Checks for SQLi, XSS and 4500 other web vulnerabilities.
Integrated Vulnerability Management to prioritize and manage vulnerabilities.
Monitors network and devices for health and performance.
Detects & fixes issues with intelligent alerts and inbuilt diagnostics tools.
VPN Services have become a necessity for users concerned about their online privacy and security. With literally hundreds of thousands of attacks daily, exploits and security vulnerabilities being discovered plus government agencies and ISPs monitoring user activity, the internet is no longer considered a safe place.
With the help of a VPN Service, users are able to hide their real IP address and online activities by connecting to a VPN server and passing all traffic through that server. This way, the internet only sees the IP address of the VPN server.
Today, extended VPN Services provide us with many different and useful capabilities. For example they can provide users with the ability to bypass geo-restrictions for streaming services such as Hulu and Netflix. They also offer increased security and identity protection for mobile devices such as iPhones, iPads, Laptops, Android smartphones, tablet devices etc. This makes finding and selecting the best VPN Service a difficult task as there are many parameters to take into consideration. Our dedicated network security team here at Firewall.cx has done just that for every VPN Provider and then put them to the test to produce the best VPN Service review ever.
Understanding the importance and benefits of a VPN is crucial to help you decide if you need a VPN and what features you should look for. Despite the different offerings from VPN providers there are some standard benefits that you’ll always get:
Evaluating the best VPN service can be a tricky task, especially when you take into consideration that not everyone is looking for the same features in a VPN. To give each provider a fair chance to live up to its reputation we decided to evaluate them based on the following criteria listed in order of importance:
Accessing & streaming US Netflix content is a hot topic for most of our readers which is why we’ve included it in our tests. While other reviews might indicate whether or not US Netflix is supported, we took that extra step to test and verify the service.
All Netflix stream testing was performed from a 20Mbps home broadband connection using a US Netflix account configured to stream at the highest possible setting (High) which generates 3GB/hour for HD or 7GB/hour for Ultra HD. These settings would test each VPN Provider’s ability to perform continuous, uninterrupted streaming to a home or mobile VPN user.
Speedtest.net was selected as a testing platform to evaluate download and upload speeds. Our tests were performed from Melbourne Australia using a premium 200Mbps link to the internet while OpenVPNUDP or OpenVPN TCP (when UDP failed) was the VPN protocol used to connect to each provider. The Speedtest.net server located at San Jose, CA Server (No.4) shown below was used for download/upload test. This server was strategically selected as it’s hosted by Speedtest.net and showed stable transfer rates capable of exceeding 185Mbps.
Our selected Speedtest.net server and non-VPN speed tests results (click to enlarge)
Our Speedtest.net test to San Jose, CA Server (No.4) without a VPN yielded an impressive 185Mbps download speed and 123Mbps upload speed confirming the path between us and the Speedtest.net server was not congested.
While test values still fluctuated, the tests we’ve selected to publish are the average results from each VPN Provider.
Without further delay, let’s take an in-depth look at our Best VPN Service Providers for 2018:
This article describes the new Windows Server 2016 Licensing model (per-core licensing) Microsoft has implemented for its new server-based operating system. While the Windows Server 2012 Licensing model was fairly straight forward: per CPU Pair + CALS/DAL for Standard and Datacenter editions, Microsoft has decided to change its licensing arrangements thanks to the continuously increasing number of available cores per physical processor which has caused significant losses to its profits.
Taking into consideration that the Intel Xeon E7-8890v4 contains a total of 24 cores capable of supporting up to 48 threads, one can quickly understand the software giant’s intention and why it is no longer continuing the per CPU Pair model for its Standard and Datacenter server editions.
The Windows Server 2016 licensing model consists of per-core/processor + Client Access Licenses (CALs). Each user or device accessing a Windows Server Standard, Datacenter or Multipoint edition requires a Windows CAL or a Windows Server and a Remote Desktop Services (RDS) CAL.
In addition to these changes many would be surprised to know that there is now a minimum number of Per-Core licenses required per physical CPU and Server:
Thankfully not much. Microsoft has adjusted its per-Core license pricing in such a way so that a small deployment of up to 16-cores per physical server will be the same pricing as a Windows server 2012 2-CPU License.
The price difference becomes apparent for larger customers with a server deployed that exceeds 8-cores per CPU and 16-cores per server. These customers will end up paying additional money for their licenses. For example a server with 2 x Intel Xeon E7-8890v4 CPUs means a total of 48 cores. Installing a Windows server 2012 Standard server means that the initial license will cover up to 16 out of the 48 cores and the customer will need to purchase additional licenses to cover the 32 extra cores! It’s now clear why big customers are going to be paying the big bucks!
