Network Switch

youssef edward asked:




When building a network, some considerations must be taken from the point of view of availability. In the context of networks, availability means that the network must be operable during the whole day regardless of failures. Thus, some techniques must be taken to make the network available all the time.

In order to develop redundant network one must consider the possible failures that must occur during the network operation. These failures are categorized into two types: link failure and network device failures. In link failures, one cable connecting two computers or two any two devices such as routers or switches can be disconnected and make some of the network or all of it to be down. On the other end, device failure means that the network device itself is down which could be router, switch, or a hub.

First let us find how to overcome link failures. The solution in link failures is simpler than device failure because all we need to do is to provide multiple links between devices such that when a link is down, other link takes its role. This is simple of course but can lead to problems. This is because when there are more one link connecting the devices the data will find multiple links and the switch will forward the data to multiple links and the receiving end will receive the data more than one time. In addition, looping can occur because the data will be forwarded across the links forever. This will occur because there is more than one path to the destination and because the switch or the hub forwards the data to all ports.

The solution to looping is to use some protocols that block some ports on the switch and open others so that only one path is existed to the destination. This is achieved by what is called spanning tee protocol, which is available on Cisco switches. Notice that the concept of looping and STP are applied only to devices connected through a LAN and not to routers.

Second let us see the other type of failure which is device failure. This type occurs when a network device fails and thus is unable to forward the packets. The failure here can have a big impact on the network if it occurs in the core layer of the network which connects the whole network together. Therefore the solution is suggested to be applied at the core layer where two network devices are connected to the network to forward the data, one is the primary and the other is the secondary If one device fails, the secondary becomes available.

The above technique is configured on the router or the switch depending on what is used. Some protocols are developed to accomplish this function and are available on Cisco devices. When implementing it, one must connect the device at the core which must be redundant to the proper ports of other devices and connect similar device to the rest of the network in the same manner the primary device is connected. If the primary fails, this secondary takes it role

wuwu asked:


Expanding network of channels to open up the domestic market

Increasingly fierce competition in the industry, forcing companies to open up new avenues through sales of new models and new channels. Network Marketing has become a business now generally accepted new marketing: online marketing investment is relatively low returns significantly, to transmit information fast and rich, low cost service, the user first before purchasing on the website for regular information on the enterprise network to expand sales channels raise brand awareness of effective ways.

Traditional hardware companies have the advantage of opening up the network channel

Hardware industry covers a very broad, and some things for online sales, something relatively simple, relatively speaking, technology is not particularly complicated, not difficult to understand something more suitable for online sales, such as screwdrivers, wrenches, rail, etc.. A better understanding of other people, more mature things, through online publicity can be more intuitive acceptance.

Traditional enterprises to develop Internet sales channels, both with integrated class or professional Online Shopping Mall, you can also build their own network marketing system to operate independently. Whatever the model, the traditional e-commerce business development, sales channels to open up the network, due under the original cable business, brand, channel, customer and so many resources, support, more likely to succeed. In terms of price, the traditional wireline business under the business support, supply chain management, warehousing and distribution system, and relatively complete, and that these resources are established, give full play to these strengths later, for many online shoppers to provide efficient low-cost logistics and distribution services. Brand and customer groups, traditional enterprises engaged in industrial operations, from fund size, brand integrity, social awareness has inherent advantages. When the traditional business into e-commerce, their access to promotion and *********** of the original brand support, there is a certain customer base, easier to break through barriers to the integrity and promote access to high-speed development.

Traditional hardware companies to develop the network channel strategy

Establish a correct concept of the Internet

Improve your business start to change your thinking started. According to the survey, some hardware companies that the network is no different channels and traditional channels, to a certain extent, on the Internet with mistrust. The reason why small and medium enterprises from network marketing, simply because there is no actual benefit received from the network marketing. Companies should re-establish the understanding of the Internet, the Internet should have the right attitude, can not be blindly respected, one can not always negative. The Internet is your business whether it is useful to target groups under the circumstances to determine your target customer groups, the Internet know more and more, the value of the Internet for your business bigger.

Development of effective online marketing plan effectiveness monitoring

Development of a scientific network marketing plan network marketing activities of the smooth development of the important integral part of the experience of the lack of the majority of network marketing personnel Zaizuo marketing blind, and lack of planning O’clock Xiande overall logistics Bawo, resulting in many enterprises in Network Marketing take a lot of detours when the end would not be able to achieve the desired goal, it needs detailed in this piece to understand the current company and industry development and internet marketing means, please professional network marketing company to feel the pulse of the enterprise. In the course of online marketing activities to master the implementation, effective monitoring and regular analysis of results, timely adjustments based on actual data.

Establish clear objectives online marketing

Network marketing activities must have clear goals, how much direct economic benefits, increase the number of corporate exposure, or to promote customer service quality, etc., can not be made even what kind of, so will only make you work more ineffective. To set realistic goals, can not say that just started like a month, making hundreds of millions, based on the product and target customer groups, in making its decision.

Current hardware for network marketing companies the emphasis is not high, and even some SMEs little knowledge of network marketing, it is the network Shi Dai, use network marketing Keyifangbian fast, saving time, products of Xuan Chuan efforts Jia Da, Rang Quanguogedi of detailed understanding of customer products can be. The development of new products, new things, start time is difficult. Consumers always want to find not only affordable but also convenient to buy the product, the network can be combined with this. For the hardware industry, this kind of consumer market is still groping in the early stages of development, the direction of the future is certainly big.

