• Best VPN Service for 2017

    Top VPNs that Unlock Netflix, provide Secure Torrenting, Strong Encryption, Fast Downloads, DNS Leak Protection, Identity Protection and have Cheap VPN prices.

    read more

    Hyper-V Concepts

    It's time to get familiar with Hyper-V Virtualization, virtual servers, virtual switches, virtual CPUs, virtual deployment infrastructure (VDI) and more.
    Read more

Hot Downloads

Join Australia’s First Official Cisco Data Center User Group (DCUG) & Become Part of a Friendly Fast-Growing Professional Community That Meets Once a Month in Melbourne!

Posted in Cisco Data Center User Group

Join Australia’s First Official Cisco Data Center User Group (DCUG) & Become Part of a Friendly Fast-Growing Professional Community That Meets Once a Month in Melbourne! - 5.0 out of 5 based on 2 votes

official-cisco-data-center-user-group-melbourne-australia-1It’s a reality – Australia now has its own Official Cisco Data Center User Group (DCUG) and it’s growing fast! Originally inspired by Cisco Champions Chris Partsenidis and Derek Hennessy, the idea was fully backed by Cisco Systems as they happened to be looking to start up something similar on a global scale.

The idea was born in the morning hours of the 18th of March 2016 over a hot cup of coffee when Chris Partsenidis and Derek Hennessy met for the first time, after Cisco’s Live! in Melbourne Australia. Both Chris and Derek agreed that it was time to create a friendly professional Cisco community group that would gather Cisco professionals and encourage users to share knowledge and experience.

The proposal was sent to Lauren Friedman at Cisco Systems, who just happened to be working on a similar concept on a global scale. Lauren loved the idea and, with her help, Australia got its first official Cisco Data Center User Group!

Becoming part of the Melbourne Cisco Data Center User Group is absolutely free and, by joining, you’ll be part of Australia’s first official Cisco user group, which is currently the largest in the world!

Where are the Meetings Held and What’s Included?

The user group will catch up on the first Tuesday of every month at the The Crafty Squire at 127 Russell Street in Melbourne CBD. We’ll be located upstairs in Porter Place. Our first meeting will be on Tuesday June 7th 2016 and all meetings will take place between 17:30 and 19:30.

For the duration of the meeting, we’ll have free beer for all registered members, food and if we are lucky – free Cisco beer mugs! The mugs are actually on their way from the USA and we are hoping to have them in time before the meeting otherwise we’ll be handing them out during the following meeting.


Figure 1. The Porter Place - Crafty Squire

For more details about our regular meet ups and join our community, head over to the Cisco Data Center User Group page on Meetup.com. 

We're really excited to start building a Data Center community in Melbourne so come along and join us!

Agenda – 7th of June 2016

Vendor Session: Infrastructure as Code and DevOps

Speaker: Chris Gascoigne - Technical Solutions Architect, Cisco Systems Melbourne, Australia

Chris Gascoigne is a Technical Solutions Architect with Cisco Systems working in the Australia/New Zealand Data Centre team. Chris has been with Cisco for nine years and specialises in Application Centric Infrastructure.

Community Session: GNS3 Connectivity

Speaker: Will Robinson - Senior Systems Engineer, Cube Networks

Will Robinson is a Senior Systems Engineer with Cube Networks and has extensive networking and data center experience. Will is an active community member and is the only Australian member of the NetAppATeam group.

Palo Alto Firewall Application-based Policy Enforcement (App-ID), User Identification (User-ID) and Application Control Centre (ACC) Features for Enterprise Networks

Posted in Palo Alto Firewalls

Palo Alto Firewall Application-based Policy Enforcement (App-ID), User Identification (User-ID) and Application Control Centre (ACC) Features for Enterprise Networks - 5.0 out of 5 based on 3 votes

Our previous article examined the benefits of Palo Alto Networks Firewall Single Pass Parallel Processing (SP3) architecture and how its combine with the separate Data and Control planes to boost firewall performance and handle large amounts of traffic without and performance impact. This article focuses on the traffic flow logic inside the Palo Alto Firewall and two unique features that separate it from the competition: Application-based policy enforcement (App-ID) & User Identification (User-ID).

For more Technical articles on Palo Alto Networks Firewalls, visit our Palo Alto Networks Firewall Section

Flow Logic of the Next-Generation Firewall

The diagram below is a simplified version of the flow logic of a packet travelling through a Palo Alto Networks Next-Generation Firewall and this can be always used a reference to study the packet processing sequence:


Figure 1. Flow Logic of a packet inside the Palo Alto Networks Next Generation Firewall

Palo Alto Networks Next-Generation Firewalls works with the concepts of zones not interfaces, once a packet enters the firewall, the Palo Alto Networks Next-Generation Firewalls identifies from which zone the packet came and where it is destined to go. This is similar to Cisco IOS Routers Zone-based Firewalls and Cisco ASA Firewalls.

