continue Reading

• Public vs. private networks

  ITKnowledge Exchange member "rpvish" had a question about how to ping internal and external networks, and fellow techies helped out. Here is a portion of the conversation.  Continue Reading

• Multicast group membership

  A look at the mechanisms and protocols used to join multicast streams.  Continue Reading

• Network administrator security policies

  Some security policy elements that are specific to network administrators.  Continue Reading

• Introduction to IP multicast

  A look at the basics of multicasting.  Continue Reading

• MPLS and CE redundancy

  Robbie Harrell reviews the hidden concerns you need to be aware of when making a decision regarding CE-PE resiliency options.  Continue Reading

• Configuring HSRP and VRRP on Cisco routers

  A brief overview of HSRP and VRRP and their configuration on Cisco routers.  Continue Reading

• Minimizing Layer 2 problems

  Understanding the fundamentals of Spanning Tree Protocol.  Continue Reading

• VoIP analysis

  Best-effort delivery of packets is not good enough for VoIP, so the network must be stable and predictable to provide quality comparable to circuit-switched telephone networks.  Continue Reading

• Configuring MPLS experimental bits

  How to configure QoS using experimental bits.  Continue Reading

• Router Expert: Conducting a network inventory, part 1

  Peforming a network inventory is the first step to an audit. It allows you to build a complete picture of your environment and will reveal inconsistencies that should be resolved.  Continue Reading

• Auto-MDIX

  How Auto-MDIX can solve the cross-over cable conundrum.  Continue Reading

• OSPF - Juniper vs. Cisco

  A look at the different ways OSPF standards are implemented on Juniper and Cisco routers.  Continue Reading

• Network administrator documentation

  Networking documentation is often missing a critical component: the Why.  Continue Reading

• The 10 traits of effective security

  Regardless of company size and industry, the most effective information security programs have several essential components in common. Read about the most crucial ones.  Continue Reading

• MPLS: Experimental bits and QoS

  MPLS experimental bits are used to provide QoS capabilities by utilizing the bits set in the MPLS labels.  Continue Reading

• Layer 2 VPN scalability

  A look at the limitations of layer 2 VPN scalability.  Continue Reading

• IP telephony development tools

  A look at some tools for developing IP telephony applications.  Continue Reading

• What's your information security gap?

  Many businesses are developing an information security program -- a formal, structured program that helps ensure the security of business assets and operations.  Continue Reading

• Wireless for redundancy

  Implementing a wireless network is usually done for the sake of mobility, but why not consider it for redundancy?  Continue Reading

• Simplifying and standardizing your device configurations

  Simplifying and standardizing your device configurations.  Continue Reading

• VPLS, a new Layer 2 MPLS VPN technology

  A new Layer 2 MPLS VPN technology that provides similar reliablity and QoS as MPLS VPN, but in a more simplified way. But beware, it does have it's limitations.  Continue Reading

• Instant messaging service blockers

  A look at ways to monitor and block IM traffic.  Continue Reading

• Using multiple routing protocols

  A discussion of IGP and EGP and ways in which they should be implemented together.  Continue Reading

• Routing First-Step: IP version 4 and IP version 6

  Routing and Internet addressing are two important concepts involved in networking. Routing First-Step covers the basics of routing in clear, easy-to-understand language.  Continue Reading

• Locking down wireless hot spots with 802.1X

  Hot spots can increase business productivity, but careless use can lead to corporate resource compromise.  Continue Reading

• Protocols, Lesson 7: Subnet masks and their effect

  Understand the different effects a subnet mask can have.  Continue Reading

• Protocols, Lesson 9: Subnet routing and communications

  Lesson 9 in our protocol series covers the communications side of subnetting.  Continue Reading

• Troubleshooting firewalls

  How to troubleshoot your firewall's settings when it is preventing a client or server connection.  Continue Reading

• Router Expert: Implementing IOS CLI menus

  CLI menus enable network administrators to build overlay menu-driven interfaces for accessing EXEC shell commands.  Continue Reading

• MPLS - Preparing an RFP (Dos and Don'ts)

  A look at the things to include in an RFP, a request for proposal for VPN service.  Continue Reading

• Password checking

  Some programs to test your password integrity.  Continue Reading

• Preventing Layer 2 security threats

  Layer 2 switched environments, typically found in enterprise customer wiring closets, can be easy targets for network security attacks.  Continue Reading

• Top 5 ways to make your network more secure

  Some things to get you thinking about what kind of budget you will need to improve your network's security.  Continue Reading

• Router Expert: Configuring IOS terminal services

  This tip covers IOS configuration of a Cisco router as a terminal server providing direct asynchronous access to other Cisco routers, along with modem access for dial-out services.  Continue Reading