Bruce Geng asked:




Internet can be a benefit to business when used properly, but internet is often abused by employees and poses significant liability and security risks. In today’s internet, P2P programs and IPTV applications can easily consume most of your bandwidth.

Therefore, monitoring of internet activity and monitoring of bandwidth usage is important to keep your business efficient.

This tutorial will guide you to how to monitor internet activities and usage of employees on company network.

How to monitor internet activities on network?

You can not monitor other computers internet usage in a network unless you have access to their network traffic.

There have two ways to see other computers internet traffic:

1. Configure a mirroring port(SPAN) in your switch.

2. Do monitoring in the gateway or proxy.

If you have a computer as the gateway or proxy server, you just need to install internet monitoring software in the server to do monitoring. 

Since many networks are using a router as the gateway, using a port mirroring switch is a good choice. Port mirroring allows you to configure a switch port to receive packets of other switch ports. Setting up a mirror port does no change to your network topology, and it will not affect your network speed.  A broadcasted hub can also help you to do monitoring, however, broadcasted hubs can only work in 10M bit mode, and it is not so stable. Therefore I recommend you not to use a broadcasted hub to do monitoring.

Read this example for details to setup port mirroring: Deploy internet monitoring using a port mirror switch .

How to monitor internet connections on network?

Once you’ve setup the span port, you can easily monitor internet connections using an internet monitoring program.

Here let’s take “WFilter Enterprise” as an example:

Monitor all internet connections on network

Use WFilter’s “Active Connections” feature, you can have a clear view of all connections in your network.



Monitor internet connections of a computer

Connections of a particular computer, you can kill established connections if you want.



How to monitor employees internet activity?

In “Online computers” of WFilter, click numbers under each title to view detailed records.

Stuart Michael M asked:




Most of us remain ignorant over how a computer works. We simply just turn on the computer and connect to the internet to access various websites. However, have you ever wondered how we can log on to the internet?

Basically, you are connected by a computer network which is divided into two major categories. They are the client/server network and peer-to-peer network. In the client/server network, there is a computer which plays the major role known as server whereby all the files, data in the form of web pages, documents or spread sheets files, videos, database and resources are kept. Other computers which get information and data from the server are therefore known as client. Hence the term client/server network whereas in the peer-to-peer network, all the computers play equal roles because no computer act as the centralized server.

In a computer network, there is something called a network topology which describes the structure or layout of a network. Some of the network topologies are described as the star, bus, ring and mesh structure. For example in the star topology, all the computers in the network are connected by a centralized device such as hub or switch which form a ‘star structure.’ However if one of the hubs fails to function, then the computers within the network will lose their connectivity and communication.

Using the same principle of language as a form of communication, computers too have their communication language known as protocol. For example, a form of protocol is known as the TCP/IP protocol which is also the most commonly used protocol and it consists of a few protocols. The data flow is regulated by seven logical layers called the OSI layers. They are the Application layer, Presentation layer, Session layer, Transport layer, Network layer, Data Link layer and Physical layer. The Data Link layer is unique because it can be divided into sub-categories which are the Media access control sub-layer and logical link sub-layer.

Bharat Book Bureau asked:




Core network power reduction will take holistic change

 

 For our second annual network power research project, we delved into near-term improvements that can be made at the sub–network element (NE), NE, and network (super-NE) level. ( http://www.bharatbook.com/detail.asp?id=141603&rt=Core-network-power-reduction-will-take-holistic-change.html )

 

 Our initial network modeling, which focused on reducing power through more efficient gear and limiting IP transit traffic in the core, shows that power savings up to perhaps 50% of the present method of operation (PMO) are possible through architectural changes that are straightforward but still challenging to implement. Industry convergence on an “Energy Star”–like power metric and improvements in sub-wavelength grooming efficiency are critical. However, ultimately, just keeping power consumption flat given traffic growth projections will require more radical approaches.

 

 Key chapters :

 

 Executive summary

 In a nutshell

 Power metrics and claims are hard to verify and compare

 Three levels of reduction are needed in infrastructure

 Still early days for changing architecture to save power

 Significant power reduction in the face of bandwidth growth will require radical change and vision

 Overview and background

 Phase I findings

 Phase II goals

 Who cares?

 Modeling and survey highlights

 Our modeling choice

 Power consumption is a function of the whole network

 Good comparative network element power data is still much too hard to obtain

 The difficulty of validating power reduction claims

 Comparison/contrast of power consumption across product classes/network layers

 Comparison of power consumption within a product class/network layer

 Comparison of IP router power consumption

 Comparison of long-haul/multi-reach backbone DWDM network element power consumption

 Comparison of metro/regional WDM network element power consumption

 What about converged packet-optical (CPO) hub products?

 Network-level software: assessing its impact

 Baseline architecture

 Introduction and explanation of baseline architecture model and the present method of operation (PMO)

 Opportunities/challenges related to the PMO

 Alternative approaches to the PMO

 Alternative one: newer-vintage network elements, but no major architecture changes

 Alternative two: adopt a more aggressive architecture change

 Adopt an IP router bypass architecture for transit traffic, leveraging integrated packet-optical capabilities

 Network power consumption modeling results

 True improvements in network power use will come through changes in topology and architecture

 Other architectural approaches not modeled by Ovum

 Ciena’s modeling of a subwavelength switching layer

 Implications of the “muxponder tax” modeled by Infinera

 Organic networks and Juniper’s modeling of router virtualization

 IPoWDM

 Holistic packet-optical approaches: Alcatel-Lucent’s CBT and Huawei’s IPTime

 Qualitative survey results

 Progress over the past year is clear, but much more needed

 Gathering and using real-time NE data is still rudimentary

 Relative importance of power as a product spec and selling point

 What technologies and techniques did vendors list as critical to lowering power?

 Impacts of packet-optical integration in the core

 Special features and capabilities different vendors bring

 Changes vendors are making to their products now to improve power stats

 Future directions in product development

 Importance of a separate switching layer?

 Looking ahead: speculative architecture(s) and other more radical approaches

 More drastic changes needed: traffic growth set to outrun incremental power improvements

 Initial thoughts

 ”Clean slate” versus evolving networks and other challenges

 Green Touch’s 1,000-fold target

 Technologies further out, possible next steps in Ovum’s research

 

 To know more and to buy a copy of your report feel free to visit : http://www.bharatbook.com/detail.asp?id=141603&rt=Core-network-power-reduction-will-take-holistic-change.html 

 

 Or

 

 Contact us at :

 

 Bharat Book Bureau

 Tel: +91 22 27578668

 Fax: +91 22 27579131

 Email: info@bharatbook.com

 Website: www.bharatbook.com

 Follow us on twitter: http://twitter.com/3bbharatbook

Jesse Miller asked:




The key component that is required by every computer or other device that will be connected to the network is a Network Interface Card (NIC) or network adapter. NICs come in a variety of shapes and sizes, designed to connect desktop computers, laptops, PDAs or other devices to the network. The terms network adapter interface card or NIC are all synonymous.

If you want to avoid getting the screwdriver out, you can also get a NIC that plugs into a USB port on your desktop computer. Features which should be carefully evaluated while selecting PCI adapters are Wake on LAN, Flow control, Full duplex Data Transfer, 10/100 Base-T. Wake up LAN allows a computer hosting shared resources such as printer to be awakened from sleep mode by a signal sent from another computer in the network.

Flow control allows data transmission to be paused if high traffic on a network switch causing the data buffer to fill up. Full duplex data transfer allows data transmission and reception at the same time, speeding-up high bandwidth applications like network games. 10/100 Base-T supports fast Ethernet data transfer at 100 Mbps as well as standard Ethernet at 10Mbps.

Network topology relates to the geometry of the device interconnections in your network. There are two main network topologies that are relevant for home or small office networking topologies that are relevant for home or small office networking, bus and star, and a number of others that are used in large scale corporate networks.

In a bus topologies all networked devices are connected to a single interconnecting medium called the Bus. This topology has the advantages of cheapness and simplicity. No additional hardware is required beyond network adapters in each device and installation requires a single cable lay to each device location.

In a bus network the available bandwidth is shared by all devices. When one computer is transmitting data all the others have to wait their turn. The Universal Serial Bus (USB) connections which are included on virtually all computers manufactured today are often over looked as a means of achieving a simple networking or an internetworking capability.

Quick Note: Taking the Nonsense out of looking for the right spyware remover

If you really want to take the work out of looking for that right Spyware Protection from a Spybot go to the Internet and get a Free Spybot or a Free Spybot Search and Destroy

Download, In order to prevent your vital information from being ripped from your computer get your Spybot Remover Today.

In a star topology each device is connected through a dedicated cable to a central point, where an additional network device called a hub or switch is located. The hub or switch controls the flow of data packets from one device to another across the network.

Thomas Pretty asked:




Heathrow airport began its life as a small military airfield during the First World War, after this original period it never saw active service as an RAF airport and can trace its heritage almost solely as a commercial airport.

Strangely the layout has found itself limited by the centrally located terminals, due to the fact that airport planners originally thought passengers would be arriving in chauffeur driven cars. The subsequent large public car parks have placed a strain upon use of space making car hire a brilliant way to get to and from the airport.

Having such brilliant transport links car hire from Heathrow airport is the ideal way to enter the country. Being one of the busiest airports in the world, and the busiest airport in terms of international travellers, the airport is in a perpetual state of bustle with all manner of peoples passing through the terminals daily. With flights to almost anywhere in the world it is the major hub airport of Britain with many UK airports offering link flights for destinations further a field.

Heathrow Airport like many airports today is a commercial centre that is filled with shops and restaurants as well as travel related industries such as car hire companies. Heathrow can be seen as a major employer in the area providing jobs for not only those in the local area but many commuters from London. Its proximity to London makes life easy for commuters with a direct rail link into the city.

Heathrow Airport actually lies inside the M25 and has brilliant links onto the London ring road. From Heathrow the use of a hire car can take you to anywhere in the country. The M25 acting as a gateway to the West Country, East Anglia the Southern coast and the North. With so many trunk roads branching out from the M25 it is truly the hub of the British road network and makes use of a hire car simple and efficient.

Heathrow is currently building a large new terminal christened somewhat boringly as Terminal 5. It is set to open in March 2008 and will have the usual accompanying travel links as car hire desks, bus stops and its own train station. Predominantly, the eventual aim is for the terminal to house the majority of British Airways flights, ultimately making the terminal solely BA focussed.

The terminal is expected to cost the princely sum of 4.2 billion pounds but airport bosses will be clinging to the hope that it comes in under budget and on schedule. The new terminal will also have to cater for the gargantuan Airbus A380 with special concourses and docking facilities.

One thing is certain; with a host of businesses in fields such as retail, hospitality and car hire the chances for profit will be immense. Even the world renowned shops Cartier and Harrods are looking into creating outlets in the terminal to provide premier shopping for more privileged passengers.

The future of Heathrow Airport is not completely sparkling though; it is believed that the two operating runways are currently running at ninety eight percent capacity meaning even with the new Terminal, flight slots will still be in high demand.

Its mantle as the airport with the most international passengers is believed to be surpassed by France’s Charles De Gaulle Airport by the year 2010, as it is only currently operating at seventy four percent capacity. Of course the new generation of larger airplanes will ease the strain but Heathrow must still consider another runway if they hope to remain as profitable.

Jeremy Whittaker asked:




As most know Exchange 2010 is the latest version of Microsoft’s email server.  I wanted to write a short description of the software and outline its features. 

Like its predecessor Exchange 2010 requires that you run it on an x64 platform.  32-bit processing is surely but slowly becoming a thing of the past.  In 2010 however you must also be running Windows 2008 SP2 or 2008 R2.  One of the major decisions you’ll have to make is whether to select the standard or enterprise edition.  This basically boils down to how many stores you need.  Standard supports 5 stores per server as to where Enterprise you can do 50+.   As far as the client side CAL’s are concerned you must purchase the 2008 enterprise CAL’s if you wish to do unified messaging.  There is not however a limitation in the software.  It is simply a licensing issue.  Which means you’ll still have the ability to access unified messaging but it will not be licensed correctly.   Another feature Microsoft has decided to keep is the JET EDB database.  It has been rumored in the past that Microsoft would start using SQL server to house the Exchange database.  This is not the case. 

If you ever worked with recovery storage groups in Exchange 2003 or 2007 you will no longer find those in 2010.  As well you will not be able to find routing groups.  All of the Exchange 2010’s routing is done through active directory sites and services.  So you must make sure that you have properly configured your sites before moving forward with Exchange.  It is essential to Exchange 2010 functioning properly.  As with Exchange 2007 Microsoft still is trying to deemphasize public folders.  Their goal is to eventually replace these with their Sharepoint product. 

Another major feature of Exchange 2007 and 2010 is their ability to reject email at the gateway.  The Edge transport server allows you to configure ADAM and active directory lightweight services to query AD.  This allows you to get a list of valid email address and push them out to the border of your network.  If the edge server detects that someone is trying to send email to the inside of your organization and the user does not exist it is dropped immediately.  This saves on memory and processing power internally so that you don’t have to deal with spam. 

Additionally with Exchange 2007 and 2010 you get the ability to create UNC direct file access paths.  This way in OWA when a user needs a file on a network share they can grab it without needing a cumbersome VPN client.  Outlook anywhere also remains widely the same in 2007 and 2010.  It basically encapsulates your RPC packets into https packets.  This allows you to traverse your firewall without opening any additional ports.  Therefore giving users access to their email from Outlook wherever they may travel. 

One of the greatest new features of Exchange 2010 in my opinion is database availability groups or DAG.  This is essentially the same thing as CCR in Exchange 2007.  Anyone who has tried to configure CCR, LCR, or SCR in Exchange 2007 knows that it can be quite the process.  Microsoft simplified this with DAG’s in 2010.  It allows you to keep 16 copies of a users mailbox for redundancy and disaster recovery.  It does this through a process called log shipping.  Where 1MB files are created and then played into the database.  This allows you to keep a backup of your server at another physical location for disaster recovery or have two Exchange servers running next to each other.

Another nice feature in 2010 is the fact that the client access server or CAS redirects your client to their database server that houses their mailbox.  You no longer need to specify the location of your server in Outlook.  The CAS parses AD and redirects them automatically.  Therefore there is no hard coding.  This makes the transition for failover a lot easier. 

As most of you know who have used Exchange 2007 the GUI is simply a front end to Microsofts command line utility called EMS or Exchange Mangement Shell.  Anything you do in the GUI is converted to a command and executed against your server.  I would personally say you have about 90% functionality in the GUI as opposed to EMS.  However, EMS definitely makes the process a lot easier if you need to apply a setting to multiple objects at the same time. 

As with Exchange 2007 you still have the same five roles edge transport, hub transport, client access server, mailbox, and unified messaging.  Inside of these five roles only the edge transport server must be installed separately from the rest of the servers.  Everything else can be ran on one box.  Although this is not recommend for performance reasons.  The reason why the edge server is standalone is it was meant to sit in your DMZ or on the border of your network.  Absorbing the hits so your internal servers are not affected.  It has features such as safelist aggregation where Outlook client rules are brough outside to it so that it can apply those rules before the message ever enters your internal network. 

The hub server still is the same as Exchange 2007 it routes your messages internally and holds compliancy rules.  You can also run a command against it to install antispam featureset.  This way if you don’t have an edge transport server you can use it to receive outside mail directly.  Although this is not recommended by Microsoft.

The CAS server or client access server is meant to interface with your internal and external clients.  As stated before it automatically redirects your Outlook clients so that you don’t need to hardcode their mailbox server.  It also accepts connections from smart phones, OWA, etc.  It is basically your clients interface to your Exchange infrastructure.

If you wish to monitor your Exchange 2010 infrastructure Microsoft has made a plugin for their SCOM or system center operations manager.  This is Microsoft’s MOM replacement that allows you to montior your servers.

In Exchange 2010 you will no longer see SCR, LCR, or CCR.  They have been superceded by DAG or database availability groups.  This makes configuring database replication a lot smoother.  DAG’s also allow for your data to reside across multiple servers.  You can also have multiple DAG’s.   This is a great feature because if half of your users are in one DAG group and it goes down the other half are not even affected.  Other benefits are reduced restore time since you’re not restoring all of your users’ data only the ones in that DAG.  You can also have separate exchange policies for different DAG’s.  So if your management is in one and your regular users are in another you can change the rules that apply to them.  This is a great way to mitigate risk by distributing your load. 

As far as the enterprise and standard software go they are both installed from the same media.  It is just different license keys that you input that determine what version you are installing.  It is also upgradable.  You can go from trial to standard to enterprise.  However, you cannot downgrade backwards from enterprise to standard or standard to trial. 

In order to install Exchange 2010 your domain and forest functional level must be at 2003.  Also each site which contains Exchange 2010 must also contain a 2003SP2 domain controller or 2008 domain controller.  We recommend you have your domain running 2008R2 domain controllers however. 

Exchange still uses EAS or exchange active sync for mobile devices.  This way your contacts, calendar, email, etc. are all tightly integrated with your Windows mobile devices.

One common misconception that people have is Exchange enterprise must be installed on server enterprise software.  Or that server enterprise software cannot have Exchange standard installed on it.  Both of these are fallacies. 

When you begin your Exchange installation you should give serious consideration to how you configure your arrays.  Exchange is a very read/write intensive application.  Therefore you should separate your OS, log files, and database all on separate arrays.  If this is not possible it is then recommended that you at least put yoru OS and log files on one array and your database files on another.  The reason for this is simple.  The log files are write intensive and the database files are read intensive.  Separate these two out can speed up your disk I/O.

Memory requirements in Exchange 2010 have pretty much gone unchanged.  Start your server with 2GB of memory and then 5MB for every mailbox user.  I would also personally recommend to have a minimum of 4GB.  Memory is cheap enough these days that the benefit of having more of it outway the cost.

Although the databases in Exchange can grow very large we do not recommend that you go over 100GB.  This can become cumbersome to work with and decrease performance on your server.

If you wish to remotely manage your Exchange server you can install the management tools.  They will install on Vista SP2 and higher or server 2008 SP2 or higher.  This way you do not have to remotely login to your Exchange server to make all of your changes.

As far as your site layout goes you should also plan on having a global catalog server in every location that contains a mailbox server.  This is recommended by Microsoft and will reduce WAN traffic. 

Exchange has also setup a new permissions setup which they refer to as RBAC or role based access control.  From this you get 5 roles to manage your exchange infrastructure.  They are Organization management, view only organization management, recipient management, records management, and GAL synchronization management.

Another thing you should consider before installing Exchange 2010 is to make sure your domain is setup properly.  You can use tools such as NETDIAG and DCDIAG to verify this.  In order to install Exchange 2010 you’re going to need to be a member of domain admins, enterprise admins, and schema admins.  You will also want to add connect.microsoft.com and download.microsoft.com to your trusted sites list in IE.  Other pieces of software that must be installed are .NET 3.5, Windows remote management 2.0, powershell v2, 2007 office converter microsoft filter packs.  If you are installing the mailbox role you must also have AD services remote management tools.

Before starting the install you must prepare your schema by running setup /ps if it fails delete the contents of c:\windows\temp, copy the files from your CD to yoru hard drive and rerun setup /ps.  You must then run setup /prepareAD /OrganizationName:MyCompany where “MyCompany” can be replaced by your organization name.

You must then prepare the prerequisites by running the following commands.

ServerManagerCMD -install RSAT-ADDS ServerManagerCMD -install Web-Server ServerManagerCMD -install Web-ISAPI-Ext ServerManagerCMD -install Web-Metabase ServerManagerCMD -install Web-Lgcy-Mgmt-Console ServerManagerCMD -install Web-Basic-Auth ServerManagerCMD -install Web-Digest-Auth ServerManagerCMD -install Web-Windows-Auth ServerManagerCMD -install Web-Dyn-Compression ServerManagerCMD -install Net-http-Activation ServerManagerCMD -install RPC-over-http-Proxy

Once this is complete reboot your server.  You are now ready to run Setup.com /mode:install /roles:H,C,M the H,C,M install hub cas and mailbox roles.

Once your install is complete run the Exchange BPA or best practice analyzer.

In order to install the Edge server you’ll want to make sure you’re running 2008 standard with SP2.  You’ll need .NET 3.5, remote management 2.0, powershell v2, AD LDS (can be installed via servermanagerCMD -i ADLDS).  For the edge server to work in a DMZ you’ll need to open ports 50389-50636.  Then run new-EdgeSubscription -filename “c:\temp\EdgeSubscriptionInfo.xml”  Copy that generated file to your hub server you can import it in the GUI and run start-edgeSubscription from EMS.  You can test this once it is imported to verify it is working properly by using test-EdgeSubscription from EMS.

I would personally recommend using a RBL provider to stop spam from entering your organization.  One example of this is SpamHaus.  This queries the connecting server to a black list of IP’s and blocks communcation if it is found on the list.  This one feature can drastically cut down on spam.

Another item you have to address is purchasing a SAN certificate for your Exchange server.  Exchange has moved to a secure by default mentality.  You will find connecting to OWA or using activesync become very painful if you try to issue your own SSL certificates.

Another security improvement in Exchange 2007 and 2010 is that all intracommunication is secure and encrypted.  TLS is used for all server to server communication internally.  RPC is used for your Outlook clients to communicate with your servers.  SSL is configured for all external client communication including, OWA, activesync, etc.

Opportunistic TLS is a new feature where your Exchange server will no long try to send via SMTP by default.  It will first send a STARTTLS command to use TLS to encrypt external SMTP communication with other servers.  If the other server however does not support this it will revert to unsecure communications.

Still included in Exchange 2010 is the ability to use a journaling mailbox to track all of your emails.  This is required by some organizations.  Keep in mind that this feature can increase your processor and memory usage by 25%.  So you should make sure your server has plenty of resources before turning on this feature. 

One of the requirements as previously stated is that Exchange 2010 must be running active directory 2003.  Even though 2008 is recommended if you are running Cisco Unified Messaging 4.2(1) or lower it is NOT compatible with active directory 2008. 

When you upgrade your active directory infrastructure it is recommended that you create a virtual machine using Microsoft Hyper-v or Vmware.  Make the virtual machine an additional domain controller and make it a global catalog.  This way if your upgrade takes  turn for the worst you have data that is intact if you have to downgrade.  Do not forget to unplug it from the network before doing the upgrade.  If you need to revert back you can use NTDSUTIL to seize the roles.

If for whatever reason you need to create a scratch installation of a domain you can always use the ADMT utility to move users, groups, computers, service accounts, and trusts.

To migrate from 2003 Exchange to 2010 the overview is as follows.  First you must be running Exchange 2003 with service pack 2.  Your active directory domain and forest functional levels must be 2003 and at least one global catalog has to be 2003 server with SP2.  Instal AD LDIFDE tools on 2008 to upgrade your schema.  Upgrade your Exchange Schema.  Transfer OWA, activesync, and Outlook anywhere to the CAS server.  Install/upgrade hub server.  Transfer the mail flow to the hub transport server.  Install mailbox servers and DAG if required.  Move your public folder replicas using pfmigrat.wsf or PFRecursive.PS1.  Move your mailboxes.  Rehome OAB.  Rehome public folder heirarchy.  Transfer public folder replicas.  Delete 2003 public and private stores.  Delete routing group connectors.  Delete RUS using ADSIEdit.  Uninstall Exchange 2003.

To migrate from 2007 Exchange to 2010 the process is a little less.  Make sure your Exchange 2007 server is running SP2.  Make sure your domain and forest is at 2003 functional level.  Global catalog server is at 2003 SP2.  Use AD LDIFDE tools to upgrade your schema.  Prepare schema.  CAS server.  Transfer OWA.  Install hub transport.  Transfer mail to hub transport.  Use AddReplicatoPFRecursive.Ps1 to move your public folder replications.  Move your mailboxes.  Rehome OAB.  Transfer public folder replica.  Delete public and private stores.  Uninstall Exchange 2007.

With Exchange 2010 or 2007 you want to make your co-existance time as small as possible.  The longer you intermingle different versions the more problems you are asking for.

If you are running Exchange 5.5 unfortunately there is no direct upgrade at this point.  You must first upgrade to Exchange 2003 SP2 then to 2010.  As far as Lotus Notes, Novell Groupwise, or Senmail goes the recommend path is to install a clean environment and then work on importing your data using tools.  There is no upgrade path.

Database Availability Groups or DAG’s are a very important new feature of Exchange 2010.  It gives you the ability to maintain 16 copies of users’ mailboxes.  You can also set different databases to failover to different servers and specify in what priority.  The requirements for DAG are Windows Server 2008 enterprise, two nics in your mailboxes servers, Exchange 2010 Enterprise, a file share witness.  We recommend you put this on your hub transport server.  But technically it can be on any file server.  It is very easy to setup as you create a share and then Exchange manages and handles the permissions.

Steps to create a DAG, Add members, and verify the DAG

New-DatabaseAvailabilityGroup -Name ExchangeDAG -WitnessServer ExchangeHT -WitnessDirectory “c:\FSW” -DatabaseAvailabilityGroupIPAddresses 172.16.4.5 –Verbose

Add-DatabaseAvailabilityGroupServer -Identity ExchangeDAG -MailboxServer ExchangeMB -Verbose

Add-DatabaseAvailabilityGroupServer -Identity ExchangeDAG -MailboxServer ExchangeMB2 -Verbose

Get-DatabaseAvailabilityGroup -Identity ExchangeDAG -Status

To see your network settings run

Get-DatabaseAvailabilityGroupNetwork -identity ExchangeDAG

We can then add database copies by doing the following

Add-MailboxDatabaseCopy -Identity ExchangeMB -MailboxServer ExchangeMB2

Then check the status

Get-MailboxDatabaseCopyStatus

To test the health

Test-ReplicationHealth

Exchange 2010 consulting

 

 

 

 

Arun Gupta asked:




As the Indian market matures and diversifies, a new breed on numerous qualified specialist players has emerged. Most organizations are resorting to the Global Delivery Network Model to trim down costs, accelerate growth, and gain access to qualified human resources. In the past couple of years, this industry has shown tremendous growth. A robust demand from customers, and companies are focused on delivering best-in-class solutions to their global customers. Deep industry and business process knowledge, a partnership approach, comprehensive service offering, and a proven track record enable BPOs to deliver business value to leading companies in the world.

From a bilateral offshoring model, companies are moving towards evaluating different attributes of a location, depending on what their IT and business needs are. For some firms, the need is to cut costs, while for others it is to transform their business. Organizations are thinking carefully about which countries they should source from. Some who always chase low costs may opt for Vietnam. At the other end of the spectrum, some may opt for Canada, which doesn’t offer a very big cost incentive but is attractive in the context of the skills maturity it offers in terms of the legal system, political and economic environment, language skills and other factors. The change in the environment is significant.

One has to be present in a country for a long time to be able to understand the market dynamics, be able to leverage the domain expertise and communicate at all levels of an organisation. Some of the top Indian companies like Satyam have already established their base in quite a few countries. They are locating in university towns and bringing in good graduates to develop delivery capability within the buyer’s own market. The software delivery model is moving from an offshore model to a Global Delivery Network Model since IT has the ability to dynamically allocate resources between different global delivery locations. A journey, that both the multinationals and top Indian firms have started and are approaching from different directions but which neither have completed. In such a Global Delivery Network Model, the front-end or the sales end, will be as important as the backend or the delivery end. It’s not just about delivering the right types of skills in the right volume. It is about having the right volume of skills and the right skills mix in the right place at the right time and the right price.

Alan Johnson asked:


So what is a network?

A network supports the interconnection of many devices and a protocol for ensuring they can communicate with one another in the most effective way.  The best way to understand how networks work is to visualise each element of the network as a layer, one on top of another.  The conceptual model that describes this layered model is known as the OSI Reference Model, which has seven layers.  All Network professionals use this in their day to day design and engineering work.

For our purposes we can simplify it into three layers, going from the bottom up there is:

The Physical layer – the cable between machines (typically called 100BaseT, uses four pairs), the card in the back of your machine (802.3 Ethernet NIC) or Wireless Networking adapter (802.11n etc) etc. Includes the Internet protocol (TCP/IP), gaming and file transfer based protocols (such as UDP), and VPN networking from home to your office (PPTP or IPSec) And the Session, Presentation and Application Layers – file sharing and database access in the office (NetBIOS, Named Pipes, NFS), Internet browsing (HTTP, DNS), eMail (MIME, SMTP, POP3) and securing Internet banking or shopping (SSL/TLS)

Breaking it out into layers like this helps us understand when we buy software or hardware which layer(s) it works at and therefore what it can provide for us.  Is it providing connectivity, access to another Wide Area Network (WAN, i.e. for the Internet), security or access to my own Local Area Network (LAN, i.e. for access to a printer).  It’s extremely useful when diagnosing problems with networks.

Network Addressing

In order to send a letter to your friend in the next town, or a country on the other side of the world the postal system requires an address which hones down through the address layers from country to house number to narrow down exactly where your friend lives and which post box the postman should drop the letter in.  Digital Networks work in a similar way only rather than moving mail around they move digital data packets.

MAC addresses - The Media Access Control address identifies a single piece of hardware on the physical network and is a scheme with a long number designed to be globally unique.  It’s set in the hardware at the point of manufacture.  An example of a MAC address is 1A-2F-1D-9C-7A-3C (Layer 2).

IP address – The Internet Protocol address uniquely identifies all network interfaces that are typically endpoints on the Internet, or your own local IP based network (in an office).  Within the local or global (Internet) address space the IP address must be unique, otherwise the IP routing protocol won’t know where to send the packet.  An IP address will be mapped across to a physical MAC address as described above, the mapping is held in the routing tables of router hardware on the network.  A sample IP address is 192.168.0.1 (Layer 4).  Addresses are divided up into Class A, B and C each having a larger address space for larger organisations requirements.  Small offices and domestic addresses are almost always Class C and the 192.168.0.nnn network is reserved for anyone to use on any small private network.

DNS name (and server) – Domain Name Server based addresses are just names, with dots to designate levels of uniqueness.  We are all familiar with Internet domain names such as; www.cryopc.co.uk, the DNS name in this instance is the ‘cryopc’ element of the full address.  DNS servers store all these hostnames and the IP addresses they map to.

Network Security

Your home hub/router will usually have built in security features, including the following:

MAC identification – Using the MAC address of the hardware as a list of authorised hardware to access your network.  Its a good basic precaution but unfortunately a dedicated hacker can spoof a known MAC address and gain access if they really want to.  It just stops the opportunists.

WEP and WPA – Are the most widely available forms of wireless network encryption and security.  Without the WEP or WPA keys your wireless network is unusable to outsiders.  WEP is now considered quite weak as hackers have demonstrated ways of cracking it fairly quickly, and once cracked its no longer secure.  WPA is the more secure system as it is harder to ***** (has a much longer passphrase) and once cracked still only leaves a very small window of opportunity for exploitation as it derives a cipher for each packet that changes constantly.  It utilises TLS encryption just like the Internet checkout padlock.  Still the network is only ever as secure as the passphrase used to protect it, so pick an obscure one.

VPN, SSL/TLS and IPsec – Most of us don’t even know we are using these technologies but they all work in a similar way.  They use sophisticated and robust encryption to ensure private information sent over a public network is not visible to snoopers.  SSL/TLS is used most widely and you will recognise it as the checkout padlock, or encryption used when typing in credit card details when Internet shopping.

NAT – Network Address Translation isn’t really security at all but about economising on the rapidly diminishing availability of IPv4 addresses on the Internet, but it does shield your private network addresses from the outside by creating the impression to the internet that only a single address (your routers own public address) is accessing the Internet from your network.  This means ad hoc access to your local network from the outside is much more difficult without internal network devices initiating a connection first (and thereby establishing a NAT translation).

Typical network devices

Segment – a segment isn’t really a device it’s a single network cable potentially connected to multiple machines, but sometimes only a single machine.  It can be useful to think of it as a device in its own right as the cable itself imposes limits, resource demands and capabilities on the network.

Router – maps one address in one address space to another in another through routing tables and protocols stored on the device, usually in memory.

Hub / Switch – Most Hubs are known as switching hubs as each network port on the hub functions as its own segment of the LAN thus it’s able to utilise the full bandwidth of the link and not share it with everyone on the same LAN.

Firewall – Can be software or dedicated hardware based the latter widely being considered the best.  Windows has a built in firewall and most home hub/routers also have them preconfigured and built-in.  Firewall rules determine what traffic you want to let out, and into your network.  Usually they are preconfigured to let out only connections initiated internally (to prevent ad hoc attacks) and to let back in only traffic on certain known safe ports such as those commonly used for the Internet, http and ftp.  Games can sometimes have issues with firewalls as they will use other ad hoc ports.  You will need to create custom rules to get around this problem.

Wireless Access Point – Wireless networks are effectively airborne segments of network.  The access point serves as a point of access, and also secures the network as discussed in the above security section.

In a small network it often makes sense to combine many network devices into a single physical device.  That’s why most small office routers also have a Firewall, Hub and Wireless Access point built in.  However in a medium sized organisation or large enterprise single devices need to have more reliability, capacity and security and so tend to be dedicated devices to a single purpose.  A firewall for example can cost US$100 with a hub and router built-in or for a government departmental web site it could cost US$40,000 as a single appliance.

Benefits of different types of Network

Cable based networking – 802.3 Ethernet, which typically supports 100Mbit/s (CAT5 cable) or 1Gbit/s (CAT5e cable) speeds and higher if you are reasonably up to date.  Most network devices are backward compatible and will fallback to the speed of the slowest device in the network.  Cable is the best for reliability an speed.

Wireless Networking - It is defined by the standard 802.11a, b, g, and n (at Draft 2.0 stage at the time of writing this article).  Wireless offers flexibility, roaming, convenience but quality of reception can be very patch in large or complex buildings and this affects connectivity and connection speed.  In addition to the standards MIMO (Multiple-Input Multiple-Output) uses multiple antennas to increase signal strength and quality, increasing range and available bandwidth.

Broadband, ADSL and Cable – all use local telephony cable and fibre optic trunks to provide homes and small businesses with relatively high speed Internet access.  Each one uses a different technology standard for implementation and you must buy the correct router or modem.

Setting up your own home or small office network

Based on the information provided above you need to decide what you need.  If you are starting with nothing then a good quality 802.11n combination router/hub device is the best solution.  They are now more or less preconfigured out of the box and only require connecting to the Internet.  Access to mobile devices, laptops and desktops can be provided by the Wi-Fi support or for fixed desktop by network switch port and cable.

Don’t forget to enable the WPA security with a good mixed alphanumeric and non-alphanumeric passphrase.  For extra protection limit access to only device MAC addresses you know.

Troubleshooting my network

There are a number of low level tools that are very easy to use that help network engineers diagnose problems with your network.  It pays dividends to get familiar with them for yourself.  To use these tools in Windows run the command line interpreter cmd.exe (type in cmd after Start->Run), then simply type the command in.

ping – using a hostname or address it ‘bounces’ a network packet off the endpoint.  Rather like a submarine using sonar, hence the name ‘ping’.  It outputs status information to confirm whether it has been able to reach the endpoint or not and how long the roundtrip took.

ipconfig – reports all the network information for all of the network adapters on your PC including wireless, cable, MAC address (physical address), IP address, gateway address (router), subnet (class of address), hostnames, connection state etc.

tracert – reports the route through the network that a data packet will take to reach a host.  It can help provide indications of why a connection might be slow or not working by indicating where it gets stuck in the network.  Like ping it also reports time taken to travel the route.