Case: Customer concerns about firewall configuration. Firewall implemented on Linux server. Firewall includes NAT. Discovery: During review of firewall configuration I discovered following – total number of lines in configuration are ~5500. Some rules grouped in groups (chains). Some groups have no rules in them. Many rules never have had traffic passing through them. Advice […]
Category: Example Cases
How to configure PAT on Mikrotik (RouterOS)
Download WinBox and connect to Mikrotik. Select “IP” – > “Firewall”. Select NAT. Click on plus and select “Chain” -> “dsnat”. Enter dst.address – this is tipically public IP address of Mikrotik router. Enter protocol type (for HTTP this is “tcp”). Enter dst.port – port, what will be NAT-ed. Click “Atcion” tab. Select “Action” -> […]
Case: remote execution in Linux
Case: Customer have appliance from vendor running Linux. Customer have no access (restricted by agreement with vendor) to scheduler on server. Customer want periodically gather some information from applience and use it. Solution: Create shell script on Linux server, owned by customer. Schedule it on customers server. In mentioned script use remote execution to gather […]
Case: Separate call-center/support team from production network and from management network
Customer have one big network with all users in same network fragment. Customer want to improve security. Problem description: All employee reside in one big network fragment and have some level of access to all corporate servers. Production and support team span acros entire building. Proposed solution: Split network in 4 fragments: servers, support, production […]
Case: improve resilency and throughput of network.
Customer have issues with LAN. Customer do not want to spend money on new switches/routeres. Bottleneck – connection between datacenter switches and distribution/access level switches. Problems description: low througput. No redundancy for access switches 1 & 2 for cases, when link from access witch to distribution switch fail. Proposed solution: increase througput between DC switches […]