Concepts

Firewall Administration for Sysadmins in Four Parts

I wrote a long blog post for Network Computing that ended up published in four parts. The topic was helping sysadmins understand what firewall appliances do, and therefore how best to ask for firewall assistance from those who manage them. Firewall Administration For Sysadmins: A Primer Firewall configurations can be astonishingly complex. Firewall administrators deserve …

Enterprise QoS Part 09 – A consistent QoS strategy: end-to-end packet walk – congested vs. non-congested.

If you’ve made it this far into the series, I have one simple point about QoS policy effectiveness that I want to bring home in this post before going through a couple of packet walks. The point is this. If an interface isn’t congested, your QoS policy dealing with congestion isn’t impacting traffic. Of course, …

Enterprise QoS Part 08 – A consistent QoS strategy: shaping to match downstream bandwidth while still prioritizing.

When dealing with the WAN, a common problem is that the actual available bandwidth of a circuit might different from the bandwidth of the physical circuit handoff. For example, a carrier might provide an enterprise with a gigabit Ethernet handoff, when in fact the connection is being throttled to 100Mbps downstream. A similar sort of problem appears …

Enterprise QoS Part 07 – A consistent QoS strategy: queueing collaboration applications at the WAN edge.

As traffic flows across an enterprise’s network, there often comes a point where some part of the infrastructure is not owned by the enterprise. For example, enterprises with offices spread across several different cities usually rely on a telecommunications provider to connect the offices together. The telecom provider will layer the enterprise’s traffic on top …