The following table explains where additional licenses are required depending on the number of CPUs (processors) and cores per CPU. Remember - Minimum 8 cores/processor; 16 cores/server:
Figure 1. Windows Server 2016 Licensing: Calculating Licensing needs per CPU & Core
Microsoft offers its Windows Server 2016 in 6 different editions. Let’s take a look at them and explain their primary role and usage:
With Windows 2016 Server already making its way into data centers Windows 2016 Server Licensing is becoming a very hot topic. Windows 2016 Server is jam-packed with a number of advanced features including added layer of security, new deployment options, built-in Hyper-V containers, advanced networking options and cloud-ready services.
Altaro software, a reputable software vendor offering robust Virtualization Backup for Hyper-V & VMware,is hosting a free Webinar on Tuesday the 29th of November 2016 that will cover the following important topics:
Our previous article explained the purpose of Link State Update (LSU) packets and examined the Link State Advertisement (LSA) information contained within LSU packets. We also saw the most common LSA packets found in OSPF networks. In this article we’ll be diving deeper to analyse all eleven OSPF LSA Types using network network diagrams and examples to help understand when each LSA type is used and how they keep the OSPF network updated.
Before we begin, let’s take a quick look at the different type of OSPF LSA packets we’ll cover:
The LSA payload varies in size according to the LSA type and the information it includes. The diagram below clearly shows how LSAs are contained within LSUs:
Figure 1. LSA Types contained within an OSPF LSU packet
As mentioned, OSPF currently supports 11 types of LSAs. Each LSA is used within specific boundaries of an OSPF network.
OSPF concepts, including router roles such as Designated Router (DR), Area Border Router (ABR), Autonomous System Border Router (ASBR), OSPF Areas and more, are analyzed in great depth in our article OSPF Basic Concepts – OSPF Areas – Router Roles. This article assumes the reader has a good understanding of basic OSPF theory and is comfortable with OSPF concepts.
LSA Type 1 (Router LSA) packets are sent between routers within the same area of origin and do not leave the area. An OSPF router uses LSA Type 1 packets to describe its own interfaces but also carries information about its neighbors to adjacent routers in the same area.
Figure 2. LSA Type 1 Packets exchanged between OSPF routers within the same area
LSA Type 2 (Network LSA) packets are generated by the Designated Router (DR) to describe all routers connected to its segment directly. LSA Type 2 packets are flooded between neighbors in the same area of origin and remain within that area.
Figure 3. LSA Type 2 Packets exchanged between OSPF DR and neighbor routers
LSA Type 3 (Summary LSA) packets are generated by Area Border Routers (ABR) to summarize its directly connected area, and advertise inter-area router information to other areas the ABR is connected to, with the use of a summary prefix (e.g 192.168.0.0/22). LSA Type 3 packets are flooded to multiple areas throughout the network and help with OSPF’s scalability with the use of summary prefixes.
Figure 4. LSA Type 3 - An OSPF ABR router advertises the summarized route 192.168.2.0/24 to Area 0
Looking at the diagram above, ABR router R2 creates a Type 3 Summary LSA and floods it into Area 0. In a similar way, ABR router R3 creates a Type 3 Summary LSA and floods it into Area 2. Type 3 Summary LSAs appear as O IA entries in the router routing table.
GFI Software has just revealed GFI OneConnect Beta – its latest Advanced Email Security Protection product. GFI OneConnect is a comprehensive solution that targets the safe and continuous delivery of business emails to organizations around the world.
GFI has leveraged its years of experience with its millions of business users around the globe to create a unique Hybrid solution consisting of an on-premise server and Cloud-based solution that helps IT admins and organizations protect their infrastructure from spam, malware threats, ransomware, virus and email service outages.
GFI OneConnect not only takes care of filtering all incoming email for your Exchange server but it also works as a backup service in case your Exchange server or cluster is offline.
The solution consists of the GFI OneConnect Server that is installed on the customer’s premises. The OneConnect server connects to the local Exchange server on one side, and the GFI OneConnect Data Center on the other side as shown in the diagram below:
Figure 1. Deployment model of GFI OneConnect (Server & Data Center)
Email sent to the organization’s domain is routed initially through the GFI OneConnect . During this phase email is scanned by the two AntiVirus engines (ClamAV & Kaspersky) for virus, ransomware, malware etc. before forwarding them to the Exchange Server.
In case the Exchange server is offline GFI OneConnect’s Continuity mode will send and receive all emails, until the Exchange server is back online after which all emails are automatically synchronised. All emails received while your email server was down are available to users at any moment, thanks to the connection to the cloud and the GFI OneConnect’s Datacenter.
Figure 2. GFI OneConnect Admin Dashboard (click to enlarge)
While there is currently a beta version out (Free download and Trial) - our first impressions show that this is an extremely promising solution that has been carefully designed with the customer and IT staff in mind. According to GFI – the best is yet to come – and we know that GFI always stands by its promises so we are really looking forward seeing the final version of this product in early 2017.
If you’ve been experiencing issues with your Exchange server continuity or have problems dealing with massive amounts of spam emails, ransomware and other security threats – give GFI OneConnectBeta a test run and discover how it can help offload all these problems permanently, leaving you time for other more important tasks.