The document provides an overview of pfSense, an open source firewall and routing platform based on FreeBSD. It discusses the history and evolution of pfSense, hardware requirements, common deployment scenarios, and key features such as firewall rules, NAT, VPNs, traffic shaping, wireless access points, and high availability using CARP. The document also advertises a live demo of pfSense installation and configuration.
The document provides an overview of pfSense, an open source firewall and routing platform based on FreeBSD. It discusses the history and evolution of pfSense, hardware requirements, common deployment scenarios, and key features such as firewall rules, NAT, VPNs, traffic shaping, wireless access points, and high availability using CARP. The document also advertises a live demo of pfSense installation and configuration.
The document summarizes common issues with the Cisco IP Communicator (CIPC) and provides troubleshooting tips. It addresses how CIPC determines time, when it will support Windows 7, issues with USB headsets and installation, errors with Cisco Emergency Responder, populating device information, crashes, audio problems, and black screens. Troubleshooting steps are provided for each issue.
PLNOG16: Kreowanie usług przez operatorów – SP IWAN, Krzysztof KonkowskiPROIDEA
The document discusses an SP-IWAN (Service Provider Intelligent WAN) architecture that can be offered by network operators. It proposes separating the transport and service layers, using DMVPN as an overlay and allowing applications to flow freely between MPLS and internet links using PfR. It also discusses using virtual network functions and orchestration to automate service provisioning and deliver application-aware services like monitoring, optimization and security. The architecture is meant to help operators deliver new cloud services, optimize application performance across networks and generate new revenue streams.
SAN Health is a free Brocade utility that provides a comprehensive point-in-time report on your SAN. SAN Health provides a data capture application that is executed against the SAN, and a back-end report processing engine, that provides an extensive detail on the SAN configuration. Topics covered, learn how to generate the SAN Heath reports to ensure the SAN infrastructure is optimized to support IBM FlashSystems, all IBM Storage products, and the new FICON SAN Health Utility
PLNOG16: Obsługa 100M pps na platformie PC, Przemysław Frasunek, Paweł Mała...PROIDEA
Modern CPUs have many cores and advanced instruction sets like AVX that allow performing multiple operations simultaneously. To handle 100 million packets per second, a platform needs network interfaces with speeds of at least 10 Gbps and a PCIe bus and memory fast enough to keep up. The Linux networking stack is not optimized for these speeds, so achieving line rate requires implementing the network processing in userspace using techniques like DPDK that avoid kernel overhead.
This document provides instructions for configuring multi-WAN load balancing in pfSense. It describes setting up two internet connections (WANs) and dividing traffic between them using round robin load balancing. The key steps include:
1. Configuring the WAN and OPT1 interfaces with static IP addresses in different subnets.
2. Creating three load balancing pools - one for normal round robin load balancing, and two for failover between the WANs.
3. Setting monitor IP addresses on each WAN to check the connection status and trigger failover when needed.
4. Configuring basic firewall rules to allow traffic to pass between the LAN and both WANs via
The document provides information about Brocade SAN switches including their product lines, features, and specifications. It discusses various switch models ranging from 8-port to 384-port configurations supporting 1, 2, 4, 8, and 10Gbps speeds. Features covered include dynamic path selection, ISL trunking, extended fabric, hardware-enforced zoning, advanced performance monitoring, and FCIP tunneling. The document also reviews FOS enhancements, new 10Gbps blades, and concepts like NPIV and NPV.
This document discusses device discovery, management, and maintenance topics including CDP, LLDP, NTP, and password recovery processes. It describes CDP and LLDP as protocols used to share information about directly connected Cisco and network equipment respectively. NTP is explained as a protocol used for clock synchronization between network devices using an NTP server. Finally, it briefly mentions that password recovery processes are used to reset enable secret passwords and differ for switches versus routers, requiring physical access.
The document provides an overview of pfSense, an open source firewall and routing platform based on FreeBSD. It discusses the history and evolution of pfSense, hardware requirements, common deployment scenarios, and key features such as firewall rules, NAT, VPNs, traffic shaping, wireless access points, and high availability using CARP. The document also advertises a live demo of pfSense installation and configuration.
The document summarizes common issues with the Cisco IP Communicator (CIPC) and provides troubleshooting tips. It addresses how CIPC determines time, when it will support Windows 7, issues with USB headsets and installation, errors with Cisco Emergency Responder, populating device information, crashes, audio problems, and black screens. Troubleshooting steps are provided for each issue.
PLNOG16: Kreowanie usług przez operatorów – SP IWAN, Krzysztof KonkowskiPROIDEA
The document discusses an SP-IWAN (Service Provider Intelligent WAN) architecture that can be offered by network operators. It proposes separating the transport and service layers, using DMVPN as an overlay and allowing applications to flow freely between MPLS and internet links using PfR. It also discusses using virtual network functions and orchestration to automate service provisioning and deliver application-aware services like monitoring, optimization and security. The architecture is meant to help operators deliver new cloud services, optimize application performance across networks and generate new revenue streams.