• MPLS - Label Distribution Protocol

  A look at some of the details of Label Distribution Protocol (LDP) and how it works in an MPLS VPN.  Continue Reading

• Run your VoIP calls over a VPN for enhanced security

  A look at using a VPN to enhance VoIP security.  Continue Reading

• Core, Distribution and Access

  A look at a possible logical architecture for routing and switching and how to covert it from logical to physical.  Continue Reading

• Top 10 'show' commands

  A list of the top ten 'show' commands.  Continue Reading

• MPLS - Label Switched Paths

  A look at some of the details of working with Label Switched Paths (LSPs).  Continue Reading

• Understanding business service management

  Business service management (BSM), a method of linking critical business services to the supporting IT services and infrastructure.  Continue Reading

• Top 10 things to know about network administration

  A list of the most important things network administrators should know.  Continue Reading

• Test your network with Qcheck

  A short review of a free network testing tool called Qcheck.  Continue Reading

• Router Expert: Understanding reverse telnet and IOS terminal lines

  Learn how users interact with the terminal server and its connected devices through the use of reverse telnet, line and group rotaries, and terminal line interfaces.  Continue Reading

• Detecting duplex mismatches

  How to detect and solve one of the more annoying performance issues on an Ethernet network.  Continue Reading

• Deploying both a private and public WLAN

  Lisa Phifer answers a reader's request for information about planning and deploying a wireless LAN -- one private and one public.  Continue Reading

• WAN compression

  How WAN compression can help maximize bandwidth.  Continue Reading

• MPLS migration - Planning in advance

  A look at early considerations when you are planning a MPLS VPN migration.  Continue Reading

• Identifying IP addresses

  Some methods for identifying IP addresses on various systems.  Continue Reading

• How to setup Reverse Telnet

  A detailed procedure for setting up reverse Telnet.  Continue Reading

• Monitor your traffic with MRTG

  The Multi Router Traffic Grapher is a free tool that can help you monitor the traffic on your network. Learn more here.  Continue Reading

• WLAN implementation tutorial -- Capacity planning: Step 1

  For WLAN implementation, make sure you have Step 1 down -- capacity planning, not just coverage.  Continue Reading

• L2 VPNs

  A short overview of Layer 2 VPNs and some of their draft standards.  Continue Reading

• Chassis or stackable?

  The age old networking quandary receives another look in this tip that analyses the features of the chassis design.  Continue Reading

• The Network Life Cycle

  Each phase of the NLC has its own requirements that can typically be met with a judicious selection of tools and assessment solutions.  Continue Reading

• Forensic analysis, the CSI of security

  Forensics can give an organization a unique perspective on where breaches are taking place and how they are occurring, as well as how to prevent them.  Continue Reading

• Perimeter networks

  How perimeter networks can help  Continue Reading

• Router Expert: Implementing router interface redundancy

  While redundancy is simple as a concept, it becomes quite problematic in practice. This tip offers the basic options for router interface redundancy.  Continue Reading

• Learning Guide: Voice over IP basics

  This guide contains all the VoIP basics and essentials you will need when implementing an IP telephony network.  Continue Reading

• OSPF configuration

  Nuances of OSPF configuration could impact your network more than you expect.  Continue Reading

• Using passive-interface to prevent DoS

  How to use the passive-interface command to prevent Denial of Service attacks.  Continue Reading

• IP storage 101 for the network admin

  With the advent of IP storage, the time has come for network administrators to get up to speed on storage.  Continue Reading

• VoIP congestion management - basic queuing methods

  A look at some of the basic queuing methods to prevent network congestion.  Continue Reading

• Layer 3 MPLS VPNs

  A look at some of the details of Layer 3 MPLS VPNs.  Continue Reading

• Diagrams - samples

  Some samples of the Visio diagrams described in previous tips.  Continue Reading

• Tips on working with VLSM

  Variable Length Subnet Masks (VLSM) can require some serious number crunching but there are many ways to help make the process simpler.  Continue Reading

• Router Expert: Cisco asynchronous serial support

  Cisco IOS-based routers support three asynchronous serial interface types: Console, Auxiliary, and asynchronous port modules. This tip compares them.  Continue Reading

• Keep networks healthy with patch management

  A vigorous patch management process, supported by powerful, centralized tools can go a long way toward ensuring the health of a network far into the future.  Continue Reading

• MPLS Versus IPSEC VPNs: Which one is right for you

  An examination of the similarities and differences between IPSEC and MPLS and some insight as to when one should be used over the other.  Continue Reading