Users interested can also download for free the Palo Alto Networks document “Day in the Life of a Packet” found in our Palo Alto Networks Download section which explains in great detail the packet flow sequence inside the Palo Alto Networks Firewall.

App-ID & User-ID – Features That Set Palo Alto Apart from the Competition

App-ID and User-ID are two really interesting features not found on most competitors’ firewalls and really help set Palo Alto Networks apart from the competition. Let’s take a look at what App-ID and User-ID are and how they help protect the enterprise network.

App-ID: Application-based Policy Enforcement

App-ID is the biggest asset of Palo Alto Networks Next-Generation Firewalls. Traditional firewalls block traffic based on protocol and/or ports, which years ago seemed to be the best way of securing the network perimeter, however this approach today is inadequate as applications (including SSL VPNs) can easily bypass a port-based firewall by hopping between ports or using well-known open ports such as tcp-http (80) or tcp/udp-dns (53) normally found open.

A traditional firewall that allows the usage of TCP/UDP port 53 for DNS lookups, will allow any application using that port to pass through without asking second questions. This means that any application can use port 53 to send/receive traffic, including evasive applications like BitTorrent for P2P file sharing, which is quite dangerous:

Palo Alto Network’s App-ID effectively blocks unwanted BitTorrent traffic

Figure 2. Palo Alto Network’s App-ID effectively blocks unwanted BitTorrent traffic

With App-ID, Palo Alto Networks Next-Generation Firewalls uses multiple identification mechanisms to determine the exact identity of applications traversing the network. Following is the order in which traffic is examined and classified:

Increase your Enterprise or SMB Organization Security via Internet Application & User Control. Limit Threats and Internet Abuse at the Workplace

Posted in GFI WebMonitor: Web Security & Monitoring

Increase your Enterprise or SMB Organization Security via Internet Application & User Control. Limit Threats and Internet Abuse at the Workplace - 5.0 out of 5 based on 1 vote

gfi-webmonitor-internet-application-user-control-1aIn this era of constantly pushing for more productivity and greater efficiency, it is essential that every resource devoted to web access within a business is utilised for business benefit. Unless the company concerned is in the business of gaming or social media, etc. it is unwise to use resources like internet/web access, and the infrastructure supporting it, for a purpose other than business. Like they say, “Nothing personal, just business”

With this in mind, IT administrators have their hands full ensuring management of web applications and their communication with the Internet. The cost of not ensuring this is loss of productivity, misuse of bandwidth and potential security breaches. As a business it is prudent to block any unproductive web application e.g. gaming, social media etc. and restrict or strictly monitor file sharing to mitigate information leakages.

Track, monitor and block any user application from the internet with award winning GFI WebMonitor - Limited Free Download!

It is widely accepted that in this area firewalls are of little use. Port blocking is not the preferred solution as it has a similar effect to a sledge hammer. What is required is the fineness of a scalpel to parse out the business usage from the personal and manage those business requirements accordingly. To be able to manage web application at such a level, it is essential to be able to identify and associate the request with its respective web application. Anything in line with business applications goes through, the rest are blocked.

This is where GFI WebMonitor excels in terms of delivering this level of precision and efficiency. It identifies access requests from supported applications using inspection technology and helps IT administrators to allow or block them. Hence, the administrators can allow certain applications for certain departments while blocking certain other applications as part of a blanket ban, thus enhancing the browsing experience of all users.

So, to achieve this, the process is to use the unified policy system of GFI WebMonitor. The policies can be configured specifically for application control or, within the same policy, several application controls can be combined using other filtering technologies.

Let’s take a look at the policy panel of GFI WebMonitor:


Figure 1. GFI WebMonitor Policy Panel interface. Add, delete, create internet access policies with ease (click to enlarge)

Ensuring Enterprise Network Readiness for Mobile Users – Wi-Fi, Bandwidth Monitoring, Shadow IT, Security, Alerts

Posted in OpManager - Network Monitoring & Management

Ensuring Enterprise Network Readiness for Mobile Users – Wi-Fi, Bandwidth Monitoring, Shadow IT, Security, Alerts - 5.0 out of 5 based on 3 votes

enterprise-network-monitoring-management-wifi-security-mobility-1aDemands for Enterprise networks to properly support mobile users is on a continuous rise making it more than ever necessary for IT departments to provide high-quality services to its users. This article covers 4 key-areas affecting mobile users and Enterprise networks: Wi-Fi coverage (signal strength – signal-to-noise ratio), Bandwidth Monitoring (Wi-Fi Links, Network Backbone, routers, congestion), Shadow IT (Usage of unauthorized apps) and security breaches.