SAN Health is a free Brocade utility that provides a comprehensive point-in-time report on your SAN. SAN Health provides a data capture application that is executed against the SAN, and a back-end report processing engine, that provides an extensive detail on the SAN configuration. Topics covered, learn how to generate the SAN Heath reports to ensure the SAN infrastructure is optimized to support IBM FlashSystems, all IBM Storage products, and the new FICON SAN Health Utility
PLNOG16: Obsługa 100M pps na platformie PC, Przemysław Frasunek, Paweł Mała...PROIDEA
Modern CPUs have many cores and advanced instruction sets like AVX that allow performing multiple operations simultaneously. To handle 100 million packets per second, a platform needs network interfaces with speeds of at least 10 Gbps and a PCIe bus and memory fast enough to keep up. The Linux networking stack is not optimized for these speeds, so achieving line rate requires implementing the network processing in userspace using techniques like DPDK that avoid kernel overhead.
This document provides instructions for configuring multi-WAN load balancing in pfSense. It describes setting up two internet connections (WANs) and dividing traffic between them using round robin load balancing. The key steps include:
1. Configuring the WAN and OPT1 interfaces with static IP addresses in different subnets.
2. Creating three load balancing pools - one for normal round robin load balancing, and two for failover between the WANs.
3. Setting monitor IP addresses on each WAN to check the connection status and trigger failover when needed.
4. Configuring basic firewall rules to allow traffic to pass between the LAN and both WANs via
The document provides information about Brocade SAN switches including their product lines, features, and specifications. It discusses various switch models ranging from 8-port to 384-port configurations supporting 1, 2, 4, 8, and 10Gbps speeds. Features covered include dynamic path selection, ISL trunking, extended fabric, hardware-enforced zoning, advanced performance monitoring, and FCIP tunneling. The document also reviews FOS enhancements, new 10Gbps blades, and concepts like NPIV and NPV.
This document discusses device discovery, management, and maintenance topics including CDP, LLDP, NTP, and password recovery processes. It describes CDP and LLDP as protocols used to share information about directly connected Cisco and network equipment respectively. NTP is explained as a protocol used for clock synchronization between network devices using an NTP server. Finally, it briefly mentions that password recovery processes are used to reset enable secret passwords and differ for switches versus routers, requiring physical access.
Successes and Challenges of IPv6 Transition at APNICAPNIC
This document summarizes APNIC's experiences implementing dual-stack NAT-PT and IPv6-only Wi-Fi networks. It describes the challenges faced such as needing NAT at an unusual location and user reconnections over UDP. Solutions such as access lists, route maps and increased UDP timeouts are discussed. The success of IPv6-only Wi-Fi on various devices is also noted, along with challenges in connecting some mobile devices, which was addressed by enabling RDNSS on the router. The importance of services supporting IPv6 is highlighted.
The document describes the 860 DSPi's high speed throughput testing capabilities. It allows technicians to test upstream speeds up to 100 Mbps and downstream speeds up to 152 Mbps with a DOCSIS 3.0 modem. The throughput test uses an application called ACTS that can be installed on any server. The 860 DSPi supports different maximum speeds depending on its network card and modem: with a DOCSIS 3.0 modem it can support up to 100 Mbps upstream and 150 Mbps downstream. The document provides instructions on setting up the ACTS application and running throughput tests with the 860 DSPi.
Qnap Turbo Nas Business Series Presentation 2011Ali Shoaee
The document discusses QNAP's Turbo NAS business series network attached storage (NAS) devices. It provides an overview of several NAS models including the TS-259 Pro+, TS-459 Pro II, and TS-659 Pro+ and highlights key specifications. The document also summarizes QNAP's core competencies in software and hardware engineering for NAS devices and lists the main applications and features of their all-in-one NAS solutions.
PLNOG16: Usługi w sieciach operatorskich, Marcin AronowskiPROIDEA
This document discusses network services in carrier networks. It begins with an agenda for a 168 slide, 40 minute presentation on multiservice IP next-generation networks (NGN). It then discusses concepts like quality of service (QoS), multicasting, and TCP performance in the context of modern networking technologies like HTTP/2, over-the-top services, and 100 gigabit Ethernet. The rest of the document provides details on implementing QoS, guidelines for QoS for video, the history and uses of multicasting, and fundamentals of multicast addressing.
The document provides instructions for running an Intel DPDK hands-on session to demonstrate packet forwarding using the l3fwd example. It describes downloading and compiling DPDK, getting and applying patches to l3fwd, configuring three VMs with pktgen to generate and receive packets and l3fwd to forward between them, and running l3fwd and pktgen manually or automatically on system startup.
