Well, after having the same layout up for 3-4 years I finally decided to update my companies website. I also decided to discontinue the separate corporate blog and integrate it in to the main site.
Any feedback is appreciated! Let me know what you guys think!
Corporate Web Site: http://www.digitallyaccurate.com
Corporate Blog: http://www.digitallyaccurate.com/?page_id=293
I was out for dinner the other night at a nice restaurant in downtown Calgary. While waiting for my tenderloin steak, I decided to pull out my phone and check my Twitter, Facebook, e-mail (you know, the usuals). I noticed that my Samsung Focus (SGH-i917) picked up some WiFi networks and I accidentally tapped the option, I saw that I was picking up a wireless network with the SSID of “ShawOpen”.
I remember reading about Shaw launching a city wide wireless network in select areas as a trial. This service compliments your existing internet services you have with Shaw. While the project is currently on trial, when and if it leaves trial, it will simply use the amount of bandwidth you are already paying for with your home Shaw internet package.
More information on the Shaw Exo WiFi Trial can be found here. I believe you can associate 10 devices with your account (someone correct me if I’m wrong) and your device will automatically connect as long as your WiFi is turned on whenever you are in range. It’s a simple, fast, wireless internet connection.
Anyways, moral of this story: It was easy to connect, easy to log in (it uses your @shaw.ca e-mail address), and it was fast! And don’t forget, this lets you avoid using your cell phone data plan! I’m definitely going to be using this more often! Good job Shaw!
And remember: Whenever doing anything with confidential data (banking, private stuff, etc…), always make sure the website’s you are accessing use SSL encryption (you’ll see https in the address bar). If data is sent over a wireless connection and not encrypted it can be intercepted.
Well, I thought I’d share a recent experience with all of you…
About a month ago, one of my clients underwent a Static IP change. Their provider notified them that due to network changes, their Static IP addresses for their servers were getting updated. This isn’t odd, completely normal, and usually happens once every 3-5 years.
Here’s where things get messed up:
Shortly after the change even though SPF records, Reverse DNS, DNS, and blacklists had been checked/configured, for some reason we were having issues sending e-mail to a handful of organization. After a couple of weeks, one of the recipients got their IT department to check in to why. Turns out SORBS had the new Static IP blacklisted.
SORBS had the IP listed as a dynamic (non-static) IP. Keep in mind, my client was using a business connection from one of the largest ISPs in Canada with networks throughout all of North America.
At first, I thought no big deal, I’ll just fill the form out to de-list. Turns out there is no form, you have to register to their site. I found this extremely odd, I don’t want anyone knowing my contact information, I’m not even an employee of the company, and on top of all this, why would they need us to register?
So I registered, waited 30 minutes for a confirmation e-mail to log in, and BAM, got an SQL error when trying to log on to their site, couldn’t go any further. I needed to get this de-listed ASAP. Stuck as a guest on the site, I tried to find a way to contact them via e-mail or some other means, turns out they don’t allow you to contact them unless you are registered.
So at this point I was stuck. I contacted my client’s ISP and asked if there was anything they could do to assist. The ISP responded, and actually mentioned that SORBS regularly does this. Apperently all ISPs send out static IP lists to all Blacklists but SORBS refuses to update it unless the ISP pays a very large “exuberant” amount of money. If the ISP does not pay, they don’t update them. ISP said there was nothing they could do.
I finally decided to just e-mail “webmaster@sorbs.net” and explain the situation. The e-mail was accepted, however no response.
So here we are 5 weeks later and we are still listed and my client is complaining of 1 more organization they can’t send to. Thankfully today out of nowhere my account works on their website, and I was FINALLY able to put through the de-list request.
Why would anyone use this RBL? What a pain!
Recently I had the task of setting up a Site-to-Site IPSec tunnel between my office and one of my employees home office. At my main business HQ we have an Astaro Security Gateway running inside of a vSphere 4 cluster. However I had to find the cheapest way to get the employee hooked up.
The main tasks of the VPN endpoint at the employee’s site was:
1) Filter web, pop3, and provide security for the devices behind the ASG at the home office (1-3 computers, and other random devices)
2) Provider a Site to Site VPN connection and to allow the user access to internal resources, along with providing access to our VoIP PBX (VoIP phone at employee site)
3) Provide access to other resources such as exchange, CRM, etc… And reverse management of devices at home office from HQ
First I needed to find an affordable computer to install the Astaro Security Gateway V8 software appliance on to. My company is an HP Partner, and we love their products, so I decided to purchase a new computer that would be powerfull enough to host the ASG software, and also be protected under HP’s business warranty. I wanted the system to have enough performance that in the future, if the home office was decommisioned, we would be able to use it still as an ASG device but for something else (let’s say a real remote office).
After taking a look at our distributor to find out what was immediately available (as this was a priority), we deiced to pick up a HP Compaq 4000 Pro Small Form Factor PC. Below are the specs:
HP Compaq 4000 Pro Small Form Factor PC
Part Number: LA072UT (Or LA072UT#ABA for the English version in Canada)
| System features | |
| Processor | Intel® Core™2 Duo Processor E7500 (2.93 GHz, 3 MB L2 cache, 1066 MHz FSB) |
| Operating system installed | Genuine Windows® 7 Professional 32-bit |
| Chipset | Intel® B43 Express |
| Form factor | Small Form Factor |
| PC Management | Available for free download from www.hp.com/go/easydeploy: HP Client Automation Starter; HP SoftPaq Download Manager; HP Client Catalog for Microsoft SMS; HP Systems Software Manager |
| Memory | |
| Standard memory | 2 GB 1333 MHz DDR3 SDRAM |
| Memory slots | 2 DIMM |
| Storage | |
| Internal drive bays | One 3.5″ |
| External drive bays | One 3.5″ One 5.25″ |
| Internal drive | 500 GB 7200 rpm SATA 3.0 Gb/s NCQ, Smart IV |
| Optical drive | SATA SuperMulti LightScribe DVD writer |
| Graphics | |
| Graphic card | Integrated Intel Graphics Media Accelerator 4500 |
| Expansion features | |
| I/O ports | 8 USB 2.0 1 serial (optional 2nd) 1 parallel (optional) 1 PS/2 keyboard 1 PS/2 mouse 1 VGA 1 DVI-D 1 microphone/headphone jack 1 audio in 1 audio line out 1 RJ-45 |
| Slots | 2 low-profile PCI 1 low-profile PCIe x16 1 low-profile PCIe x1 |
| Media devices | |
| Audio | Integrated High Definition audio with Realtek 2 channel ALC261 codec |
| Communication features | |
| Network interface | 10/100/1000 |
| Power and operating requirements | |
| Power Requirements | 240W power supply – active PFC |
| Operating Temperature Range | 10 to 35°C |
| Dimensions and Weight | |
| Product weight | Starting at 7.6 kg |
| Dimensions (W x D x H) | 33.8 x 37.85 x 10 cm |
| Security management | |
| Security management | Stringent Security (via BIOS) SATA Port Disablement (via BIOS) Drive Lock Serial, Parallel, USB enable/disable (via BIOS) Optional USB Port Disable at factory (user configurable via BIOS) Removable Media Write/Boot Control Power-On Password (via BIOS) Setup Password (via BIOS) HP Chassis Security Kit Support for chassis padlocks and cable lock devices |
| What’s included | |
| Software included | Microsoft Windows Virtual PC HP Power Assistant |
| Warranty features | Protected by HP Services, including a 3 years parts, 3 years labour, and 3 years onsite service (3/3/3) standard warranty. Terms and conditions vary by country. Certain restrictions and exclusions apply. |
This system was spec’d very nicely for the requirements we had. Another huge bonus is that it was covered under a factory 3 year warranty from HP. Which means that if anything failed, we would have next business day replacement (I love this, and so do my clients who all purchase HP). The one downside is that the system shipped with a Windows 7 license which we wouldn’t be using, but for the price of the system, it didn’t really matter.
The system only came standard with one Gigabit NIC (Network card), however we need two since this device is acting as a firewall/router. It’s a Small Form Factor system, so we had to find a second network adapter which was compatible with the computers case form factor. The card which we purchased was:
HP – Intel Gigabit CT Desktop NIC
Part Number: FH969AA
Although the computer above is not in the compatibility list for the network card, the network card still worked perfect. Once received, we simply replace the case bracket on the card with one that shipped with it for small form factor computers.
We then burned the .ISO image of the ASG V8 software appliance, and proceeded to install it on the system. It installed (along with the 64-bit kernel) perfectly on the computer. After the install was completed, we configured it to connect to our main central Astaro Command Center and shipped the device out to the employee’s home office.
Once installed, we logged on to the Astaro Command Center user interface, and created a Site to Site IPsec using the wizard. Within 2-5 seconds the connection was established and everything was working 100%.
After using this for a few days, I checked to make sure the computer was powerful enough to be providing the services required, and it was without any problems.
Just wanted to share my experience in case anyone else is doing something similar to what I did above. If you were to reproduce this, all the hardware should be under $700.00 CAD.
Just thought I’d do up a quick little post about an issue I’ve been having for some time, and just got it all fixed.
I’ve been running Astaro Security Gateway inside of a VMware environment for a few years. When version 8.x came out, I went ahead and simply attached the ISO to the VM and re-installed over the old v7 and restored the config. This worked great, and for the longest time I had no real issues.
I noticed from time to time that with packet sniffs, there was quite a few retransmissions and TCP segments lost. This didn’t really pose any issues, and didn’t cause any problems, however it was odd.
Recently, I had to configure a Site to Site IPsec VPN between my office, and one of my employees to provide exchange, VoIP, etc… With astaro this is fairly easy, few clicks and it should work simple, however I started noticing huge issues with file transfers, whether being transferred over SMB (Windows File Sharing), or SCP/SSH. Transfers would either completely halt when started, transfer a few couple hundred kilobytes, or transfer half of the file until it would simply halt and become unresponsive.
After 3-4 days of troubleshooting, I went ahead and did a packet sniff, noticed there were numerous TCP segments lost, fragmentation, etc… Initially I beleive that maybe MTU configuration may have had something to do with it, however TCP/IP and the Astaro device should have taken care of properly setting the MTU on the IPsec automatically.
After trying fresh installs of ASG, etc… and no behaviour change, I finally decided to take a few days away and give it a shot later. I’ve troubleshot this from every avenue and for some reason the issue is still existing. I finally figured that the only thing I haven’t checked was with my VMware vSphere environment. Checked the settings, all was good, however I did notice that the NICs for the ASG vm (which were created by the v7 appliance) were set as flexible, and inside of the VM were detected as some type of AMD network adapter. I found this odd.
After shutting down the ASG VM, removing the NICs and configuring new ones using E1000, all of a sudden the issue was fixed, the IPsec Site to Site VPN functioned properly, and all the network issues seen in network captures were resolved.
I hope this helps some other people who may be frustrated dealing with the same issue.
Well it’s been a few months and love it!
Here’s a little speedtest.net snippet:
Download: 93.89Mb/s
Upload: 4.83Mb/s
Ping: 12ms
Keep in mind I need the connection mostly for upload. I’ve actualy gone over 5Mbps plenty of times. Can’t wait for their 250 plus offering, or even better yet FTTP.
Well, I decided to upgrade to Shaw’s new “Business Internet 100 Plus” today. I decided to choose the option to pick up the Cable modem, instead of having scheduled a technition since I wanted to play with it today!
Got it done rather quickly over the phone. The plan also includes a phone line, which actually does have to be scheduled since it uses a different device that has to be installed by a Shaw tech.
Anyways, plugged in the new SMC Cable Modem. Noticed that it was an integrated all-in-one Cable/Router/Wifi. This concerned me as I thought I may have received the wrong unit. Plugged it in, noticed Wifi turn on (which concerned me even more). Shortly however, the WiFi turned off, and the “Bridge Mode” was enabled after it was automaticly provisioned by Shaw. (I confirmed this is what actually was happening later on when I spoke to tech support).
Had a few problems getting online. For some reason my account was limited for only 2 devices to have concurrent internet. This was odd and frusterating considering I have 6 Static IPs and should have over 10 Dynamic IPs. After a phone call to Shaw, they resolved this. I also got them to test the line, and all was good.
One interesting thing is that most of the speed test sites out there, actually don’t provide accurate testing since they can’t actually handle your bandwidth. The Shaw Speed test actually reporting a download speed of 98Mbps, and an upload spead of 4.97Mbps.
So far it ROCKS!
Update – July 21st, 2011
It’s been over a month now, and I’m still very satisfied. We had a few minor problems in the past on our old connection with the limitations of upload speed, both for pushing updates out to clients, along with our VoIP system that runs over our internet connection. With the new service, all issues no longer exist. I can actually utilize the internet connection, get the speeds I expect, at the same time use multiple lines on our VoIP system with absolutely NO issues at all.
The speed is still rock solid, the stability of the connection is also still rock solid. Absolutely no complaints whatsoever…
For some time now I’ve been wondering how Shaw’s fiber trial in Calgary is going…
Just wondering if any of my readers know the status? I for one wouldn’t mind paying $400/month for 1gbps up/down… I heard the roll out was in Pinebrook? Any users of the rollout have a review you could post?
Thnx
Be sure to check out my companies site!
We provide Small, Medium, and Large businesses with all different types of Solutions, Services, and even support!
http://www.digitallyaccurate.com
We’ve had a few succesfull blog posts that have brought in quite a bit of traffic (an example being the tutorial on Trixbox/CUCM integration).
But what would you guys like to see?
-More VMware Stuff?
-Server stuff?
-SBC computing?
Let me know!