Today, users are no more tied to their desktops/laptops. Now, they are mobile. They can reply to important business emails, access their CRM, collaborate with peers, share files with each other & much more from cafeteria or car parking. This implies that it's high time for network admins at enterprises to think or give equal importance to wireless networks similar to wired networks. Wireless networks should be equally faster and secure.

Though the use of mobile devices for business actives is a good thing to happen for both enterprises and its customers, it also has some drawbacks on the network management side. The top 4 things to consider to make your network mobile ready are:

  • Wi-Fi signal strength
  • Bandwidth congestion
  • Shadow IT
  • Security breaches and attacks


Figure 1. OpManager Network Management and Monitoring - Click for Free Download

Wi-Fi Signal Strength

A good Wi-Fi signal is a must throughout the campus. Employees must not feel any connectivity problem or slowness because of poor signal quality. The signal should be so good and similar to the ones provided by the carriers. However, it’s not quite easy to maintain good signal strength all throughout the building. Apart from Wireless LAN Controller (WLC) and Wireless Access Point (WAP), channel interference also plays a major role in ensuring a good Wi-Fi signal strength.

RF interference is the noise or interference caused by other wireless & Bluetooth devices such as phones, mouse, remote controls, etc. that disrupts the Wi-Fi signal. Since all these devices operate on the same 2.4GHz to 5 GHz frequencies, it disrupts the Wi-Fi signal strength. When a client device receives another Wi-Fi signal it will defer transmission until the signal ceases. Interference that occurs during transmission also causes packet loss. As an effect Wi-Fi retransmissions take place which in fact slow down throughput and result in wildly fluctuating performance for all users sharing a given access point (AP).

Download your free copy of OpManager - Manage and Monitor your network

A common metric for measuring the Wi-Fi signal strength is the Signal-to-Noise (SNR) Ratio. SNR is the ratio of signal power to the noise power and expressed in decibels. SNR of 41db is considered excellent and 10-15db is considered as poor. However, as soon as interference is experienced SINR is the metric to look for. SINR is the Signal-to-Interference plus Noise Ratio which provides the difference between the signal level and the level of interference. Since RF interference creates disrupts the user throughput, SINR provides the real performance level of the Wi-Fi systems. A higher SINR is considered good as it indicates higher data rates.


Figure 2. OpManager: Network Analysis – Alarms, Warnings and Statistics - Click for Free Download

Shadow IT

Employees making use of third-party apps or services without the knowledge of IT, to get their job done is known as Shadow IT. Though it makes employees to choose the apps or services that works form them and be productive, it also leads to some conflicts and security issues. Using apps that are not verified by the IT team may cause serious security breaches and may even lead to loss of corporate data.

It's tough to restrict shadow IT because employees keep finding ways to find apps and services that they feel comfortable or easy-to-work with. And satisfied users use word-of-mouth marketing and increase the adoption of such apps/services among their peers. Sometimes, this creates conflict with existing IT policy and slows down the operations itself. However, the adoption of Shadow IT is on the rise. According to a study, shadow IT exists in more than 75% of the enterprises and expected to grow more.

Security Breach and Attacks

Scan and Generate Firewall Rules to Secure your Website and WebServer with ModSecurity. Block Exploits & Vulnerability Attacks

Posted in Web Application Vulnerability Scanners

Scan and Generate Firewall Rules to Secure your Website and WebServer with ModSecurity. Block Exploits & Vulnerability Attacks - 5.0 out of 5 based on 1 vote

ModSecurity is a very popular open-source web application Firewall used to protect webservers and websites from vulnerability attacks, exploits, unauthorized access and much more. In this article, we’ll show you how web vulnerability scanners, can be used to automatically generate the necessary rules that block all vulnerabilities identified during the scan.

This great feature of automatically generating ModSecurity rules for identified vulnerabilities through a web vulerability scanner (e.g Netsparker), giving all users the ability to now create and deploy ModSecurity rules immediately – saving valuable time and accelerating the whole scan-&-patching process considerably.

 Generating ModSecurity Rules from a Web Application Vulnerability Scanner

Figure 1. Generating ModSecurity Rules from a Web Application Vulnerability Scanner

ModSecurity is used by many vendors and webservice providers as it is capable of delivering a number of security services including:

  • Full HTTP traffic logging. ModSecurity gives you the ability to log anything you need, including raw transaction data, which is essential for forensics analysis and in-depth tracing.
  • Web Application Hardening. Helps fix cross-site request forgery vulnerabilities and enforce security policies with other Apache modules.
  • Real-time application security monitoring. ModSecurity provides full access to the HTTP traffic stream along with the ability to inspect and action against attacks.
  • Becomes a powerful exploit prevention tool when paired with web server and web application vulnerability scanners such as Netsparker.

Most Web Application Vulnerability Scanner vendors provide full details on how to use their web application scanner to successfully generate ModSecurity rules that will help identify and block existing vulnerabilities in web applications and web servers.


Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup