The musings of an IT Consultant

December 31, 2009  10:47 PM

IPS for the ASA

Raj Perumal Raj Perumal Profile: Raj Perumal

Hi folks! So it’s no secret I love the Cisco ASA firewalls. I find that they provide great security at a great price point. Now one of the things you can do to add capability to your existing firewall is add IPS.

The Cisco ASA 5505 has the ability to add an IPS module which will increase the security your ASA can provide. What does this module do for you? It provides inline protection against intrusions.

The IPS can also integrate with a Cisco wireless solution to extend the protection to your wireless network. The IPS also provides constant updates so it can provide instant protection against new attacks. If you feel that you need an IPS in your environment this is a great way to go.


December 31, 2009  10:28 PM

Routers and Firewalls

Raj Perumal Raj Perumal Profile: Raj Perumal

Hello again folks! Happy new year and happy holidays to everyone! I hope everyone had a great holiday season. So I wanted to talk about routers and firewalls today.

You see one of the more common questions I get from customers is what is the difference? Well at it’s core, a router is a device that routes data from one network to another. Whereas a firewall is a device that provides security to your network. However most devices these days fall into both categories. Most firewalls are going to provide some sort of basic routing capability and most routers will provide basic firewall capabilities. So what to do?

Well the answer is: it depends. If you have fairly small business needs, either should be fine for you. But if you need high end security, a firewall is your best bet. If you need to do some high end routing such as BGP then you definitely want a dedicated router. And if you need both I would buy both a firewall and a router and dedicate them to their respective tasks.


December 23, 2009  3:26 AM

BlackBerry down again!

Raj Perumal Raj Perumal Profile: Raj Perumal

Hi folks! For crying out loud, BlackBerry’s are down again. Just spent the last little bit troubleshooting our servers and BlackBerries to find out that it’s out of my control.

Apparently RIM has been having issues with various features in the BlackBerry network such as email, BlackBerry messenger, etc.

Like I said before, RIM really needs to get it together. How can this happen twice in less than a month? This is horrible for RIM and they really need to look at how they are providing their network services and make them more resilient.


December 17, 2009  4:43 PM

A Black Eye for BlackBerry

Raj Perumal Raj Perumal Profile: Raj Perumal

Hi folks! So today isn’t a good day for RIM! It’s also not a good day for customers, especially if you use BIS instead of BES.

RIM is experiencing some network issues today that is affecting customers across North America. The issues are causing delays in emails for any customers on the BIS platform. If you’re using BES for your mail synchronization then this doesn’t affect you.

RIM doesn’t need outages at times like this when people are buying Christmas gifts for their family and friends. It just might encourage the normal everyday user to buy an iPhone instead of a BlackBerry. Come on RIM, get your act together! This isn’t the first time this has happened and I’m sure Apple is loving every second of this.


December 16, 2009  2:16 PM

BES 5 now supports Exchange 2010

Raj Perumal Raj Perumal Profile: Raj Perumal

Hi folks, this just in, BES 5 now supports Exchange 2010! This is happening with Maintenance Release 1.

Up until now people were limited to trying to find not so easy hacks to make this work and they would still run into lots of errors. Some people who were running Exchange 2003 and wanted to upgrade to 2010 couldn’t do it because of the lack of BES support and were forced to upgrade to just Exchange 2007.

Well now with Exchange 2010 support it finally makes it worth it to go to BES 5! In my opinion that’s one of the driving reasons to go to BES 5! You can read more about it here.


December 9, 2009  2:35 PM

Preparing for Cisco ONT exam

Raj Perumal Raj Perumal Profile: Raj Perumal

Hi folks! Now it’s time to start preparing for the Cisco ONT(642-845) exam! This is my last exam in the CCNP series (BSCI, BCMSN, ISCW, ONT).

I suspect this next one will take just as much preparation as the previous ones. The difference with the ONT over the previous ISCW is that it doesn’t look like it’s going to be boring at all. The material looks quite cool! Topics covered according to Cisco’s exam topic web site include:

  • VoIP implementations
  • QoS considerations
  • DiffServer QoS implementations
  • AutoQoS
  • WLAN security and management

That last topic seems oddly out of place with the rest of them, but that doesn’t matter, I love wireless topics! So once again I will be using the Bryant Advantage study guides, with a combination of my course material and notes from my CCNP boot camp at Boson with instructor CCIE Bryan Baize, and also the Cisco Press exam/study guides. CCNP, here I come!


December 9, 2009  2:21 PM

Wan Emulation

Raj Perumal Raj Perumal Profile: Raj Perumal

Hi folks! One of the great things about my job is I always get to experiment with all sorts of technology. Whether it be hardware or software, I’m always running into somethineg new. Well, here I was looking for a way to slow down (yes you are correct, I said slow down) my users connection to a VMware server.Now why would I want to do that you may ask?

I wanted to emulate the WAN. You see I had virtualized some servers on site at a client office of off some old hardware onto a brand new ESX server. This understandably added a huge performance increase. However the servers were being centralized to a central location off site and that would be over a WAN link. I didn’t want the users to have the lightning fast gigabit speeds of the local network, and instead wanted them to have the speeds they would experience once the project was done over the WAN network. Otherwise the users would have experienced first an upgrade in performance during the first step, and then a degrade in performance over the second step when the virtual servers got centralized. So my dilemma¬† was to find a way to mimic the speeds of the WAN on the local network.

Enter WANEM! WANEM is a piece of open source software that you can get as a VMware virtual appliance and then route all traffic through it. After you route all the traffic through it you can set latency times, jitter, and other cool WAN type settings. This way I was able to simulate the WAN and after we centralized the servers the users experienced no degrade in performance, everything was consistent!

You can download WANEM here.


December 9, 2009  2:12 PM

Passed the ISCW exam!

Raj Perumal Raj Perumal Profile: Raj Perumal

Hi folks, great news! I passed the Cisco ISCW(642-825) exam!!!! I am so happy to have that one behind me! As some of you may know, I’ve been studying for this one for quite some time now. I’ve had a lot of projects going on so I really haven’t had the time to buckle down and get this one done. But now it is!

I have to say I really hated the material in the ISCW exam. It was really basic boring stuff (with the exception of MPLS). It also focused a lot on the SDM mangement tool to configure routers which is an old beast that just needs to die already. There are much better ways to configure a router as I’ve said before, and including this on the exam just made no sense.

There was lots of questions on areas such as PPPOE, VPN, network security etc. Now that this one is done it’s on to my last exam in the CCNP series, the ONT(642-845). I’ll keep you posted!


December 1, 2009  12:04 AM

Why would you use static addresses?

Raj Perumal Raj Perumal Profile: Raj Perumal

Hi folks! This is going to be a bit of¬† a rant. Why the heck would people use static addresses in their internal network instead of DHCP for workstations that don’t need it? It’s absurd!

Most workstations should be fine with DHCP, and if they really need a static address you should try and make do with a static reservation in the DHCP scope. That way you can still centrally manage it if you need to make a change later.

It might seem like a good idea at the time going static but at the end of the day if you have a few 100 computers statically assigned, you are in for a world of hurt if you have to change them. Try and stick to centrally managing IP addresses if you have any say in the matter.

-Cheers, RP

December 1, 2009  12:00 AM

Ticket management in the IT consulting world

Raj Perumal Raj Perumal Profile: Raj Perumal

Hi folks! So you start out in IT in your fancy new consulting business and you wonder what you should use for ticket management? Well I’ve used a myriad of products, as there sure are a ton of them out there. Most I find are oriented to the Help Desk portion of the IT industry.

However the consulting industry is a little different. The focus is on billable time, sales opportunities and help desk. What do you use in this situation? Especially if your company is running managed services offerings?

The good folks at ConnectWise have a product called ConnectWise PSA and it’s great. It’s awesome for tracking employee time, billable hours vs non-billable hours, and generating sales opportunities. If you have a chance check it out here.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: