Jump to content

Trump Planning On Turning Internet Into Toll Road


Dr.Sack

Recommended Posts

I'm not replying to any of this until you convince me of 1 thing:

 

That you actually understand what a domain is.

Now that is incentive to not even try to explain it to you. So I won't.

 

Also, you might want to check the link I provided: from Cisco. I assure you there are no $50 routers there.

Cisco doesn't make consumer stuff.

 

I've gotten to know many Cisco, and F5, and Dell people over the years ...

Nobody cares who's lawns you mow.

Link to comment
Share on other sites

If you're using cisco routers, you're doing it WRONG.

 

PFSense for the win. Free and customizable software based on BSD.

 

Get with the program. :P

I do love me some PFSense :thumbsup:

 

However some orgs, including Federal IT, have security requirements specifying Cisco specific.

Link to comment
Share on other sites

 

Or probably moreso because Cisco wrote the security requirements for the federal government.

 

No, it simply comes down to image. A federal procurement manager buys Cisco, and it's hacked or goes down, and his bosses say "What the !@#$ is Cisco's problem?"

 

Same procurement manager acquires PFSense, and it's hacked or goes down, and his bosses say "What the !@#$ is wrong with you? Why didn't you buy Cisco?"

Link to comment
Share on other sites

 

No, it simply comes down to image. A federal procurement manager buys Cisco, and it's hacked or goes down, and his bosses say "What the !@#$ is Cisco's problem?"

 

Same procurement manager acquires PFSense, and it's hacked or goes down, and his bosses say "What the !@#$ is wrong with you? Why didn't you buy Cisco?"

 

So, Cisco is kinda like the Bose of routers?

Link to comment
Share on other sites

If you're using cisco routers, you're doing it WRONG.

 

PFSense for the win. Free and customizable software based on BSD.

 

Get with the program. :P

PFSense is a firewall/router. The router function is useful if don't have a layer 3 switch and "router on a stick" is your only option. For example, say you have 4 LAN segments which are almost always VLAN's (virtual LAN's) in your network.

 

LAN1 - 192.168.1.0/24

LAN2 -192.168.2.0/24

LAN3 -192.168.3.0/24

LAN4 -192.168.4.0/24

 

For a device on one LAN segment to communicate with any of the other LAN segments you need a router. To use PFSense as a router each LAN segment would have to have a port connected to the PFSense box. The individual connections would typically be 1Gb. This is called 'router on a stick'. If for example your servers are on LAN4 with heavy traffic from LAN1 and LAN2 trying to access the servers you have a 1Gb bottleneck getting to the servers from LAN1 and LAN2.

 

OTOH, with a layer 3 switch the switch does the routing. Separate LAN segments reside on the same switch as VLAN's. The switches back plane speed is in excess of the combined bandwidth of all the ports. A 48 port Gb switch back plane will be capable of routing at least 48 Gb/sec thus no bottleneck. The PFSense box would just be connected to a port on the switch and the only traffic going to the PFSense box would be Internet traffic.

 

On medium to large systems the firewall is not the router. Like it or not Cisco owns this part of the router market. In the high end firewall market I know Juniper Networks is one of the market leaders, I don't think Cisco is.

 

PS: An important feature that has emerged in recent years is Layer 7 (application) filtering which appears to be lacking on PFSense. The ability to easily block social networking sites or applications like Dropbox or Team Viewer has become increasingly important. The fact that I can pay a rather modest subscription fee for someone else to keep track of that constantly changing environment makes PFSense a non-starter for any corporate network I am going to work with.

Link to comment
Share on other sites

PFSense is a firewall/router.

PFSense can also serve as Proxy Server and NIPS

 

PS: An important feature that has emerged in recent years is Layer 7 (application) filtering which appears to be lacking on PFSense. The ability to easily block social networking sites or applications like Dropbox or Team Viewer has become increasingly important. The fact that I can pay a rather modest subscription fee for someone else to keep track of that constantly changing environment makes PFSense a non-starter for any corporate network I am going to work with.

https://doc.pfsense.org/index.php/SquidGuard_package

https://doc.pfsense.org/index.php/Setup_Snort_Package

Link to comment
Share on other sites

Those are fine if your time has no value or your employer doesn't mind you spending gobs of time chasing down moving targets. Or. I can pay a modest subscription fee that keeps track of those moving targets, keeps my appliance updated, and allows me to block a application or class of applications with a simple click on a check box for thousands of applications. Simple economics.

Link to comment
Share on other sites

Those are fine if your time has no value or your employer doesn't mind you spending gobs of time chasing down moving targets. Or. I can pay a modest subscription fee that keeps track of those moving targets, keeps my appliance updated, and allows me to block a application or class of applications with a simple click on a check box for thousands of applications. Simple economics.

Lets chalk this one up to differing philosophies on both politics and tech

 

I prefer to keep control and assume responsibility rather than than cede control to make it somebody else's responsibility

Link to comment
Share on other sites

  • 5 months later...

https://www.theverge.com/2017/7/21/16010766/verizon-netflix-throttling-statement-net-neutrality-title-ii

 

Verizon may be sneaking in throttling which.

comments secion is insightful.

 

 

Yesterday, we reported that Verizon Wireless appeared to be throttling Netflix traffic, — and today, the company seems to have come clean. In a statement provided to Ars Technica and The Verge, Verizon implicitly admitted to capping the traffic, blaming the issue on a temporary video optimization test.

“We've been doing network testing over the past few days to optimize the performance of video applications on our network," a Verizon Wireless spokesperson said. “The testing should be completed shortly. The customer video experience was not affected.”

This is a really weird statement, seemingly referring to something completely different from what customers actually experienced. What customers saw wasn’t optimization, but a clear cap, with tests from Netflix’s speed-test tool showing measurably lower rates than non-Netflix tests

 

i have a new galaxy s8+ and use the hotspot app to reach speeds above 20gig down and 15gig up all the time. faster than spectrum/time warner - but i steal that from neighbors.

Link to comment
Share on other sites

  • 2 years later...

Reposting here:

 

https://mobile.twitter.com/EpochTimes/status/1180179530700541955

 

In a legal win for the Trump admin, a federal appeals court upheld the @FCC's repeal of Obama-era so-called #NetNeutrality protections in a ruling that seemed to encourage states to impose their own regulatory schemes on the #internet

 

 

Edited by Buffalo_Gal
  • Thank you (+1) 2
Link to comment
Share on other sites

×
×
  • Create New...