Archive

Posts Tagged ‘cisco’

Some mail server networking best practices

I was reminded this week about the importance of some good best practices when handling the networking portion of a mail server. While a server or exchange administrator will do a great job handling all of the best practices of configuring the software itself, it is not uncommon for the networking portion to be overlooked. Here is a summary of a couple of networking or firewall related best practices…

  • Your Mail Server should be NAT’ed to an IP address different than your general internet traffic. This ensures that malicious activity taking place on your general internet traffic, or an infected pc, or even a guest system does not impact your ability to send email. If I guest laptop on your wireless network has a virus and is sending out spam, it might result in your IP address being blacklisted, and it will cascade onto your mail server. With a public IP address dedicated to your mail server, you can be assured that if you’re blacklisted, it is because of traffic through your mail server, and not from another source.
  • Block outbound port 25 from everything except your mail server. In general, the only device that should be sending mail outside of your network is your mail server, and if another device needs to send email, such as your MFP or other device, it should relay off your mail server, and not send out directly.
  • If you are using some form of hosted inbound spam or mail filtering, such as MXLogic or Reflexion, you should source IP filter your inbound port 25 traffic, or better yet, consider using an alternate port. If you don’t lock this down, it permits people to bypass your hosted mail hosting, and directly send spam to your mail server.
  • Ensure that your firewall has application aware protection in place for SMTP traffic, however if you have an older Cisco PIX firewall and an Exchange mail server, consider turning FIXUP off for SMTP since there is a long history of documented problems.
  • Be on the lookout for a mail administrator who assigns a public IP address on their mail server directly, thereby bypassing the firewall or other edge protection. If they really want to dual home the mail server, have them place it on a DMZ instead.

Enjoy

 

Advertisements

Cisco terminal length 0 and –more–

From time to time I just need to perform a simple dump of a configuration file from a Cisco IOS device for backup or review purposes, such as a from a router or switch. However, for switch stacks or complex configurations the configuration file can be long, and when using something like Putty to log all the terminal/ssh actions to a file, there is no need to constantly press any key at the –more– prompt. To avoid this, you can simply enter:
terminal length 0
at the enable (#) prompt. From there you will no longer see page breaks but rather have the data scroll out to you the entire configuration file. This also avoids the needs to go back and find/replace the –more– elements from a dump.

Enjoy!

Samsung Releases World-First Zero Client Monitor NC220 Using Cisco UPOE Technology

Official Press Release:
Last week at Cisco Live in Las Vegas, Samsung Electronics Co., Ltd., unveiled the world’s first zero client monitor using Cisco Universal Power Over Ethernet (UPOE) technology, heralding a new era of virtual desktops that will help businesses conserve energy and reduce cost and complexity. The Samsung NC220 monitor with Cisco UPOE powers and connects individual monitors via the network to a “virtualized” central server that executes all tasks and applications, offering businesses a flexible and convenient cloud computing alternative to the traditional workstation setup.

Samsung designed the NC220 with its new LED BLU technology, which offers bright and clear pictures on an ultra-slim, eco-friendly design—and markedly reduces energy consumption when compared with conventional CCFL (cold cathode fluorescent lamp) monitors. Such innovations have allowed Samsung to remain the undisputed global leader in monitors for 19 straight quarters, according to a recent report from market research firm IDC.

This easy-to-deploy, easy-to-maintain desktop virtualization system reduces IT burden at every step. Software and security updates can be deployed in minutes from a centralized location, eliminating the need to service each individual workstation. Additionally, the Cisco UPOE technology is designed to enable that both data and power can be supplied through a single Ethernet cable, allowing for easier installation and more flexibility when configuring an office space.

“Samsung and Cisco are leading the way in transforming enterprise workspaces,” said Jeong-Hwan Kim, senior vice president of Display Sales & Marketing at Samsung Electronics. “Now every workstation can leverage the power and speed of the company’s centralized server, while reducing energy costs and creating a more beautiful, less cluttered environment.”

The addition of Cisco UPOE increases flexibility and choice for businesses by extending network power resiliency, at reduced costs compared to traditional power infrastructure, to an unprecedented range of devices. Cisco UPOE can supply up to 60 watts of power—twice as much as existing power-over-Ethernet technologies, which is currently restricted to 30 watts.

“Cisco UPOE doubles the amount power delivered over the Ethernet to support many more devices, including the Samsung zero client desktop virtualization devices,” said Jeff Reed, vice president of Cisco’s Unified Access Business Unit. “Now the same Ethernet cable that provides network access will power Samsung’s industry leading virtual desktop devices—dramatically simplifying deployment and management of these devices.”

Enterprises can save additional energy by implementing Cisco’s EnergyWise to better manage and monitor the power consumption of IT devices powered and connected to their Cisco network.

Zero client monitors like the Samsung NC220 are server-based monitors for businesses’ cloud computing systems. These products eliminate the need for local CPU, memory and storage at each individual workstation; instead, the monitor is connected via the network to a central server that executes tasks traditionally handled by a desktop PC. Samsung and Cisco have been working together to embed the Cisco UPOE on the Samsung NC220 since the two companies entered into an alliance earlier this year.