Security is a multifaceted issue that must be addressed to avoid abuse of your network from hackers and employees. While you are connected to the Internet your network is open to the public unless it is protected by a firewall. Networks that are connected to the Internet are vulnerable to malicious attacks from hackers and virus infection. A well configured firewall will block uninvited visitors whilst allowing remote access to authorised users and services. Many firewalls now offer a host of other advanced features such as gateway antivirus, spam filtering, content filtering and the ability to block specific applications such as instant messaging to add further protection and restrict how the Internet is used within the office. Internally, sensitive information such as personnel records, management reports and accounts data can be protected by configuring permissions that only allow access for those who are authorised. Passwords to access the network should be changed on a regular basis and should be sufficiently complex that they cannot be compromised. We can advise on all aspects of network security, firewalls, virus protection and implement a security policy to protect your data and systems.
LONDON and NEW YORK, NY and TOKYO and MACAU–(Marketwire – January 29, 2010) – MDSL, the leader in global cost management solutions, is one of three finalists for the AOTMP Industry Excellence Award in Telecom Expense Management (TEM) for its ground breaking VoIP-PSTN Cost Allocation Solution. The latest solution from MDSL simplifies the management of corporate IP networks by clearly identifying, validating and allocating the costs of hop-off calls rerouted via the Public Switched Telephone Network (PSTN). “The deployment of MPLS (MultiProtocol Label Switching) networks and VoIP services are constantly growing, driven by the opportunity for cost savings and better end-user services,” says Philippe Lignac, TEM Sales Director. “Yet telecom administrators are left with the unique challenge of financially managing hop-off or off-net calls that breakout from their corporate, international Wide Area Network (WAN). By addressing this issue, MDSL is enabling organizations to achieve a greater return on investment (ROI) on their VoIP solutions.” Background MDSL first launched the solution in 2009 for an international company that had standardized its fixed Internet Protocol (IP) infrastructure on Cisco CCM IP clusters; one cluster for North America, one for Europe and one for Asia. Microsoft Office Communications Server 2007 was deployed to connect MPLS networks and VoIP services with legacy systems. A required feature of the network design was the capability for voice calls to breakout, or exit, the internal corporate network at various points (MS hybrid mediation + gateway servers) to both the existing Cisco IP infrastructure and the PSTN network. However, this capability brings with it some tough expense management issues: � Lack of a global solution for charging back costs. Tracking off-net calls in order to generate internal bills. These two factors greatly diminished the organization’s ROI on its Unified Communications investment. Solution The MDSL solution matches and reconciles complex call records for internal billing purposes by taking feeds from the OCS/MPLS system, the internal corporate directory and CDR from vendors. Results/Benefits All off-net calls trigger the following outputs; � A clear report detailing the calling party and recipient. A detailed description of the cost and carriers used resulting in a charge file sent to Accounts Payable for cost allocation. All carrier invoices are automatically audited for errors and overcharges, resulting in savings of 10% or more, on average. “We will present our solution during the TEM 2010 conference on February 15-17, in Orlando, Florida, and would be delighted to meet with organizations considering deploying UC or VoIP,” says Ben Mendoza, CEO, MDSL. For additional information, or to view a case study, pleasecontact our offices in New York, London or Tokyo or e-mail webenquiries@mdsl.com. About AOTMP AOTMP is the leading provider of information solutions for managing fixed and wireless telecom environments. Its proprietary certifications, benchmarks, standards and best practices deliver measurable improvement in efficiency and productivity for managing wireless, voice and data services. From Fortune 50 companies to SMB, enterprises seeking the best return on telecom and IT services turn to AOTMP’s industry research, advisory services, educational programs and performance management systems to achieve operational and financial efficiency. About MDSL MDSL delivers software solutions and services that help international organizations reduce their costs significantly and on a global scale. More than 150 customers in over 34 countries trust in our products to improve their bottom-line results and ensure a fluid and controlled use of their telecom services.
Internet cafes are coming with increased and improved services these days. That is the reason more people are getting interested in business and more users like to go to Internet cafes and more issues are faced regarding security and management of multiple computers. A very important concern regarding management is the Bandwidth management. However, it is not a question any more. Bandwidth management software has solved the issue now. The software assists you to manage the download and upload speed for each computer in your set of arrangements. Computers can be restricted to a specified Bandwidth, time, and allocation per session, access limitations and security options. Bandwidth management software is highly suitable for Internet cafes and gaming consoles. It automatically restricts the Internet traffic when the client logs out. It enables you to customize download and upload speeds for each computer accordingly and independently. The software presents a user friendly interface which serves you to manage the whole network without any effort. All the control options are given on the screen to present user friendly software. First and most important feature of the software is its compatibility with Windows. You do not need to install any expensive hardware for this software. It works very well on your standards PCs. You just need to put two network cards to setup Bandwidth manager. You do not even need to install the software on client computers. Just run it on the administrator and control a whole network from a single computer. The software enables you to control the Bandwidth on each computer. Bandwidth limit is the rate and speed of Internet traffic on each computer. It is set in Kb/s, for each user account independently. The Bandwidth management software allows you to set high Bandwidth limit for some computers while low limit for others. Independent management of computers ensures that no user can disrupt other’s activities. Similarly, it enables you to configure Bandwidth quota for every user. Bandwidth quota is the total amount of Internet traffic bought by a user. This quota is set in Mbytes/sec. It just ensures that no user can use extra time than his payment. This option also configures time allowed to the user. Accounts can be temporarily activated or disabled also. It also sets activity timeout for every computer. Computer will be automatically locked and logged off if the quota is expired or the prepaid account runs out. It also enables you to allow certain accounts or computers to access Internet without any restriction. The software also gives you detailed reports regarding each user account within the network of your Internet cafe. Whatever activities are being performed by all the users, are kept a record of. It stores all the activities. The user login and logout time, log in attempts made, pages visited etc. all are kept in log reports. It gives the administrator control by generating a login and password for it. Only the administrator can authorize the client computers to access Internet. Check out more details about how to control bandwidth limit by visiting http://www.antamediabandwidth.com
The new Microsoft Project 2010 make projects easier. The Project family builds on critical changes made in Microsoft Office Project 2007 and provides pathways for more complex project portfolios as your company’s expertise evolves. New interfaces and menus make Microsoft Project 2010 easier to use. The new navigation adopts the Ribbon in Microsoft Office 2010 applications, which allows discovery of new features. If users have learned Ribbon in other Office applications, they will be more familiar with Project. There are three applications in the Project Office family: Project Standard 2010, Project Professional 2010 and Project Server 2010. Project Standard 2010 • Use Excel-like features to create and manipulate the schedules and data. Office features such as auto-complete, add or delete columns, or rows and text wrap make it simple to learn and use Project Office.• Timelines are visually enhanced with better graphics and expanded colors. Project Professional 2010 • Create customized timelines. Timeline details are quick and easy to visualize and drill into with the enhanced graphical timelines.• Scheduling projects is straightforward. User alerts warn you of potential problems so they can be dealt with immediately. You can also create “What-if?” scenarios using the active and inactive task feature. • Complete reporting time by enabling Single Entry Mode. A consolidated approval center simplifies approval of timesheets and task status. • Outlook and Exchange integrate with the software, no add-ins required. Microsoft Outlook Web allows you to immediately send updates to mobile devices. • Enhanced resource planning lets you use a drag-and-drop to visually find a balance of resources. The web interface carries over to the entire Project family. With built-in web access, teams in different geographic locations and time zones can instantly and effortlessly collaborate and monitor a project’s progress. Project Server and SharePoint Project Server expands the functionality and features of Project 2010 to include project portfolio management. This allows multiple projects to be accessed, resources reviewed, and tasks updated to maintain organizational control throughout the portfolio. Project Server 2010 has built-in integration with SharePoint 2010. SharePoint houses all project documents in one location like a company intranet, letting users access the server via local networks or with Virtual Private Networks (VPN). SharePoint Services tasks lists can be converted to Project Professional 2010 to help with scheduling. With SharePoint’s document control, procedures can be established for review and approval of documents required for the project. User access is controlled with permissions to limit document access and access control also prevents users from changing the wrong documents, or the wrong projects. The content management system (CMS) controls in SharePoint can store multiple versions of documents for regulatory or compliance requirements. With the latest edition of the Project family has: • No support of Internet Explorer 6• No support for ActiveX controls• Project tasks in Outlook no longer requires a plug-in to work with Project Server To Learn about upgrading to the Project family and other new Microsoft applications, call Infinitely Virtual at (866) 257-8455 or request more information from the website: www.InfinitelyVirtual.com. Learn more about Infinitely Virtual and Lisa Gecko at:Infinitely Virtual NewsletterInfinitelyVirtual.com
Scalability Scalability is the biggest challenge in bandwidth management, could bandwidth management box handle multiple gigabit or 10Gb/s links with QoS rule sets? Few bandwidth management vendors have the 10G solutions. At the moment, any switches or routers could handle 10Gb/s, so what is special with bandwidth management? Because switching has very little logic management while bandwidth management got very complex logic and you can take complex software and siliconize it on ASIC chip. Most bandwidth management vendors develops its solutions based on *nix, which needs to be substantially improved from ground up in terms of performance, including SMP, NIC drivers, Network stack to better utilize the multi-core platform to avoid the locking as much as possible, you cannot expect open source stuff to scale well, do you see any instance that dummynet could work well under 400K pps load? Definitely not. For internet network service providers, it is critical to have scalable bandwidth management solutions while its uplink grows rapidly. Most bandwidth management vendors could not even handle 500Mb/s link with QoS rule sets but they advertised 1Gb/s or more. The conclusion: Make sure you test before purchase, you have to load the bandwidth management box on your live network with QoS rule sets to check if it introduces the latency, packet loss and see if its CPU usage is more than 50%. Bandwidth management philosophy Over the past few years we have seen a massive explosion in the types of traffic and applications that traverse IP networks. There are good sound reasons for this as globally we take full advantage of the technologies at hand in our every day lives – however, as can be expected this does unfortunately have some negative side effects especially on bandwidth consumption capacities and the resultant degradation. This is why bandwidth management solutions come in, so the question is how to manage bandwidth. Deep Packet Inspection Deep packet inspection (DPI) is Application-based traffic optimization, which uses the properties of each network protocol to provide the minimum bandwidth that guarantees acceptable quality. Bulk file transfer applications are given the lowest priority since they are typically non-interactive and long-lived. For example, a one way bulk interactive application such as a file download would be lowest priority, a one-way streaming media like YouTube ® may be next in priority and an interactive application such as VoIP would have the highest priority. As the network becomes heavily congested this prioritization becomes important as each application is degraded if it is not prioritized. Internet standards have anticipated that ‘differentiated services’ would be offered, where applications ‘mark’ themselves into the appropriate class based on the priority need of their packets. For example, VoIP marks itself as a high priority given its real-time bandwidth need and a file download marks itself at a lower priority. This provides priority for real-time applications and prevents larger applications from dominating the network. This method, however, is flawed when used in a consumer access application. Broadband access networks (DOCSIS, DSL) do not support ‘differentiated services’ due to technological limitations. Additionally, differentiated services lead to a fairness issue between subscribers and an incentive to ‘cheat’, causing the theft of QoS. Application writers sometimes marked their application’s packets as the highest priority and this honor system failed. Service provides have resorted to marking the traffic on behalf of the user, automatically choosing the guarantees that were needed. This application optimization delivers excellent overall quality and subscriber satisfaction. However, DPI is fundamentally flawed for Internet network services providers: To control user activity it requires many rules and DPI for application recognition. However policies based on explicitly having to identify the application are problematic as there is always going to be unidentified traffic as signatures change or worse still traffic becomes encrypted. This traffic is then thrown into an “all other ” classification and managed in a single umbrella rule. It also implies the endless maintenance and application signature upgrade cost. Multiple traffic types some good some bad having to compete for restricted bandwidth. There are many legal forms of p2p downloading as well which get restricted by these general catch all shaping rules. The protocol method fails because it doesn’t account for the one component of bandwidth management that matters most: volume. The reason that P2P protocols are considered abusive is because they are automated. What most people don’t understand is that most of the traffic generated by P2P applications is HTTP and ICMP traffic. Directory contents are exchanged with HTTP and servers are discovered with ICMP. The reason its abusive is not because of file downloads; it is abusive because the application is automated; it is generating traffic with a volume that is the equivalent of 100s of users. A protocol method that defines HTTP as a good protocol will not work as expected, because these applications increase the volume of HTTP to the point where the network’s volume of HTTP is so high that you either have congestion, or you have to limit users who are innocently surfing the web. The protocol method is a losing battle that fails to solve the problem of network congestion. The biggest problem with DPI is that it is easily defeated. The first way to defeat it is to make your protocols complicated, and to change them regularly. The P2P people do this with fervor. A way to absolutely defeat it is with encryption. How can you inspect a packet when you can’t determine the contents? The truth is, you can’t. You don’t even have to use encryption; you can just scramble your headers or use variable codes. Bandwidth management box on high speed networks don’t have the CPU capacity to be trying to decrypt thousands of packets per second. And you don’t have to be an evil genius to defeat DPI; it can happen accidentally. For Example, IPSEC traffic can’t be managed with DPI or the protocol method. P2P applications can easily launch encrypted tunnels to defeat any control attempt by upstream bandwidth management box. Per-user management Most ISPs and Universities are interested in providing fair access to bandwidth for its customers and users. The way to provide per user fairness is to manage by user. The power of per-user management is that you do not care what they’re doing. You do not have to know about every protocol ever conceived. And you do not have to restrict access to some protocols altogether, since any customer running abusive protocols will only consume their own bandwidth. You do not need to upgrade every time something changes, and you do not need to buy expensive support. Per user controls also can’t be defeated. Since you are controlling by Address or range of Addresses, tunneling, encryption, and header scrambling can not be used to get around your controls. The customer/user has no choice but to use their assigned address, so you can always identify their traffic, and can manage the volume of their traffic as a single, simple, easily manageable entity. The most productive and profitable way for service providers to generate revenue streams is to sell raw bandwidth with the highest possible efficiency. When service providers start trying to micro-manage user’s traffic they are just opening up a Pandora’s Box of problems. Large service providers can not recruit enough talent to manage these services, educate customers and deal with customers whose expectations are well beyond what the service provider can deliver. Selling raw, tiered service allows service providers to streamline their operations and to minimize the interaction with day-to-day issues with customer problems. It allows them to have easy to understand services that are easy to provide with minimal staff. It pushes the responsibility of micro-management to the end user, where it is easier to do, and where dedicated staff becomes more cost effective. There are legal concerns about providers dictating what customers can do on the internet, and even if your controls pass the legal test, there is public outcry about providers claiming to sell raw internet access and then not allowing “certain” kinds of traffic to pass. Using a per-user approach makes your controls transparent, as there is no limitation on what a customer can do, as long as they do not exceed their fair share of bandwidth. The conclusion is that while Deep Packet Inspection presentations include nifty graphs and seemingly exciting possibilities; it is only effective in streamlining small, very predictable networks. The basic concept is fundamentally flawed. The problem with large networks is not that bandwidth needs to be shifted from “bad” protocols to “good” protocols. The problem is volume. Volume must be managed in a way that maintains the strategic goals of the network administration. Almost always this can be achieved with a macro approach of allocating a fair share to each entity that uses the network. Any attempt to micro-manage large networks usually makes them worse; or at least simply results in shifting bottlenecks from [...]
