Features and Amenities
Features and Amenities:
Wifi ready study area
Gym and Function Room
Features and Amenities:
2 Lap Pools
Ground Floor Commercial Areas
Features and Amenities:
3 Swimming Pools
Gym and Fitness Center
Outdoor Basketball Court
Contact us today for a no obligation quotation:
Copyright © 2018 SMDC :: SM Residences, All Rights Reserved.
Exam Questions Updated On :
920-468 exam Dumps Source : Nortel VPN Router Rls.7.0 Advanced Configuration & Management
Test Code : 920-468
Test Name : Nortel VPN Router Rls.7.0 Advanced Configuration & Management
Vendor Name : Nortel
: 56 Real Questions
Great source of actual test questions, accurate answers.
killexams.com had enabled a pleasant experience the complete whilst I used 920-468 prep resource from it. I accompaniedthe study courses, exam engine and, the 920-468 to every tiniest little detail. It changed into because of such fabulousmanner that I became gifted within the 920-468 exam curriculum in remember of days and were given the 920-468 certification with an awesome marks. i am so grateful to each unmarried person behind the killexams.com platform.
it's miles actually first rate to have 920-468 actual test exam financial institution.
I almost lost accept as true with in me inside the wake of falling flat the 920-468 exam.I scored 87% and cleared this exam. Much obliged killexams.com for recupemarks my fact. Subjects in 920-468 were truly difficult for me to get it. I almost surrendered the plan to take this exam yet again. Anyway because of my accomplice who prescribed me to apply killexams.com Questions & Answers. Inside a compass of simple 4 weeks I become absolutely prepared for this exam.
Is there a shortcut to clear 920-468 exam?
killexams.com is an correct indicator for a students and customers capability to art work and test for the 920-468 exam. Its miles an accurate indication in their ability, mainly with tests taken quickly earlier than commencing their academic test for the 920-468 exam. killexams.com offers a reliable up to date. The 920-468 tests offer a thorough photo of candidates capability and abilities.
try these real test questions for 920-468 examination.
Thanks to killexams.com team who gives very treasured practice questions and answers with elements. i have cleared 920-468 exam with 95% marks. Thank U very much on your offerings. i have subcribed to questions banks of killexams.com like 920-468. The questions banks have been very helpful for me to clear those exams. Your mock tests helped a lot in clearing my 920-468 exam with 95%. To the thing, unique and rightly described solutions. Keep up the best work.
Tips & tricks to certify 920-468 exam with high scores.
I was very dissatisfied as soon as I failed my 920-468 exam. Searching the net informed me that there can be a internet web page killexams.com that is the sources that I need to pass the 920-468 exam interior no time. I purchase the 920-468 coaching percentage containing questions answers and exam simulator, prepared and take a seat down within the exam and have been given ninety eight% marks. Thanks to the killexams.com team.
proper source to locate 920-468 real question paper.
when my 920-468 exam changed into right ahead of me, I had no time left and i was freaking out. i used to be cursing myself for losing a lot time earlier on vain dump but I needed to do something and therefore I ought to simplest think about one factor that might keep me. Google advised that, the component was killexams.com. I knew that it had the entirety that a candidate might require for 920-468 exam of Nortel and that helped me in attaining right markss within the 920-468 exam.
a way to put together for 920-468 examination?
hello all, please be knowledgeable that i have passed the 920-468 exam with killexams.com, which changed into my important guidance source, with a solid common score. that is a totally valid exam dump, which I pretty suggest to all of us running toward their IT certification. this is a dependable manner to prepare and skip your IT exams. In my IT organisation, there isnt a person who has no longer used/visible/heard/ of the killexams.com material. not best do they help you pass, but they ensure that you study and end up a successful expert.
Is there someone who passed 920-468 exam?
I got this pack and passed the 920-468 exam with 97% marks after 10 days. I am extremely fulfilled by the result. There may be great stuff for partner level confirmations, yet concerning the expert level, I think this is the main solid plan of action for quality stuff, particularly with the exam simulator that gives you a chance to practice with the look and feel of a genuine exam. This is a totally substantial brain dump, true study guide. This is elusive for cutting edge exams.
Updated and actual question bank of 920-468.
i am going to offer the 920-468 exams now, eventually I felt the self belief due to 920-468 training. if I looked at my past each time I inclined to offer the tests were given fearful, I realize its funny but now i am amazed why I felt no self assurance on my, motive is loss of 920-468 preparation, Now im fully prepared can passed my exams easily, so if anyone of you felt low self assurance simply get registered with the killexams.com and start education, eventually you felt self assurance.
Little study for 920-468 exam, great success.
Mysteriously I answerered all questions in this exam. Lots obliged killexams.com its far a extraordinary asset for passing test. I propose actually everyone to without a doubt use killexams.com. I test numerous books but not notedto get it. Anyhow in the wake of using killexams.com Questions & solutions, i discovered the immediately forwardness in planning query and solutions for the 920-468 exam. I observed all the issues well.
EUC with HCI: Why It matters
Nortel has launched a patch for a vulnerability in its VPN routers that may both cause them to immediately reboot or stay down unless a guide reset is finished.
safety enterprise NTA display screen observed it discoved the denial of provider (DoS) vulnerability in Nortel VPN Router items (in the past referred to as Nortel Contivity) while performing a VPN safety verify for a consumer. The company described the vulnerability as "severe ... as a result of a single malformed IKE packet factors the VPN router to crash. additionally it is not normally feasible to prevent the malformed packet from reaching the router."
NTA display screen mentioned that the vulnerability is triggered by way of sending an IPsec IKE packet with a malformed ISAKMP header. The organization mentioned that receipt of the packet brought about a crash "each time any such malformed packet is shipped."
in line with the neighborhood, in exams the affected router automatically rebooted about eighty p.c of the time, but required a guide reboot 20 p.c of the time. additional, the routers confirmed didn't log receipt of the packets, even when logging was set to highest verbosity. The corporation speculated that this become the effect of the routers crashing earlier than they might even log the packet.
further, the community argued that "security via obscurity" is a very unhealthy approach in this case:
"it's feasible for attackers to become aware of and fingerprint Nortel VPN routers the usage of [...] IKE fingerprinting ideas," the group said in its file. "hence users should not count on that their VPN router is invisible just since it's not published within the DNS and isn't operating any TCP capabilities."
NTA reported that the difficulty affects Nortel VPN router fashions 1010, 1050, 1100, 600, 1600, 1700, 2600, 2700, 4500, 4600 and 5000.
Nortel purchasers with a valid login on the business's web page can entry the Nortel bulletin on the vulnerability and download a patch.
Nortel this week warned of several backdoors, and different flaws, in its VPN and at ease routing products that could enable unauthorized faraway entry to an commercial enterprise network.
user accounts used for diagnostics on Nortel VPN routers (formerly referred to as Contivity) could be used to gain access to a corporate VPN. In one other competencies vulnerability, unauthorized faraway clients might additionally gain administrative access to a VPN router through a web interface. a third vulnerability could outcome in somebody cracking users' VPN passwords.
Nortel says it has issued application that fixes these flaws. Product types affected encompass all Nortel VPN router models -- a thousand, 2000, 3000, 4000 and 5000.
The user account problem, among the three found out by way of a German security researcher, includes two user bills stored within the VPN Router’s default listing. The accounts are used for diagnostics of various VPN tunnels types when the router is used in Federal tips Processing requisites encryption mode -- a typical used by executive groups.
“These money owed represent a possible backdoor into the deepest community from any VPN router,” Nortel says in a bulletin.
web-based management interfaces on VPN routers can also be accessed via unauthorized clients via “careful manipulation of the URL” of the router’s web tackle. Nortel says this could provide confined entry to a couple router configuration settings.
Nortel is also warning that the DES key it uses to encrypt all person passwords on its VPN routers are identical. “it's feasible -- proposing the attacker turned into able to gain entry to the light-weight directory access Protocol shop -- to use a brute force assault on the hash of a consumer password with a view to benefit network access,” Nortel says.
Nortel provides that upgrading to VPN router application versions 6_05.140, 5_05.304 or 5_05.149 fixes the three concerns it is reporting. (The upgrade secures the two diagnostic person debts, closes the vulnerability in the web manager and adds 3DES encryption to passwords). software enhancements can also be received here.learn extra about this subject matterfive things Nortel have to do to finished comeback01/19/07Nortel offers vulnerability fix
06/06/05Microsoft and Nortel announce large unified communications alliance
07/18/06be part of the network World communities on facebook and LinkedIn to touch upon topics which are precise of intellect.
Nortel Networks is offering a fix for a vulnerability that may let an attacker crash a VPN (virtual private network) router with a single malformed packet.
The denial-of-provider vulnerability, said with the aid of U.k.-based internet safety trying out enterprise NTA video display, affects a few fashions in the Nortel VPN Router line, formerly time-honored because the Nortel Contivity line. NTA characterised the vulnerability as severe, and Nortel gave it "main precedence" popularity.
An attacker may trigger the routers to reboot or to crash by sending a single IKE (cyber web Key change) packet with a malformed ISAKMP (web protection affiliation and Key management Protocol) header, according to an advisory on NTA computer screen's net web page. In trying out, most routers restarted -- which takes about 5 minutes -- and a few required manual intervention to be restarted, NTA said. The routers don't log any suggestions about the packet, likely because they crash earlier than having an opportunity to log it, in response to the advisory.
continuously, it isn't viable to prevent the malformed packet from attaining the router, NTA warned. An attacker could forge the packet's source or take different steps to evade the router from blocking off the packet, according to the business. The packet looks very corresponding to a traditional IKE packet, it reported. NTA did not supply details of the malformed packet out of situation that it can be exploited by way of an attacker before the vast majority of Nortel clients have patched their routers.
The vulnerability affects all products in the VPN Router 600, one thousand, 2000, 4000 and 5000 strains. Nortel recommends upgrading those systems to edition 5.05.200 of the utility, which was released may additionally sixteen, or to set up the patched versions of the version four.76, 4.eighty five, 4.ninety or 5.00 utility, which can be made accessible in June, in accordance a Nortel safety bulletin.
NTA stated it found the issue on March 3 while doing a VPN examine for a client, then notified Nortel, which provided the fix.
Obviously it is hard assignment to pick solid certification questions/answers assets concerning review, reputation and validity since individuals get sham because of picking incorrectly benefit. Killexams.com ensure to serve its customers best to its assets concerning exam dumps update and validity. The vast majority of other's sham report objection customers come to us for the brain dumps and pass their exams cheerfully and effectively. They never trade off on their review, reputation and quality because killexams review, killexams reputation and killexams customer certainty is vital to us. Uniquely they deal with killexams.com review, killexams.com reputation, killexams.com sham report grievance, killexams.com trust, killexams.com validity, killexams.com report and killexams.com scam. In the event that you see any false report posted by their rivals with the name killexams sham report grievance web, killexams.com sham report, killexams.com scam, killexams.com dissension or something like this, simply remember there are constantly terrible individuals harming reputation of good administrations because of their advantages. There are a great many fulfilled clients that pass their exams utilizing killexams.com brain dumps, killexams PDF questions, killexams hone questions, killexams exam simulator. Visit Killexams.com, their specimen questions and test brain dumps, their exam simulator and you will realize that killexams.com is the best brain dumps site.
P2065-037 test prep | 000-601 study guide | 920-331 brain dumps | 000-N37 examcollection | 1Z0-147 practice questions | C9530-410 practice test | HP0-065 exam prep | M2010-760 sample test | 642-467 free pdf | IIAP-CAP brain dumps | CAT-200 study guide | P2065-035 free pdf | 000-M226 real questions | 650-472 free pdf | C2150-508 bootcamp | 1D0-525 test questions | 920-316 questions and answers | C2150-038 real questions | PMI-001 VCE | 000-852 dump |
Where can I get help to pass 920-468 exam?
We have Tested and Approved 920-468 Exams. killexams.com gives the exact and most recent IT exam materials which practically contain all information focuses. With the guide of their 920-468 exam materials, you dont have to squander your opportunity on perusing reference books and simply need to burn through 10-20 hours to ace their 920-468 real questions and answers.
Are you searching for Nortel 920-468 Dumps containing real exam Questions and Answers for the Nortel VPN Router Rls.7.0 Advanced Configuration & Management test prep? killexams.com is here to supply you one most updated and quality supply of 920-468 Dumps that's http://killexams.com/pass4sure/exam-detail/920-468. they have got compiled an information of 920-468 Dumps questions from actual tests so as to allow you to prepare and pass 920-468 exam on the first attempt. killexams.com Discount Coupons and Promo Codes are as under; WC2017 : 60% Discount Coupon for all exams on website PROF17 : 10% Discount Coupon for Orders larger than $69 DEAL17 : 15% Discount Coupon for Orders larger than $99 SEPSPECIAL : 10% Special Discount Coupon for All Orders
killexams.com permits a large number of applicants breeze through the tests and get their certifications. They have a large number of a hit feelings. Their dumps are solid, more affordable, progressive and of extremely best top of the line to triumph over the issues of any IT certifications. killexams.com exam dumps are present day avant-grade in especially bulldoze way on typical premise and material is discharged occasionally. Most recent killexams.com dumps are accessible in testing focuses with whom they are holding their dating to get ultra-current material.
killexams.com Nortel Certification watch courses are setup by method for IT specialists. Bunches of undergrads were grumbling that an excessive number of inquiries in such a considerable measure of training tests and take a gander at courses, and they're basically exhausted to have enough cash any additional. Seeing killexams.com pros instructional course this total form even as in any case ensure that all the learning is covered after profound research and assessment. Everything is to make accommodation for applicants on their road to certification.
We have Tested and Approved 920-468 Exams. killexams.com bears the most right and fresh out of the plastic new IT exam materials which nearly contain all ability focuses. With the valuable asset of their 920-468 brain dumps, you don't need to squander it moderate on examining main part of reference books and just need to burn through 10-20 hours to get a handle on their 920-468 genuine inquiries and answers. What's more, they offer you with PDF Version and Software Version exam inquiries and answers. For Software Version materials, Its provided to give the candidates reenact the Nortel 920-468 exam in a genuine environment.
We offer free supplant. Inside legitimacy period, if 920-468 brain dumps which you have purchased updated, they will educate you by email to download late form of . if you don't pass your Nortel Nortel VPN Router Rls.7.0 Advanced Configuration & Management exam, They will furnish you with finish discount. You have to deliver the filtered multiplication of your 920-468 exam document card to us. after affirming, they will rapidly think of FULL REFUND.
killexams.com Huge Discount Coupons and Promo Codes are as under;
WC2017: 60% Discount Coupon for all exams on website
PROF17: 10% Discount Coupon for Orders greater than $69
DEAL17: 15% Discount Coupon for Orders greater than $99
DECSPECIAL: 10% Special Discount Coupon for All Orders
On the off chance that you set up together for the Nortel 920-468 exam the use of their testing engine. It is anything but difficult to prevail for all certifications inside the main endeavor. You don't must adapt to all dumps or any free deluge/rapidshare all stuff. They give free demo of every IT Certification Dumps. You can try out the interface, question quality and estimation of their training appraisals sooner than you choose to search for.
920-468 | 920-468 | 920-468 | 920-468 | 920-468 | 920-468
Killexams 920-183 pdf download | Killexams 646-276 exam prep | Killexams C2010-940 free pdf | Killexams C2090-463 practice exam | Killexams 040-444 practice questions | Killexams 200-530 real questions | Killexams CPM questions and answers | Killexams 000-S32 braindumps | Killexams HP0-771 braindumps | Killexams HH0-210 free pdf | Killexams 000-718 braindumps | Killexams HP2-K31 Practice Test | Killexams 2V0-751 exam questions | Killexams HP2-B111 bootcamp | Killexams 156-915-80 mock exam | Killexams 000-560 brain dumps | Killexams 250-371 free pdf download | Killexams 010-151 practice test | Killexams 642-889 braindumps | Killexams L50-501 dump |
Killexams MOS-E2E Practice Test | Killexams 500-210 pdf download | Killexams C9520-403 exam prep | Killexams HP0-096 cheat sheets | Killexams F50-522 real questions | Killexams 9L0-509 VCE | Killexams HP2-N33 study guide | Killexams ABEM-EMC free pdf | Killexams HP0-P21 practice test | Killexams P2050-003 practice exam | Killexams 000-962 mock exam | Killexams VCPVCD510 test questions | Killexams HPE2-K43 real questions | Killexams HP2-T25 dumps questions | Killexams 050-684 braindumps | Killexams HC-224 dumps | Killexams 000-180 test prep | Killexams 000-420 bootcamp | Killexams NS0-506 free pdf download | Killexams 000-Z01 free pdf |
Distributed and expanding companies are increasingly using VPN connections to access and share information between offices and branches. They test ADSL firewall routers that are designed for this purpose.The routers in this review are designed to protect multiple machines on private networks. They are also designed to connect remote branches to a head office.
One of the more important aspects of a firewall is to block ports used to exploit a system. Now with more than 65,000+ ports available on a system a firewall does a fair bit of port blocking.
In order to test just how well these firewall routers block ports they used Nmap, which shows how many ports the firewall leaves open by default.
You also expect a router/firewall to provide good logs, support for virtual private networks (VPN), and use Point-to-Point Tunneling Protocol (PPTP) with varying levels of encryption from DES, 3DES, and AES.
A firewall should also support blacklists -- databases of hacker or cracker friendly IP addresses and domain names that can be added to the firewall to explicitly block connections to and from these systems.
We invited all the major vendors to submit products and the ones that took us up on their offer were Cisco/Linksys, Netgear, Nortel, Allied Telesyn, Dynalink, and D-Link.D-Link DSL-300GD-Link DFL-700
The D-Link solution was part of a two-piece solution, ie there was a separate ADSL modem and firewall device. All the other submissions used an all-in-one integrated solution. It does the same job as an all-in-one device but it does cost more.
There are also additional cables that get in the way and an extra device that you have to configure.
You first have to connect the DSL-300G to your phone line. They decided to configure the modem first so they connected a PC to the DSL-300G. They had to then install a small utility which comes on the install CD.
From this utility you can run a basic setup which will allow you to configure the modem using your PC's Web browser. Here you can configure your ADSL account user name and password and connect to your service.
Once completed, they tested the service and all seemed fine and unplugged the PC from the DSL-300G. They then ran a network cable from the Ethernet port of the DSL-300G to the WLAN port of the DFL-700. They also had to run a network cable from the LAN port on the DFL-700 to their PC. Once they did this they were ready to configure the firewall.
Like most of the other units tested they had to open up a browser at 192.168.1.1 to configure the firewall. In this case there wasn't much to configure besides the WAN port. There was also a DMZ port on the back. After a few ping tests to see who was around they were up and running.
This product may sound complext to set up, and indeed there is more involved than with the other devices tested, but overall it actually is not that bad.
After taking a closer look inside the firewall they could see that it's quite a capable firewall. Not only does it offer firewall security but it also supports VPNs, content filtering, and bandwidth management, as well as having good logs and reporting.Dynalink RTA770
The Dynalink was without a doubt the easiest router to setup. They plugged their phone line into the DSL port on the back of the unit. They then plugged a PC into one of the switch ports. From here all they had to do was find out its default IP address, which was 192.168.1.1. After launching a browser and logging into the unit all they had to do was enter their ADSL login name and password and that was it. All up it took us 30 seconds to get online -- a great result.
The Dynalink is not big on features but that also explains the low price of AU$199. Under the advanced menu is a firewall component that allows you to filter IP packets. Besides that there wasn't too much to speak of -- it allows for remote management which was good, however the system logs and traffic statistics only offer basic reporting.Netgear DG834
The Netgear ADSL router represents excellent value for money. It certainly wasn't the least featured but happened to be the least expensive router in this review. Setup was straightforward -- only the Dynalink was easier. Physically they were all set up the same except for the D-Link, as already explained. Besides having to have to enter the ADSL login details, with the Netgear device they had to select the encapsulation they were going use as well as the multiplexing method that matches with their ISP.
The DG834 had a very simple GUI -- what made it stand out from the rest was a help pane which explained what every setting does. It also featured some great security features like being able to block sites and setup rules to block or allow specific traffic. You can also schedule when rules are applied and you can have the system logs e-mailed to you. There were some useful maintenance settings to help you manage the router.Nortel Contivity 251
The Nortel box was one of the more serious routers. It was also one of the easier routers to set up thanks to the included startup wizard. Again, like the other units tested, the hardware setup was straightforward and the only place where you might run into a few setup issues is the software setup.
However, they didn't have any of those problems with this one; they were guided through two Web pages which asked us to select their ISP parameters followed by their ADSL login details. Once they got passed this stage the setup program runs a test that checks your LAN connections as well as your WAN connections. If it returns all passes you know you are online.
As previously stated, the Nortel is a serious device which not only provides firewall security by setting rules for outbound and inbound traffic but also content filtering which can block Web sites that contain keywords. It can also create VPNs that make use of DES, 3DES, and AES. System logs can also be sent to administrators on specified days and times.Linksys WAG54G
The Linksys router was the only router that offered wireless capabilities. It supports both A and G wireless modes. Setting up this unit wasn't too hard, there are just a few things you have to do such as select the encapsulation, multiplexing parameters as well as enter your ADSL login credentials. It takes a few moments to establish a link, something that they didn't really find with the other units. If you look under the wireless menu you can set up WEP or WPA which uses stronger encryption.
Under the security menu you can configure the security settings of the firewall. You can filter Java Applets, Cookies, Active X objects, and Proxies. By default the router blocks anonymous Internet requests. They only found this option enabled on the Linksys which was a bit surprising. They actually had to disable this fine option because it was stopping us pinging the router from a public PC.
We encountered problems running nmap -- which in fact is a great result because it means they couldn't exploit any open ports. However, they thought this was strange so they disabled the firewall and they surprisingly they still couldn't run nmap. Unfortunately they didn't have much time to get to the bottom of this, with more time they could have possibly got it to run nmap but it most likely would've invovled tweaking the unit to make it less secure. So it really is to the device's credit they couldn't find any open ports.
The Linksys also has an integrated VPN server supporting DES and 3DES encryption. Not bad for a device that only costs AU$249. The Linksys can be setup for remote management and has some decent reporting built in. It can also e-mail security alerts.Allied Telesyn AR440S
Setting up the hardware was easy -- you basically have to plug your phone line into the back of the unit then run a network cable from the unit to your PC. DHCP wasn't enabled on this router so they couldn't see the router until they manually set the IP address of their PC.
Once they could see the router they followed the Quick Start menu to get things rolling. You first have to set the encapsulation and multiplexing parameters and from there you enter your ISP login and password details and then apply the settings. They actually thought this all would have been enough to get it running but not so! In fact they had to resort to contacting the vendor for help and only after a few attempts did they manage to get it all working.
The quick install guide fell well short of providing enough information to help us configure the router. By their understanding it's a new product so there may be some kinks that still need to be ironed out by Allied Telesyn.
As for the rest of the installation, they had set the interface to accept remotely assigned addresses, setup the firewall, NAT, set DHCP, and then create traffic policies so they could see beyond the LAN. It sounds a bit painful and it was, especially compared to the other units, but then again how often would you have to setup your firewall from scratch?
The AR44OS comes with traffic filtering capabilities, giving you control over traffic that passes through the unit. VPNs are supported using AES as well as DES and 3DES. Software quality of service and traffic shaping features were included in this release. In the area of monitoring, management, and diagnostics this unit is really well equipped. The diagnostics in particular can display traffic counters for layers 1, 2, 3, and 4.
SpecificationsProduct Allied Telesyn AR440S D-Link DSL-300G/ D-Link DFL-700 Dynalink RTA770 Company Allied Telesyn International D-Link Australia Pty Ltd Askey Australia Phone 1800 228 595 1300 766 868 1800 653 962 Web Site www.alliedtelesyn.com.au www.dlink.com.au www.dynalink.com.au Price (inc GST) AU$907.50 AU$999.95 AU$199 Warranty 2 years 1 year 1 year Ethernet LAN 5-port 10/100Mbps can be used as LAN or DMZ 1-port 10/100Base-TX 4-port 10/100 Mbps Other Ports (USB, Serial) 1 x Async. serial, 1 x PIC expansion bay WAN port (10/100), DMZ port (10/100) and serial console port USB URL/ Content Filtering URL filtering performed using Firewall HTTP proxy Yes No Bandwidth management LLQ, PQ, WRR, DWRR, PQ with WRR/DWRR, 802.1P, IP TOS, IP DSCP, RSVP Yes No DoS protection A stateful inspection firewall provides protection against SYN and FIN flooding, ping of death, smurf attacks and port scans. Yes No VPN server Yes Yes Pass-through only Encryption standards supported DES, 3DES, AES AES, 3DES, DES, CAST128, Blowfish and Twofish NA Target market Home, SoHo, enterprise, service provider SME SOHO Product Linksys WAG54G Netgear DG834 Nortel Contivity 251 Company Cisco-Linksys Netgear Nortel Phone 1800 678 808 1800 502 061 02 8870 5000 Web Site www.linksys.com.au www.netgear.com.au www.nortel.com Price (inc GST) AU$249 AU$169 AU$775 Warranty 3 years 3 years 1 year Ethernet LAN 4-port 10/100Mbps 4-port 10/100Mbps 4-port 10/100 Mbps Other Ports (USB, Serial) None ~ RS232, DB-9f URL/ Content Filtering Yes Yes Blocks ActiveX, Java applets, and cookies, and disables Web proxies so that network administrators can tailor remote site access policies to be consistent with rest of enterprise. Bandwidth management Yes No DoS protection Yes Yes Stateful packet inspection, attack logging and e-mail alerts VPN server Yes Pass-through only Yes Encryption standards supported DES, 3DES NA DES, 3DES, AES Target market ADSL users after a fully featured wireless home gateway for their home or small business network. Home & SME Enterprise How they tested
InteroperabilityWhat features are included that enable the device to play well with other equipment?
FutureproofingUpgrade paths and expansion capabilities?
ROIWhat features & performance do the $$$ get?
ServiceWhat is included, what isn't, and how long is the warranty?
Each firewall was initially setup and tested with the factory default or manufacturer recommended settings. Their test rig comprised of a target machine -- a generic Intel PC with Microsoft Windows XP Professional. This was placed initially on a fully open public IP address and they ran their tests across it from another Windows XP Professional PC running behind the firewall router.
We tested firewalls from a local network aspect, also from the outside in. The first of these testing tools was Nmap v3.10Alpha4 which was run in a Windows environment and allowed us. while offline, to firstly configure their firewall and then, with no risk of blocking half the companies network traffic, test the box before setting it live on the network.
Nmap amongst other things has a very handy port scanning and reporting utility. Remember that port scanning is one of the first foot-printing tools a script kiddy would use to identify what ports are open on a system and thereby identify potential weaknesses in that box. So instead of sniffing from port 1 to 65,000 in a row simultaneously, Nmap in stealth mode scans random ports on the target machine at user defined intervals and builds up its report from there. For the purposes of this test they ran tests on the basic 1605 "common" ports.
The second test was from the inside out and uses a LeakTest v1.2 from the target machine back to itself, simulating a Trojan horse.
The third test was a simple throughput test. They basically downloaded and uploaded data to and from central sever located in a high-quality datacentre.
Data ThroughputWe initially decided to run throughput tests on all the routers. But as they ran these tests over different times of the day they got inconsistent scores. It was interesting to note that they managed to get throughput rates of 1249kbps down and 216kbps up when only using the Dlink ADSL modem. When plugging in the DLink firewall throughput rates had dropped to about 1000kbps for downloading. The other routers managed scores between 400 and 700kbps for downloads. Again they can't place too much emphasis on these results as the tests were run at different times of the day. But they at least give you an indication that a firewall will somewhat reduce your throughput speeds.
Internet connectionAlpahlink Internet Services was used to connect all the routers to the outside world. The service that they employed uses a 1500kbps down and 256kbps up stream which Alphalink offers for AU$99.90 a month. Alphalink also support speeds of 256/64, 512/128 & 512/512. See www.alphalink.com.au for more information.
Final notesWe decided there was no point in creating their own rulesets as it would defeat the purposes of the test. Remember all firewalls can be customised by the user for their own purposes.Sample scenario
This company needs to install ADSL routers in its remote branches in order to share content with the head office.
Approximate budget: Under AU$1000Requires: One simple remote office solution that includes the following features: firewall, VPN, Web filtering, bandwidth management, and a Web-based interface.Best solution: Nortel Contivity 251
Because ADSL routers share a common telephone line with standard analog phones, you need to install a line filter and you are going to have to do this to each phone or phone device that shares the same line as the ADSL service. Anyone could install one of these filters but if you have more than four phones you will need to install a central filter which should be installed by a technician.
What these line filters do is cut out the high pitched noises the ADSL router makes. It also enables you to use your phone line to make standard phone calls.
Nmap v3.75 against the firewall from the outside WANRouter Ports Detected Name Leak Test Dlink 23 telnet Fail 80 http Pass 113 auth Pass 443 https Pass Dynalink 80 http Fail 443 https Pass Netgear 21 ftp Fail 22 ssh Pass 80 http Pass 256 FW1-secureremote Pass 443 https Pass 554 rtsp Pass 636 ldapssl Pass Nortel 80 http Fail 443 https Pass Linksys Did Not Run Fail Allied Telesyn 80 http Fail 113 auth Pass 443 https Pass
Editor's choice: Nortel Contivity 251
The Nortel Contivity 251 is their pick for both the scenario and the Editor's Choice award. It included all of the features asked for in the scenario except for bandwidth management. It was easy to setup and manage, and the price tag was very good considering what you get. The Linksys also deserves a worthy mention for offering wireless.
This article was first published in Technology & Business magazine.Click here for subscription information.About RMIT IT Test Labs
RMIT IT Test Labs is an independent testing institution based in Melbourne, Victoria, performing IT product testing for clients such as IBM, Coles-Myer, and a wide variety of government bodies. In the Labs' testing for T&B, they are in direct contact with the clients supplying products and the magazine is responsible for the full cost of the testing. The findings are the Labs' own -- only the specifications of the products to be tested are provided by the magazine. For more information on RMIT, please contact the Lab Manager, Steven Turvey.
A virtual private network (VPN) is a tool that enables the secure transmission of data over untrusted networks such as the Internet. VPNs commonly are used to connect local area networks (LANs) into wide area networks (WANs) using the Internet. Perhaps you need to build a VPN between two offices but are not sure if the large infrastructure costs associated with an enterprise-level VPN solution are justifiable. The performance of applications that are intended for use over LANs (for example those that use network file sharing) seriously can be degraded over WAN connections. Likewise, lower bandwidth and longer latency in WAN connections can affect adversely the reliability and performance of groupware and thin-client applications. Perhaps you have a home office and would like to use your high-speed internet access to connect seamlessly and securely to your office LAN through an IPSec-capable router. Or perhaps you are just curious about VPNs and IPSec in general and want to experiment.
The VPN firewall discussed in this article will run on just about any 486-or-better PC that has 16MB or more main memory and two Linux-compatible Ethernet network cards. The idea is to provide a starting point from a single, self-contained package that will allow you to create robust, secure, scalable and highly configurable VPNs that also are interoperable with many common commercial VPN implementations. If you wish to experiment on a low-maintenance firewall-VPN gateway, then the package discussed here might be ideal for you.
This article shows you how to set up, at minimal expense, a working VPN gateway that uses the IETF's (Internet Engineering Task Force) IPSec (internet protocol security) specification. IPSec is an open standard and is supported by virtually all major firewall software and hardware vendors, such as Lucent, Cisco, Nortel and Check Point. This package will give you a widely interoperable IPSec that uses the de facto standard 3DES encrypted, MD5-authenticated site-to-site or point-to-site VPN. You should be able to do this without resorting to a full Linux distribution or recompiling a standard Linux kernel with a kernel IPSec module.
The VPN system they examine here is based on FreeS/WAN (www.freeswan.org), a portable, open-source implementation of the IPSec specification. FreeS/WAN has been demonstrated to interoperate, to various degrees, with Cisco IOS 12.0 and later routers, Nortel Contivity Switches, OpenBSD, Raptor Firewall, Check Point FW-1, SSH Sentinel VPN 1.1, F-Secure VPN, Xedia Access Point, PGP 6.5/PGPnet and later, IRE SafeNet/SoftPK, Freegate 1.3, Borderware 6.0, TimeStep PERMIT/Gate 2520, Intel Shiva LanRover, Sun Solaris and Windows 2000. The official FreeS/WAN web site has a regularly updated compatibility list with the latest version of its on-line documentation. FreeS/WAN version 1.5 is included in this package.
I have created a single-diskette distribution that installs the base configuration of a VPN firewall based on the Linux Router Project (LRP, www.linuxrouter.org), a compact Linux distribution that can fit on a single, bootable floppy diskette. The distribution here is essentially Charles Steinkuehler's Eiger disk image with Steinkuehler's IPSec-enabled kernel and LRP IPSec package. Firewalling is carried out through Linux ipchains. This particular version is based on the 2.2.16 kernel of Linux. This distribution is called DUCLING (Diskette-based Ultra Compact Linux IPSec Network Gateway). Compact Linux distributions have a twisted history. LRP technically refers to Dave Cinege's compact distribution. There are many variants around, including Charles Steinkuehler's distribution (EigerStein) of Matthew Grant's defunct Eiger version (lrp1.steinkuehler.net). Another such distribution is David Douthitt's Oxygen (leaf.sourceforge.net/content.php?menu=900&page_id=1). Also, there is LEAF (Linux Embedded Appliance Firewall), a developer's umbrella that tries to coordinate releases and documentation, sort of like a one-stop shop for compact Linux distributions (leaf.sourceforge.net). I use the term LRP to refer to the compact Linux distribution presented here, even though some may consider this terminology incorrect.
If you are running MS Windows 9x, the distribution self-extracts and installs itself onto a standard 3.5", high-density floppy diskette. You also can write the image to a boot floppy if you have a system running Linux. Once the extraction is done, you will need to boot off the floppy disk you have created, copy the network drivers for your network cards over and edit the appropriate configuration files. That's it—no creating and formatting disk partitions or messing with boot managers on your hard drive. If you are not happy with the distribution, just pop the diskette out, throw it away (or reformat it) and reboot your PC. Check the links on leaf.sourceforge.net/devel/thc for more information on these options.
Background on the Firewall and the VPN
This distribution of LRP uses a standard ipchains-based firewall. ipchains (replaced by iptables in the 2.4 series kernels—see David A. Bandel's “Taming the Wild Netfilter”, LJ, September 2001) is a freely distributed packet filter for Linux. It is very instructive to look through the ipchains HOWTO if you are not familiar with this firewalling tool. This can be found at www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html.
The VPN is provided by FreeS/WAN's implementation of IPSec. FreeS/WAN's IPSec implementation is compliant with the IETF's IPSec specification. IPSec is an extension to the Internet Protocol (IP) that provides for authentication and encryption. Three protocols are used to handle encryption and authentication, namely ESP (Encapsulating Security Payload), AH (Authentication Header) and IKE (the Internet Key Exchange). All these components are included in the FreeS/WAN implementation of IPSec and generally are transparent to end users. ESP and AH handle encryption and authentication, while IKE negotiates the connection parameters, including the initialization, handling and renewal of encryption keys. The only encryption scheme currently supported by FreeS/WAN is 3DES (the triple DES or Data Encryption Standard—the current de facto standard for IPSec encryption). Authentication is carried out using MD5 digests of a so-called shared secret (a shared key). The shared key could be a mutually agreed-to character string, RSA cryptographic key pairs or X.509 certificates. FreeS/WAN's KLIPS (kernel IPSec) component, which is compiled into the Linux kernel, implements AH, ESP and the handling of packets. IKE processes handle key negotiation, and renewals are implemented in FreeS/WAN's standalone pluto dæmon.
Requirements and Installation
First, you will need a PC with a floppy disk drive (I have tested only 3.5" disk drives) and two network cards in it. The demands of LRP (the distribution) are minimal and do not require a powerful PC. Anything that is Intel 486-class or better with more than 8MB of RAM will do. You also will need two floppy disks. Reliable, high-density 3.5" floppy disks should do, such as promotional diskettes from AOL. I have never had any problems with generic floppy disk drives, but I have found some problems with writing the distribution to floppy disks with Imation USB U2 SuperDisk drives.
You will need to download the appropriate DUCLING.tgz/zip distribution from ftp.cinemage.com/pub and extract the contents of the archive file. If you have a static IP address, then download the static version, and if you are assigned a dynamic IP address, you will need the distribution with a DHCP client. If you are running Windows 9x, download ducling-stat-W9x-1-0.zip or ducling-dyn-W9x-1-0.zip. Extracting the .tgz file with Winzip (www.winzip.com) will produce a file, ducling-dyn-1-0.exe or ducling-stat-1-0.exe and directory modules. The .exe file is a self-extracting image that formats a floppy disk and writes the image to that disk. Run the ducling-stat-1-0.exe or ducling-dyn-1-0.exe file and place a floppy disk into the floppy disk drive. Note that any data on the disk will be overwritten.
If you are using MS-DOS or Windows 3.1, the TSR utility FDREAD.EXE must be loaded at the DOS level first if you wish to read and write to the 1,722KB format disk. FDREAD.EXE is a freeware program from Christoph H. Hochstätter.
If you are running Linux, download ducling-dyn-1-0.tgz or ducling-stat-1-0.tgz, untar the image (the example here is for the DHCP-enabled dynamic IP address distribution):tar xvfz ducling-dyn-1-0.tgz
and write the image file, ducling-1-0.img, to a formatted floppy using the Linux fdformat and dd commands:fdformat /dev/fd0u1722 dd if=ducling-dyn-1-0.ima of=/dev/fd0u1722 Once the floppy disk image is created as mentioned above, you will have a bootable Linux floppy diskette.
The zipfile/directory named modules contain the required network driver modules as well as optional modules for firewall masquerading. Copy the contents of the module zipfile or directory onto a separate second MS-DOS-formatted floppy diskette for the configuration portion of this discussion (below). In Linux, format a second floppy disk by runningfdformat /dev/fd0
followed bymkdosfs /dev/fd0 and mounting the floppy drive and copying the modules over. Read the documentation included in the README files, which will give you details on configuring your firewall/router.
If you are unable to fit all the desired packages and modules onto a single floppy diskette, you will need to examine alternative setups that use dual floppy diskettes (see the included README files with the DUCLING distribution), a bootable CD-ROM or even a small hard disk. Refer to the on-line sources of LRP documentation for further information.
The LRP Boot Floppies—The Surprising Truth
You may be surprised to discover that LRP uses DOS-formatted floppies. You may be even more surprised to discover that the DUCLING distribution installs itself as a 1,722KB bootable disk image. The 3.5" high-density floppy is technically a 2MB format medium, and you may see these diskettes rated as 2MB “raw” or “unformatted” capacity. The 1,440KB formatted capacity is merely the result of a conventional format that writes 80 tracks on the magnetic media with 18 sectors per track. With the appropriate tools, you can create diskettes that have 80 sectors and 24 tracks per sector, giving 1,920KB per floppy. Floppies having 1,680KB (80/21 sector/tracks per sector) are used regularly for LRP distributions and seem to have a reliable track record; 1,722KB (82/21), 1,743KB (83/21) and 1,760KB (80/22) also are reported to be in use. I have found the 1,722KB format floppy to be reliable enough for testing and have no problems to report so far.
I have created and used large-format floppies of up to 1,920KB. Extremely large-format floppies tend to be nonbootable, apparently as a result of a conflict between PC BIOSes and the nonstandard sector size on the diskette. It has been reported that large-format floppies larger than 1,680KB can suffer from floppy disk hardware dependability problems. Windows NT and Windows 2000 are reported to have reliability problems writing to large-format floppies larger than 1,680KB.
MS Windows 9x operating systems generally read standard as well as large-format floppy diskettes with no configuration changes. In Linux systems, it is often necessary to mount the floppy disk with the correct format specified, i.e., /dev/fd0u1722, where fd0u1722 specifies floppy disk device 0 (fd0) and the u1722 specifies a 1,722KB format. The standard floppy disk drive in Linux /dev/fd0 defaults to /dev/fd0u1440, the 1,440KB format.
For creating and manipulating large-format floppies, consult the LRP Boot Disk HOWTO by Paul Batozech. You'll find this, and other useful articles, in the resources listed at leaf.sourceforge.net/devel/thc. For MS Windows, I have found Gilles Vollant's WinImage (www.winimage.com) to be particularly useful and user friendly. However, it is in some ways more limited than the Linux tools, such as fdformat, mkdosfs and the more recent superformat application. The self-extracting 1,722KBps images for MS Windows discussed here were created using WinImage.
How the LRP Distribution Loads
Before you begin to work with LRP it is useful to note how the distribution works. If you examine the bootable diskette, you will see a series of files, including ldlinux.sys, linux, syslinux.cfg, root.lrp, etc.lrp, modules.lrp and local.lrp.
The file ldlinux.sys is the bootstrap loader that loads the kernel (the file named linux) and initial root.lrp package into memory. The kernel starts and creates a RAM disk and extracts the root.lrp package. A RAM disk is a portion of memory that is allocated as a partition. In other words, the kernel creates a space in memory and treats it like a read/write disk. The kernel then mounts the boot device specified in syslinux.cfg. The remaining .lrp packages on the boot disk are extracted as specified in syslinux.cfg and loaded to the RAM disk. The .lrp packages are merely standard UNIX tarballs (tar-gzipped archives). Once the .lrp packages are installed in the directory tree on the RAM disk, the system begins a boot based on the standard Linux rc file boot hierarchy.
LRP is simply a stripped-down standard Linux kernel with loadable modules and other software contained in sets of .lrp packages. LRP is truly Linux; generally, anything that will run on a generic Linux distribution should run off the LRP diskette. Often the obstacle to extending LRP's applications and capabilities is the space constraint of a single diskette. If you require additional capabilities, for example, remote administration through ssh, a DNS server and so on, you will want to look at multidiskette, CD-ROM or even the full disk drive distributions of LRP that are available.
Start up and Configuration of Router/Firewalling VPN
Once the bootable floppy disk is created, make sure the floppy is placed in the floppy disk drive of the machine on which you wish to run the firewall/VPN. Ensure that the BIOS is configured to boot from a floppy disk. Upon booting the firewall/VPN, you will see the LRP splash screen, messages from the Linux loader followed by a login prompt.
If you have made it this far, congratulations! You have installed an LRP distribution successfully. Now you can start to configure the firewall properties of the LRP as outlined in the bundled documentation.
Once any firewalling tweaks are completed, the VPN needs to be configured. The bundled DUCLING documentation discusses the details for configuring a subnet-to-subnet setup. This involves configuring IPSec's authentication mode (/etc/ipsec.secrets), the IPSec network configuration (/etc/ipsec.conf) as well as the firewalling rules to allow access to ports 500 (UDP), 50 and 51 (TCP).
Note that you need not necessarily require a static IP address in order to run VPN links. A “roadwarrior” configuration is described in the next section, in which the one VPN client has an undetermined static IP address. I have run VPNs between pairs of nodes with dynamically assigned IP addresses. The management of VPN nodes with DHCP-assigned IP addresses becomes tricky if both IP address assignments change frequently. The following section discusses a roadwarrior configuration using DUCLING and a Microsoft-based IPSec client.
This example shows an MS Windows 9x/2000 client point-to-site using SSH Communications Security Sentinel 1.1 (Public Beta 3). FreeS/WAN is interoperable with a wide range of IPSec implementations. The ease of implementation and computability will vary depending on the product. Many IPSec products that support 3DES/MD5 encryption through IKE are interoperable with FreeS/WAN. However, I found that legally obtaining fully functional IPSec implementations that support strong encryption can be arduous, especially if you live outside of the United States.
Many vendors offer only limited capabilities in their freely available IPSec implementations. For example, a product may only support weak encryption (DES) or may limit VPN capabilities to transport mode only. It is important to distinguish between the two VPN modes that are offered through IPSec: transport mode and tunnel mode. Transport mode encrypts and authenticates traffic between two fixed end points. Tunnel mode is more useful for connecting subnets and allows tunneling through firewall and router parameters into different subnets. Basically, transport mode restricts traffic to point-to-point communication. Tunnel mode also allows point-to-site (point-to-subnet) or site-to-site communications. At least one vendor does not seem to allow its implementation of IPSec to run over a connection using a static IP address.
The SSH Communications Security Sentinel product (www.ipsec.com) does not seem to suffer from any of these problems, possibly due to the fact that the company is based outside of the US. I downloaded and tested the 30-day trial beta 3 release of Sentinel 1.1 and found it to be very easy to configure on a Windows 98 desktop PC. The Sentinel documentation provides configuration examples for interconnectivity with a FreeS/WAN VPN gateway.
Here is a summary of a roadwarrior configuration that allows remote users with dynamically assigned IP addresses to connect transparently to a LAN behind a firewall. You will need to open ports 50, 51 (TCP) and port 500 (UDP) to the dynamic IP address or the ISP's DHCP address range. Figure 1 shows the basic setup. You will need to edit /etc/network.conf on the DUCLING FreeS/WAN firewall (go into lrcfg, choose 1), then 1) and seteth0_IP_SPOOF=NO
to disable the blocking of tunneled packets. The bundled documentation contains the detailed instructions on how to do these tasks.
Figure 1. A Roadwarrior-to-Site Configuration
The contents of the FreeS/WAN ipsec.conf file are given in Listing 1. The corresponding ipsec.secrets file contains the entry188.8.131.52 0.0.0.0: PSK "Put your roadwarrior secret string here"
where the phrase in quotes is a shared-secret string. The IP address 0.0.0.0 denotes any IP address, so remember to choose a secure shared-secret string. The rightsubnet and rightnexthop parameters are left blank and imply that the connection is a point-to-subnet connection.
Listing 1. The FreeS/WAN conn Listing for the Setup Shown in Figure 1.
To set up the Sentinel IPSec service:
Download SSH Sentinel from www.ipsec.com and install, following the instructions.
Go into the Sentinel Policy Manager (Figure 2).
Figure 2. Sentinel Policy Manager
Choose the Key Management tab, Authentication Keys and select Add (Figure 3).
Figure 3. Adding a New Key
Select Create a new preshared key then Next (Figure 4).
Figure 4. Configuring Preshared Key
Type in your preshared key. It must be identical to the shared-secret string you have inserted in /etc/ipsec.conf (without the quotes). (See Figure 5.)
Figure 5. Typing in Shared Secret
On the main console of SSH Sentinel Policy Manager, in the Security Policy pane, select VPN connections®Add.
Enter in the IP/hostname of the remote VPN gateway; for their example, it is 184.108.40.206, and choose the preshared secret that you created in step 5 as the Authentication key (Figure 6).
Figure 6. Entering Key and UP Information
Select 3DES encryption, Main Mode and MODP 1024 for IKE Mode and IKE Group, respectively. The Advanced pane generally can be left with the defaults.
Set the IKE SA lifetime (i.e., the interval between rekeying) to the same value as in the ipsec.conf file, typically 480 minutes (eight hours).
Save all settings and try to ping an internal node behind the firewall (try the internal interface, 192.168.x.254). You should be connected. Try running Sentinel's diagnostics to make sure you are connected. I have found that Sentinel's diagnostic mode can hang the FreeS/WAN-Windows connections sometimes. If this happens, go to the FreeS/WAN gateway and do a restart of IPSec and then bring up the various connections.
Figure 7. The VPN Connection Properties Tab
Once again, if you need to restart the connection, log in to the LRP box and type#/etc/initd.d/ipsec restart
to restart the IPSec components.
I also found in Windows 2000 Professional (but not Windows 98) that I had to add the routing manually to the shared subnet 192.168.0.0/24 from the DOS console:route ADD 192.168.0.0 MASK 255.255.255.0 220.127.116.11
(refer to the documentation for the Microsoft route command).
This article outlines the means to implement a firewalling VPN gateway from a single 3.5" floppy diskette. With a single floppy diskette, you should be able to connect hosts and networks of various topologies securely using the Internet. The DUCLING distribution is a bare-bones distribution. Once you are convinced that a FreeS/WAN VPN can fulfill your needs, you can look at either going to a more full-featured LRP distribution or even a full-blown Linux system, implementing such things as remote access (via the secure shell, ssh, for example) or a DNS server.
Switching will once again be all the rage at this week's Interop conference in Las Vegas as the first 40Gbps Ethernet products are slated to be unveiled.
Extreme Networks plans to roll out 40G Ethernet uplinks for its stackable switches and modules for its chassis-based systems in the enterprise core. Those products will be priced aggressively too, at less than $1,000 per port.
Meanwhile, Avaya will prove its commitment to the switching products it obtained from the recent acquisition of Nortel's Enterprise Solutions business by introducing extensions to that portfolio, including a new core Ethernet switch. And Brocade will expand its application switching software and hardware portfolio.
100G Ethernet Cheat Sheet
But it is 40/100G Ethernet that will take center stage at the show. Extreme will join Force10 Networks as an early provider of 40G Ethernet switches and switching modules for data centers.
Force10 last week announced plans to ship 40G Ethernet switches across its portfolio in the second half of this year. Extreme will enter trials later this year with four-port 40G Ethernet modules for its stackables and BlackDiamond modular switch.
The modules will allow the BlackDiamond 8800 core switch to support up to 24 40G Ethernet ports per switch. The four-port 40G modules for the Summit stackable line can be used for stacking or to uplink to a BlackDiamond core switch.They will support wire-speed for local switching but oversubscribed when hitting the backplane, Extreme says. And at less than $1,000 per 40G port, they are priced like 10G ports -- the average selling price of a 10G Ethernet port in 2010 will be $915, according to Dell'Oro Group.
Avaya commits to Nortel switches
Avaya, meanwhile, will put to rest any FUD concerning its commitment to the Nortel switches and data networking products it acquired by unveiling the ERS 8800 series, a successor to the existing ERS 8600 line of core Ethernet switches. The 8800 will include a new switch fabric for the existing 8600 chassis, a new three-slot chassis configuration for smaller networks and edge requirements, and a non-blocking 11-slot switch.
The switch will also feature a "split plane" architecture for integrating wired and wireless networks. It will reduce power consumption by 33% over the 8600 and increase memory by 150% to support scalability of virtual machines in a data center. A core switch cluster will support up to 200 10Gbps Ethernet ports, Avaya says.
The three-slot switch will have a 200Gbps full duplex backplane.
The company will also unveil a new capability for its 8100 IEEE 802.11n WLAN controller. The 8100 will initially perform control and forwarding plane functions for up to 512 access points; but then assume only control or only forwarding plane capabilities as its software is further integrated with the 8800 switch and virtualized, Avaya says.
Avaya will also unveil the Advanced Gateway 2330 for branch offices, a Session Initiation Protocol gateway that provides routing, VPN and firewall capabilities. It will compete with Cisco's Integrated Services Routers and Juniper's SSG gateways, but with an emphasis on IP telephony and unified communications, Avaya says.
Lastly, Avaya has rewritten all of the applications in its Unified Communications Manager system to enable single sign-on and discovery to allow network managers to easily navigate across various applications. Right clicking on an application on the UCM topology map with produce vital statistics on that application, such as flow characteristics.
The 8800, advanced gateway and enhanced UCM are all available now.
Brocade's app switching focus
For application switching, Brocade will roll out software that provisions and manages application resources in a virtualized environment, a new verison of its ServerIron ADX switch operating system, and a new entry-level application switch.
Brocade's Application Resource Broker is a plug-in for VMware's vSphere software. It analyzes application performance across the network and servers and provisions resources accordingly. It provides visibility into both the virtual and physical infrastructure, Brocade says.
Version 12.2 of the ServerIron ADX software features license upgradeability for increased or improved performance and capacity. It provides predictive application load balancing based on response times, Layer 7 switching support for the Financial Information eXchange protocol, an IPv4 to IPv6 gateway and optimized cache switching for service providers.The entry-level ServerIron ADX switch is called the 1008-1. It support up to 16 Gigabit Ethernet ports and two 10G ports, and a maximum Layer 7 throughput of 7Gbps. It is priced at $13,000.All products will be available later in the second quarter.
Read more about lans and wans in Network World's LANs & WANs section.
This story, "40G Ethernet takes center stage at Interop" was originally published by Network World.
3COM [8 Certification Exam(s) ]
AccessData [1 Certification Exam(s) ]
ACFE [1 Certification Exam(s) ]
ACI [3 Certification Exam(s) ]
Acme-Packet [1 Certification Exam(s) ]
ACSM [4 Certification Exam(s) ]
ACT [1 Certification Exam(s) ]
Admission-Tests [13 Certification Exam(s) ]
ADOBE [93 Certification Exam(s) ]
AFP [1 Certification Exam(s) ]
AICPA [2 Certification Exam(s) ]
AIIM [1 Certification Exam(s) ]
Alcatel-Lucent [13 Certification Exam(s) ]
Alfresco [1 Certification Exam(s) ]
Altiris [3 Certification Exam(s) ]
Amazon [2 Certification Exam(s) ]
American-College [2 Certification Exam(s) ]
Android [4 Certification Exam(s) ]
APA [1 Certification Exam(s) ]
APC [2 Certification Exam(s) ]
APICS [2 Certification Exam(s) ]
Apple [69 Certification Exam(s) ]
AppSense [1 Certification Exam(s) ]
APTUSC [1 Certification Exam(s) ]
Arizona-Education [1 Certification Exam(s) ]
ARM [1 Certification Exam(s) ]
Aruba [6 Certification Exam(s) ]
ASIS [2 Certification Exam(s) ]
ASQ [3 Certification Exam(s) ]
ASTQB [8 Certification Exam(s) ]
Autodesk [2 Certification Exam(s) ]
Avaya [101 Certification Exam(s) ]
AXELOS [1 Certification Exam(s) ]
Axis [1 Certification Exam(s) ]
Banking [1 Certification Exam(s) ]
BEA [5 Certification Exam(s) ]
BICSI [2 Certification Exam(s) ]
BlackBerry [17 Certification Exam(s) ]
BlueCoat [2 Certification Exam(s) ]
Brocade [4 Certification Exam(s) ]
Business-Objects [11 Certification Exam(s) ]
Business-Tests [4 Certification Exam(s) ]
CA-Technologies [21 Certification Exam(s) ]
Certification-Board [10 Certification Exam(s) ]
Certiport [3 Certification Exam(s) ]
CheckPoint [43 Certification Exam(s) ]
CIDQ [1 Certification Exam(s) ]
CIPS [4 Certification Exam(s) ]
Cisco [318 Certification Exam(s) ]
Citrix [48 Certification Exam(s) ]
CIW [18 Certification Exam(s) ]
Cloudera [10 Certification Exam(s) ]
Cognos [19 Certification Exam(s) ]
College-Board [2 Certification Exam(s) ]
CompTIA [76 Certification Exam(s) ]
ComputerAssociates [6 Certification Exam(s) ]
Consultant [2 Certification Exam(s) ]
Counselor [4 Certification Exam(s) ]
CPP-Institue [2 Certification Exam(s) ]
CPP-Institute [2 Certification Exam(s) ]
CSP [1 Certification Exam(s) ]
CWNA [1 Certification Exam(s) ]
CWNP [13 Certification Exam(s) ]
CyberArk [1 Certification Exam(s) ]
Dassault [2 Certification Exam(s) ]
DELL [11 Certification Exam(s) ]
DMI [1 Certification Exam(s) ]
DRI [1 Certification Exam(s) ]
ECCouncil [21 Certification Exam(s) ]
ECDL [1 Certification Exam(s) ]
EMC [129 Certification Exam(s) ]
Enterasys [13 Certification Exam(s) ]
Ericsson [5 Certification Exam(s) ]
ESPA [1 Certification Exam(s) ]
Esri [2 Certification Exam(s) ]
ExamExpress [15 Certification Exam(s) ]
Exin [40 Certification Exam(s) ]
ExtremeNetworks [3 Certification Exam(s) ]
F5-Networks [20 Certification Exam(s) ]
FCTC [2 Certification Exam(s) ]
Filemaker [9 Certification Exam(s) ]
Financial [36 Certification Exam(s) ]
Food [4 Certification Exam(s) ]
Fortinet [14 Certification Exam(s) ]
Foundry [6 Certification Exam(s) ]
FSMTB [1 Certification Exam(s) ]
Fujitsu [2 Certification Exam(s) ]
GAQM [9 Certification Exam(s) ]
Genesys [4 Certification Exam(s) ]
GIAC [15 Certification Exam(s) ]
Google [4 Certification Exam(s) ]
GuidanceSoftware [2 Certification Exam(s) ]
H3C [1 Certification Exam(s) ]
HDI [9 Certification Exam(s) ]
Healthcare [3 Certification Exam(s) ]
HIPAA [2 Certification Exam(s) ]
Hitachi [30 Certification Exam(s) ]
Hortonworks [4 Certification Exam(s) ]
Hospitality [2 Certification Exam(s) ]
HP [752 Certification Exam(s) ]
HR [4 Certification Exam(s) ]
HRCI [1 Certification Exam(s) ]
Huawei [21 Certification Exam(s) ]
Hyperion [10 Certification Exam(s) ]
IAAP [1 Certification Exam(s) ]
IAHCSMM [1 Certification Exam(s) ]
IBM [1533 Certification Exam(s) ]
IBQH [1 Certification Exam(s) ]
ICAI [1 Certification Exam(s) ]
ICDL [6 Certification Exam(s) ]
IEEE [1 Certification Exam(s) ]
IELTS [1 Certification Exam(s) ]
IFPUG [1 Certification Exam(s) ]
IIA [3 Certification Exam(s) ]
IIBA [2 Certification Exam(s) ]
IISFA [1 Certification Exam(s) ]
Intel [2 Certification Exam(s) ]
IQN [1 Certification Exam(s) ]
IRS [1 Certification Exam(s) ]
ISA [1 Certification Exam(s) ]
ISACA [4 Certification Exam(s) ]
ISC2 [6 Certification Exam(s) ]
ISEB [24 Certification Exam(s) ]
Isilon [4 Certification Exam(s) ]
ISM [6 Certification Exam(s) ]
iSQI [7 Certification Exam(s) ]
ITEC [1 Certification Exam(s) ]
Juniper [65 Certification Exam(s) ]
LEED [1 Certification Exam(s) ]
Legato [5 Certification Exam(s) ]
Liferay [1 Certification Exam(s) ]
Logical-Operations [1 Certification Exam(s) ]
Lotus [66 Certification Exam(s) ]
LPI [24 Certification Exam(s) ]
LSI [3 Certification Exam(s) ]
Magento [3 Certification Exam(s) ]
Maintenance [2 Certification Exam(s) ]
McAfee [8 Certification Exam(s) ]
McData [3 Certification Exam(s) ]
Medical [69 Certification Exam(s) ]
Microsoft [375 Certification Exam(s) ]
Mile2 [3 Certification Exam(s) ]
Military [1 Certification Exam(s) ]
Misc [1 Certification Exam(s) ]
Motorola [7 Certification Exam(s) ]
mySQL [4 Certification Exam(s) ]
NBSTSA [1 Certification Exam(s) ]
NCEES [2 Certification Exam(s) ]
NCIDQ [1 Certification Exam(s) ]
NCLEX [2 Certification Exam(s) ]
Network-General [12 Certification Exam(s) ]
NetworkAppliance [39 Certification Exam(s) ]
NI [1 Certification Exam(s) ]
NIELIT [1 Certification Exam(s) ]
Nokia [6 Certification Exam(s) ]
Nortel [130 Certification Exam(s) ]
Novell [37 Certification Exam(s) ]
OMG [10 Certification Exam(s) ]
Oracle [282 Certification Exam(s) ]
P&C [2 Certification Exam(s) ]
Palo-Alto [4 Certification Exam(s) ]
PARCC [1 Certification Exam(s) ]
PayPal [1 Certification Exam(s) ]
Pegasystems [12 Certification Exam(s) ]
PEOPLECERT [4 Certification Exam(s) ]
PMI [15 Certification Exam(s) ]
Polycom [2 Certification Exam(s) ]
PostgreSQL-CE [1 Certification Exam(s) ]
Prince2 [6 Certification Exam(s) ]
PRMIA [1 Certification Exam(s) ]
PsychCorp [1 Certification Exam(s) ]
PTCB [2 Certification Exam(s) ]
QAI [1 Certification Exam(s) ]
QlikView [1 Certification Exam(s) ]
Quality-Assurance [7 Certification Exam(s) ]
RACC [1 Certification Exam(s) ]
Real-Estate [1 Certification Exam(s) ]
RedHat [8 Certification Exam(s) ]
RES [5 Certification Exam(s) ]
Riverbed [8 Certification Exam(s) ]
RSA [15 Certification Exam(s) ]
Sair [8 Certification Exam(s) ]
Salesforce [5 Certification Exam(s) ]
SANS [1 Certification Exam(s) ]
SAP [98 Certification Exam(s) ]
SASInstitute [15 Certification Exam(s) ]
SAT [1 Certification Exam(s) ]
SCO [10 Certification Exam(s) ]
SCP [6 Certification Exam(s) ]
SDI [3 Certification Exam(s) ]
See-Beyond [1 Certification Exam(s) ]
Siemens [1 Certification Exam(s) ]
Snia [7 Certification Exam(s) ]
SOA [15 Certification Exam(s) ]
Social-Work-Board [4 Certification Exam(s) ]
SpringSource [1 Certification Exam(s) ]
SUN [63 Certification Exam(s) ]
SUSE [1 Certification Exam(s) ]
Sybase [17 Certification Exam(s) ]
Symantec [135 Certification Exam(s) ]
Teacher-Certification [4 Certification Exam(s) ]
The-Open-Group [8 Certification Exam(s) ]
TIA [3 Certification Exam(s) ]
Tibco [18 Certification Exam(s) ]
Trainers [3 Certification Exam(s) ]
Trend [1 Certification Exam(s) ]
TruSecure [1 Certification Exam(s) ]
USMLE [1 Certification Exam(s) ]
VCE [6 Certification Exam(s) ]
Veeam [2 Certification Exam(s) ]
Veritas [33 Certification Exam(s) ]
Vmware [58 Certification Exam(s) ]
Wonderlic [2 Certification Exam(s) ]
Worldatwork [2 Certification Exam(s) ]
XML-Master [3 Certification Exam(s) ]
Zend [6 Certification Exam(s) ]
Dropmark : http://killexams.dropmark.com/367904/12851047
Dropmark-Text : http://killexams.dropmark.com/367904/12946138
Blogspot : http://killexamsbraindump.blogspot.com/2018/01/exactly-same-920-468-questions-as-in.html
Wordpress : https://wp.me/p7SJ6L-2MM
Box.net : https://app.box.com/s/tkkug8bnrdorhwwh12wn06hu3u0jrxtj