Společnost Brocade je známa zejména ze světa SAN (Storage Area Network), ale mimo to vyrábí špičková zařízení (switche, routery, load balancery,…) pro LAN/WAN/WIFI a doručování aplikací, které vynikají oproti konkurenci zejména vysokým výkonem a propustností. Seznámíme vás s produkty pro lokální a konvergované sítě vašich datových center určených pro virtuální serverovou i desktopovou virtualizaci. Łukasz Kozłowski (Brocade) / Jaroslav Prodělal (OldanyGroup)
How to Use GSM/3G/4G in Embedded Linux SystemsToradex
The number of embedded devices that are connected to the internet is growing each day. Nowadays, they are installed majorly using a wireless connection. They need mobile network coverage to be connected to the internet. Read our next blog which tells you about the various configurations to connect a device such as Colibri iMX6S with the Colibri Evaluation Board running Linux to the internet through the PPP (Point-to-Point Protocol) link. Read More: https://www.toradex.com/blog/how-to-use-gsm-3g-4g-in-embedded-linux-systems
Brocade: Storage Networking For the Virtual Enterprise EMC
The document discusses storage networking technologies for virtualized environments. It summarizes Brocade's Fibre Channel fabrics for scaling SANs across data centers through technologies like In-Chassis Links (ICLs) and Ethernet fabrics for supporting protocols like FCoE, iSCSI, and NAS. It also discusses capabilities for improving metro connectivity, automating management through tools like Brocade Network Advisor, and enhancing performance for virtual desktop infrastructures (VDIs) and other emerging workloads.
New technical architectures and deployment models for radio productionRyan Jespersen
In this presentation Ryan Jespersen, VP Marketing at Jutel, discusses new technical architectures and deployment models for radio production available with RadioMan 6.
The presentation discusses the web-native technologies and architecture that enables RadioMan to be deployed in a virtual private cloud, public cloud like Amazon Web Services, Microsoft Azure or Google Compute Engine, or a hybrid deployment with physical and virtual machines.
Cloud Traffic Engineer – Google Espresso Project by Shaowen MaMyNOG
The document discusses using an SDN controller and BGP EPE to enable inter-domain traffic engineering. The solution uses the controller to calculate optimal paths, push MPLS labels to ingress routers, and dynamically steer traffic to peering links. This allows automatic optimization for congestion and latency while simplifying ASBRs to only label switching with no IP lookup or policies. Telemetry from the network is also used for analytics and machine learning to enable predictive and adaptive traffic engineering across domains.
Our dedicated servers offer outstanding performance for even the most demanding of websites with the latest Intel & Dell technology combining unparalleled server specification, bandwidth and service with a low monthly fee.
VoIP Basics covers the components and call flow of VoIP systems using Cisco Call Manager Express (CME). It discusses how VoIP digitizes voice into data packets using codecs and DSP chips. Key benefits of Cisco Unified Call Manager (CUCM) include supporting audio and video, operating in redundant server clusters, and integrating directories. CUCM uses a clustered server setup with an Informix database for call signaling and media.
The document discusses multicast in OpenStack. It states that multicast is not supported out of the box in OpenStack. Virtual layer 2 switches support IGMP snooping but virtual layer 3 routers in OpenStack (Neutron-L3-Agent) do not support multicast routing. The document recommends using a provider network without virtual routers and configuring multicast routing on external physical routers. It also discusses using Cisco plugins that support multicast routing in OpenStack environments.
This document provides instructions for configuring port forwarding on a SonicWALL firewall to allow external access to internal FTP, SMTP, and DNS servers located on the local network. It explains how to create access rules and NAT policies to forward specific ports to the internal servers using both the Standard and Enhanced firmware. Verification steps are included to check that the port forwarding configurations are working properly.
Deploy ultra low latency at a massive scale with sub-three-second end-to-end latency for audiences as big as you can assemble. Shorten the first and last mile with distribution of datacenters, POPs and nodes across the globe.
Leverage innovative technologies to dramatically reduce time-to-first-frame and provide consistent, low-latency user experience across devices and apps.
Provide intelligent load-balancing and scaling to immediately provide the streaming resources needed to deliver reliable, consistent, ultra low latency viewing experiences to audiences of any size, everywhere.
Enable unprecedented visibility, insight and control throughout the entire streaming workflow, from ingest to playback—allowing you to anticipate, tune and optimize your workflow.
The document discusses various video on demand models including centralized IPTV, distributed IPTV, and peer-to-peer IPTV. It then provides details about the peer-to-peer video platform Joost, including its founders, financing, technology, and requirements. The document also compares Joost to Apple TV.
MAG322 is an amazing set-top box containing a superior processor on the BCM75839 chipset, and 512MB RAM. It’s the ideal answer for speedy dispatch of your IPTV/OTT venture to the next level.
This document provides instructions for creating a single and multi-axis rating/review system using Drupal 6 and the Fivestar, Voting API and CCK modules. It describes how to create "Product" and "Review" content types to allow users to review products and rate them on one or multiple criteria. It also provides code to display average ratings on product nodes and instructions to build a Views display of products and their average ratings.
This month's PC Community meeting will feature presentations on both basic command line utilities and advanced 3D graphical desktop interfaces. Bud Gallagher will demonstrate the power of the Windows command prompt. Jan Fagerholm will showcase a 3D desktop of the future that allows a new way of interacting with computers. A raffle for a Western Digital hard drive will also be held.
RubyCocoa allows Ruby scripts to access and control Objective-C objects. It automatically creates Ruby proxy objects that are bridged to Objective-C classes, forwarding Ruby messages to instances of Objective-C classes. This allows Ruby and Objective-C code to be mixed in the same source files. RubyCocoa is supported by Apple and integrates with Xcode, providing full Cocoa support. To use RubyCocoa, one imports the OSX module, subclasses NSObject, connects outlets and actions, and calls Objective-C methods.
This document provides an overview of Firefox extension development using JavaScript. It discusses JavaScript basics like variables, functions, and debugging with alerts. It also covers how to access and manipulate the DOM to work with XUL elements in a GUI. Developers are instructed to place JavaScript code files in the extension's content directory and link them to XUL files using the chrome URI. Further reading links are included to learn more about XUL elements, JavaScript, and tutorials for non-programmers.
Successes and Challenges of IPv6 Transition at APNICAPNIC
This document summarizes APNIC's experiences implementing dual-stack NAT-PT and IPv6-only Wi-Fi networks. It describes the challenges faced such as needing NAT at an unusual location and user reconnections over UDP. Solutions such as access lists, route maps and increased UDP timeouts are discussed. The success of IPv6-only Wi-Fi on various devices is also noted, along with challenges in connecting some mobile devices, which was addressed by enabling RDNSS on the router. The importance of services supporting IPv6 is highlighted.
The document describes the 860 DSPi's high speed throughput testing capabilities. It allows technicians to test upstream speeds up to 100 Mbps and downstream speeds up to 152 Mbps with a DOCSIS 3.0 modem. The throughput test uses an application called ACTS that can be installed on any server. The 860 DSPi supports different maximum speeds depending on its network card and modem: with a DOCSIS 3.0 modem it can support up to 100 Mbps upstream and 150 Mbps downstream. The document provides instructions on setting up the ACTS application and running throughput tests with the 860 DSPi.
Qnap Turbo Nas Business Series Presentation 2011Ali Shoaee
The document discusses QNAP's Turbo NAS business series network attached storage (NAS) devices. It provides an overview of several NAS models including the TS-259 Pro+, TS-459 Pro II, and TS-659 Pro+ and highlights key specifications. The document also summarizes QNAP's core competencies in software and hardware engineering for NAS devices and lists the main applications and features of their all-in-one NAS solutions.
PLNOG16: Usługi w sieciach operatorskich, Marcin AronowskiPROIDEA
This document discusses network services in carrier networks. It begins with an agenda for a 168 slide, 40 minute presentation on multiservice IP next-generation networks (NGN). It then discusses concepts like quality of service (QoS), multicasting, and TCP performance in the context of modern networking technologies like HTTP/2, over-the-top services, and 100 gigabit Ethernet. The rest of the document provides details on implementing QoS, guidelines for QoS for video, the history and uses of multicasting, and fundamentals of multicast addressing.
The document provides instructions for running an Intel DPDK hands-on session to demonstrate packet forwarding using the l3fwd example. It describes downloading and compiling DPDK, getting and applying patches to l3fwd, configuring three VMs with pktgen to generate and receive packets and l3fwd to forward between them, and running l3fwd and pktgen manually or automatically on system startup.
Společnost Brocade je známa zejména ze světa SAN (Storage Area Network), ale mimo to vyrábí špičková zařízení (switche, routery, load balancery,…) pro LAN/WAN/WIFI a doručování aplikací, které vynikají oproti konkurenci zejména vysokým výkonem a propustností. Seznámíme vás s produkty pro lokální a konvergované sítě vašich datových center určených pro virtuální serverovou i desktopovou virtualizaci. Łukasz Kozłowski (Brocade) / Jaroslav Prodělal (OldanyGroup)
How to Use GSM/3G/4G in Embedded Linux SystemsToradex
The number of embedded devices that are connected to the internet is growing each day. Nowadays, they are installed majorly using a wireless connection. They need mobile network coverage to be connected to the internet. Read our next blog which tells you about the various configurations to connect a device such as Colibri iMX6S with the Colibri Evaluation Board running Linux to the internet through the PPP (Point-to-Point Protocol) link. Read More: https://www.toradex.com/blog/how-to-use-gsm-3g-4g-in-embedded-linux-systems
Brocade: Storage Networking For the Virtual Enterprise EMC
The document discusses storage networking technologies for virtualized environments. It summarizes Brocade's Fibre Channel fabrics for scaling SANs across data centers through technologies like In-Chassis Links (ICLs) and Ethernet fabrics for supporting protocols like FCoE, iSCSI, and NAS. It also discusses capabilities for improving metro connectivity, automating management through tools like Brocade Network Advisor, and enhancing performance for virtual desktop infrastructures (VDIs) and other emerging workloads.
New technical architectures and deployment models for radio productionRyan Jespersen
In this presentation Ryan Jespersen, VP Marketing at Jutel, discusses new technical architectures and deployment models for radio production available with RadioMan 6.
The presentation discusses the web-native technologies and architecture that enables RadioMan to be deployed in a virtual private cloud, public cloud like Amazon Web Services, Microsoft Azure or Google Compute Engine, or a hybrid deployment with physical and virtual machines.
Cloud Traffic Engineer – Google Espresso Project by Shaowen MaMyNOG
The document discusses using an SDN controller and BGP EPE to enable inter-domain traffic engineering. The solution uses the controller to calculate optimal paths, push MPLS labels to ingress routers, and dynamically steer traffic to peering links. This allows automatic optimization for congestion and latency while simplifying ASBRs to only label switching with no IP lookup or policies. Telemetry from the network is also used for analytics and machine learning to enable predictive and adaptive traffic engineering across domains.
Our dedicated servers offer outstanding performance for even the most demanding of websites with the latest Intel & Dell technology combining unparalleled server specification, bandwidth and service with a low monthly fee.
VoIP Basics covers the components and call flow of VoIP systems using Cisco Call Manager Express (CME). It discusses how VoIP digitizes voice into data packets using codecs and DSP chips. Key benefits of Cisco Unified Call Manager (CUCM) include supporting audio and video, operating in redundant server clusters, and integrating directories. CUCM uses a clustered server setup with an Informix database for call signaling and media.
The document discusses multicast in OpenStack. It states that multicast is not supported out of the box in OpenStack. Virtual layer 2 switches support IGMP snooping but virtual layer 3 routers in OpenStack (Neutron-L3-Agent) do not support multicast routing. The document recommends using a provider network without virtual routers and configuring multicast routing on external physical routers. It also discusses using Cisco plugins that support multicast routing in OpenStack environments.
This document provides instructions for configuring port forwarding on a SonicWALL firewall to allow external access to internal FTP, SMTP, and DNS servers located on the local network. It explains how to create access rules and NAT policies to forward specific ports to the internal servers using both the Standard and Enhanced firmware. Verification steps are included to check that the port forwarding configurations are working properly.
Deploy ultra low latency at a massive scale with sub-three-second end-to-end latency for audiences as big as you can assemble. Shorten the first and last mile with distribution of datacenters, POPs and nodes across the globe.
Leverage innovative technologies to dramatically reduce time-to-first-frame and provide consistent, low-latency user experience across devices and apps.
Provide intelligent load-balancing and scaling to immediately provide the streaming resources needed to deliver reliable, consistent, ultra low latency viewing experiences to audiences of any size, everywhere.
Enable unprecedented visibility, insight and control throughout the entire streaming workflow, from ingest to playback—allowing you to anticipate, tune and optimize your workflow.
The document discusses various video on demand models including centralized IPTV, distributed IPTV, and peer-to-peer IPTV. It then provides details about the peer-to-peer video platform Joost, including its founders, financing, technology, and requirements. The document also compares Joost to Apple TV.
MAG322 is an amazing set-top box containing a superior processor on the BCM75839 chipset, and 512MB RAM. It’s the ideal answer for speedy dispatch of your IPTV/OTT venture to the next level.
This document provides instructions for creating a single and multi-axis rating/review system using Drupal 6 and the Fivestar, Voting API and CCK modules. It describes how to create "Product" and "Review" content types to allow users to review products and rate them on one or multiple criteria. It also provides code to display average ratings on product nodes and instructions to build a Views display of products and their average ratings.
This month's PC Community meeting will feature presentations on both basic command line utilities and advanced 3D graphical desktop interfaces. Bud Gallagher will demonstrate the power of the Windows command prompt. Jan Fagerholm will showcase a 3D desktop of the future that allows a new way of interacting with computers. A raffle for a Western Digital hard drive will also be held.
RubyCocoa allows Ruby scripts to access and control Objective-C objects. It automatically creates Ruby proxy objects that are bridged to Objective-C classes, forwarding Ruby messages to instances of Objective-C classes. This allows Ruby and Objective-C code to be mixed in the same source files. RubyCocoa is supported by Apple and integrates with Xcode, providing full Cocoa support. To use RubyCocoa, one imports the OSX module, subclasses NSObject, connects outlets and actions, and calls Objective-C methods.
This document provides an overview of Firefox extension development using JavaScript. It discusses JavaScript basics like variables, functions, and debugging with alerts. It also covers how to access and manipulate the DOM to work with XUL elements in a GUI. Developers are instructed to place JavaScript code files in the extension's content directory and link them to XUL files using the chrome URI. Further reading links are included to learn more about XUL elements, JavaScript, and tutorials for non-programmers.
A biblioteca escolar está aberta para os alunos durante o ano letivo de 2009/2010. Os alunos podem pegar e devolver livros durante os horários de funcionamento da biblioteca. Há uma variedade de livros disponíveis para empréstimo nas diversas áreas do conhecimento.
The document discusses detecting and defending against security vulnerabilities in Web 2.0 applications. It begins by outlining the top security issues in Web 1.0 vs Web 2.0 applications. Examples of vulnerabilities in Web 2.0 like cross-site scripting and injection flaws are provided. The document then demonstrates how to use security tools to detect vulnerabilities in a sample Web 2.0 application. Lastly, it discusses strategies for developing securely and testing applications, along with lessons learned from security findings.
The Autobots engage in a battle with the Decepticons Starscream and Knock Out. Bumblebee tries his best but is unsuccessful in stopping them. Feeling like he let everyone down, he considers how he can repay the Autobots. Optimus informs them that Prowl is gone, but the Autobots plan to stop Soundwave from growing to full size and destroying them. They attack and consider using stasis to stop the Decepticons. One Autobot returns after seemingly dying, apologizing for the scare.
LibX 2.0 is an open source community platform for delivering library services. It provides a configuration management tool called the Edition Builder for creating customized versions of LibX called Editions. LibX 2.0 introduces a new plugin architecture using modules and a tuple space for communication between modules. This will allow librarians to create and share reusable modules to expand LibX's functionality and integrate new library services and web applications. The LibX team invites developers to help transition LibX to this new version and contribute to its open community.
This document outlines two assignments for a course on the science of the web.
The first assignment asks students to replicate Stanley Milgram's "Small World Experiment" on Facebook by attempting to connect to two target profiles via indirect friends.
The second assignment involves writing a Facebook application in PHP that analyzes a user's friend network by displaying metrics like the number of friends in relationships and measures of centrality.
This document provides an overview of JRuby, a Ruby implementation that runs on the Java Virtual Machine. It begins with an agenda that covers Ruby and JRuby basics, real-world JRuby applications including graphics, games, and web applications, and an opportunity for questions. It then introduces the JRuby developers and provides a brief Ruby tutorial covering classes, blocks, modules and more. Examples are given of JRuby being used for graphics, games, Rails web applications, and GUI programming. The presentation concludes by thanking the audience and providing links for more information.
The document provides instructions for scanning photos into Adobe Photoshop CS3 and editing them. It describes how to scan photos using an HP scanner, then edit photos by rotating, cropping, resizing, removing red eye, converting to black and white, adjusting contrast and color, removing blemishes. It also explains how to save the edited photos.
The document discusses techniques for multitasking in Perl, including forking and threading. It begins by explaining how forking allows creating child processes that run concurrently with the parent process. It then covers basic threading in Perl, noting that threads share the program state by default unless marked as shared, and that locks are needed to synchronize access to shared data. The document provides an example of using a thread queue to allow threads to communicate without directly accessing shared variables.
This document appears to be a weekly update from an intro to computer science course. It includes summaries of classmates' demographics, comfort levels, and prior experience. It also discusses time spent on problem sets and recommends upcoming courses in CS51 and CS61. Finally, it recommends reading on topics like TCP/IP, HTTP, XHTML, CSS, PHP, SQL and using bulletin boards, and includes images related to these topics.
This document discusses modifying sites created by PHP Site Assistant to optimize them for mobile devices. Key points include:
1. Create an alternate mobile.css stylesheet with reduced padding, margins, and font sizes.
2. Add <link> tags to .php pages to reference the mobile stylesheet for handheld browsers and an iPhone-specific stylesheet.
3. Set the iPhone viewport to 320px width.
4. Hide non-essential elements like headers from the mobile versions.
Making these changes allows a single site generated by PHP Site Assistant to effectively support both desktop and mobile browsers.
This document provides a lesson plan for teaching students about cascading style sheets (CSS) in Dreamweaver. The lesson will take one class period. Students will learn how CSS allows uniform formatting of web pages and makes updates easier. They will complete a Dreamweaver tutorial on CSS and learn about using pre-built page designs and CSS templates to format pages for their final projects more quickly. The lesson concludes with students beginning work on their project pages using Dreamweaver and CSS.
This document provides an overview of a full-day tutorial on HDF5 and netCDF-4. The tutorial will cover the HDF5 and netCDF-4 data models, programming interfaces, and optimization features. It will demonstrate how to use HDF5 for efficient data storage and I/O, including techniques like chunking, compression and parallel I/O. It will also show how netCDF-4 implements the netCDF data model using the HDF5 file format to provide scalable I/O. The tutorial is intended to help scientists and developers effectively use and optimize HDF5 and netCDF-4 for data management on high-performance computing systems.
This document introduces the Image Adjustment Lab in Corel PHOTO-PAINT, which allows adjusting colors, contrast, and creating effects in photographs. It provides a tutorial where a flower photo is adjusted to make colors more vibrant and detail clearer. First, temperature and tint are adjusted, then saturation, midtones, and highlights. This enhances the photo's quality. Effects like hand-tinting and posterizing are also demonstrated. The Image Adjustment Lab gives precise control over photo adjustments and effects.
El documento habla sobre el fútbol y cómo se ha convertido en el deporte más popular del mundo pero también sobre algunos de sus problemas como la corrupción y la violencia. También menciona brevemente el crecimiento del fútbol femenino.
This document provides an overview of the objectives, topics, and schedule for a course on Web Technologies and Languages (CS601). The course focuses on learning XHTML, CSS, JavaScript, PHP, and MySQL to create fully functional websites. Over 15 classes, students will learn about XHTML elements, CSS properties, JavaScript and PHP functions, arrays and objects, connecting to databases with PHP and MySQL, and building dynamic websites. Students are required to have introductory programming experience and bring a laptop to each class for in-class assignments. The course grade is based on homework, quizzes, a midterm, and final exam.
This document provides an overview and tutorial of the pfSense firewall software. It discusses the history and evolution of pfSense from earlier firewall projects. Key features of pfSense are highlighted such as its customized FreeBSD distribution tailored for firewall and routing use. Hardware requirements, popular hardware platforms, installation methods, and initial configuration steps are outlined. Advanced functions like VPN, NAT, firewall rules, aliases, and multi-WAN configurations are also summarized.
This document provides an overview and instructions for setting up the pfSense firewall software on Hacom hardware. It includes sections on introduction, setup and configuration, web administration, backup and restore, firmware updates, and maximum firewall states. The setup and configuration section describes connecting the firewall to the local network and internet, accessing the web-based administration interface, and going through an initial setup wizard to configure basic network and system settings.
This document summarizes a presentation on BSD firewalling options, m0n0wall, and pfSense. It provides an overview of packet filters available on BSD operating systems like FreeBSD, OpenBSD, NetBSD, and DragonFlyBSD. It also describes the mission and features of m0n0wall and pfSense, two open-source firewall and routing platforms based on FreeBSD. Key features discussed include packet filtering, traffic shaping, wireless support, high availability, and an integrated package system for extending functionality.
cFrame is an open source automated platform for mobile network performance testing in both real and simulated RF environments. It provides distributed test bed automation allowing for reuse of existing hardware and software resources. The document outlines cFrame's features, test configurations, integration with tools like iPerf, and provides examples of automated test scripts and sample test plans.
9.) audio video ethernet (avb cobra net dante)Jeff Green
Replacing a crossbar switch with ‘virtual’ IP packet switching - The ability to expand video-over-IP systems ‘one piece at a time’ and the decentralized nature of the matrix makes the technology very compelling for any size or scope of AV project.. AV-over-IP is the transport of AV signals over a standard Ethernet network, including…
HD Video (e.g. HDMI, DVI)
Audio
Control Signals (e.g. IR)
Peripheral Signals (e.g. USB)
Does Dante require special switches? No. We strongly recommend that Gigabit switches be used due to the clear advantages in performance and scalability.
Does Dante require a dedicated network infrastructure? No, a dedicated network infrastructure is not required. Dante-enabled devices can happily coexist with other equipment making use of the network, such as general purpose PCs sending and receiving email and other data.
Does Dante require any special network infrastructure? No, special network infrastructure is not required. Since Dante is based upon universally accepted networking standards, Dante-enabled devices can be connected using inexpensive off-the-shelf Ethernet switches and cabling.
What features are important when purchasing a switch? Dante makes use of standard Voice over IP (VoIP) Quality of Service (QoS) switch features, to prioritize clock sync and audio traffic over other network traffic. VoIP QoS features are available in a variety of inexpensive and enterprise Ethernet switches. Any switches with the following features should be appropriate for use with Dante:
Gigabit ports for inter-switch connections
Quality of Service (QoS) with 4 queues
Diffserv (DSCP) QoS, with strict priority
Totally new to AV over IT? This may help. If you have worked with any of the popular protocols, your time is better spent in other sessions. AV over IT methods vary in application of OSI model. Audio Networking - One RJ45 and CAT5 cable for dozens of signal paths. Switches can provide hardware time stamping which allows synchronization, offsets, and corrections. All covered in IEEE 1588.
Ethernet Timing & Priority Standards - All audio over Ethernet protocols require Priority, Sequence, & Sync
Differentiated Services / Quality of Service (DiffServ, QoS)
Priority by data type (Clock Sync and Audio Packets over Email)
Traffic prioritized based upon tags in IP Header (Layer 3)
Priority number assigned by manage switch to each packet
Real-time Transport Protocol (RTP)
Keeps data sequenced in the right order
Time stamp on UDP header
Works with RTCP (Real Time Control Protocol) for QoS and Sync
Variation: RTSP (Real Time Streaming Protocol) works on TCP and not UDP
Does not reserve resources or provide for quality of service
Precision Timing Protocol (PTP)
IEEE 1588
Sub-microsecond accuracy to synchronize subnets
Layer 2 - Switches provide hardware-based time stamping
The document discusses implementing a wireless mesh network using IEEE 802.11s at Sikkim Manipal Institute of Technology. It describes the benefits of mesh networks, different mesh network modes, and comparisons with other wireless technologies. It also outlines the hardware and software developed, including antennas, wireless routers, firmware, and traffic monitoring tools used to test and analyze the campus mesh network.
The document describes a wireless network system including small access points (APs), a small access controller (AC), and power over Ethernet (PoE) components. The HiAP-99 AP can support up to 3 SSIDs connecting to different VLANs. The AC provides centralized management of multiple APs, including configuration, monitoring, and firmware upgrades. Key features of the system include load balancing, seamless roaming, and quality of service controls.
This document provides an overview and product selection guide for QNAP Network Attached Storage (NAS) solutions. It begins with an introduction to QNAP including their company overview, achievements and worldwide presence. It then discusses trends in SMB storage including performance, high speed networking, SSDs and more. The document outlines several target applications that QNAP NAS solutions can address such as backup storage, video surveillance, video editing, virtualization storage, IoT and home theater. It concludes by presenting QNAP's product lineup including tower NAS models for SMB and enterprise customers with various processor, memory and networking options.
Routers forward data packets between networks while switches operate at the data link layer and forward packets within a local area network. Hubs simply broadcast all incoming data to all ports. The document provides answers to common CCNA interview questions about networking fundamentals like IP addressing, routing, switching, protocols and Cisco router components.
Audio video ethernet (avb cobra net dante)Jeff Green
AVB fits low-cost, small-form-factor products such as this microphone. The overall trend is that music no longer lives on shelves or in CD racks, but in hard drives in home computers, and increasingly in the cloud. This brings about its own unique problems, not in the encoding system used, or the storage technology, but in distributing the audio from the storage media to the speakers. AVB features are all enabled by a global and port level configuration. Connecting these elements is the AVB-enabled switch (in the graphic above, the Extreme Networks® Summit® X440.) The role of the switch is to provide support for the control protocols: AVB is Ethernet’s next stage of convergence, delivering pitch perfect audio and crystal clear video seamlessly over the network
IP/Ethernet is bringing simplicity and features to audio and video as it has brought to services like VoIP, Storage and many more
High quality, perfectly synchronized A/V until now has been difficult to maintain
Standards work by the IEEE and the AVB standard changes everything, creating interoperability and mass-marketing equipment pricing
Benefits of AVB - Delivers predictable latency and precise synchronization, maximizing the functionality of AV – time synchronization and quality or service
Reduced complexity and Ease of use through interoperability between devices
Streamlines complex network set-up and management, the Infrastructure negotiates and manages the network for optimal prioritized media transport
AV traffic can co-exist with non-AV traffic on same Ethernet infrastructure
Role based control at the XYZ Account - XYZ Account can identify devices and apply policies based on device type all the way down to the port and or the AP. Policies can dynamically change based on the device a user is connecting with and where that user is located. Extreme Networks provides infrastructure to deliver customizable prioritization and scalable capacity via configurable and built-in intelligence, ensuring a comprehensive, superior quality experience. Furthermore, when deployed with Extreme Wireless XYZ Account can configure the network to ensure applications receive the bandwidth they require, while still limiting or preventing high speed streaming of music of video or even games.
An experience is a personal and emotional event we remember. Every experience is established based upon pre-determined expectations we conceive and create in our minds. It’s personal, and therefore, remains a moving and evolving target in every scenario. When our experience concludes and the moment has passed, the outcome remains in our memory. Think about what makes you happy when connecting with your own device and then think about what makes you really upset when things are hard, complicated, and slow. If the user has a bad experience in anyone of these areas (simple, fast, and smart), they are likely to leave, share their negative experience, and potentially never return. Users might forget facts or details about their computing environment but they find it difficult to forgot the feeling behind a bad network experience. When something goes wrong with the network or an application, do you always get the blame?
If the number of spine switches were to be merely doubled, the effect of a single switch failure is halved. With 8 spine switches, the effect of a single switch failure only causes a 12% reduction in available bandwidth. So, in modern data centers, people build networks with anywhere from 4 to 32 spine switches. With a leaf-spine network, every server on the network is exactly the same distance away from all other servers – three port hops, to be precise. The benefit of this architecture is that you can just add more spines and leaves as you expand the cluster and you don't have to do any recabling. Intuition Systems will also get more predictable latency between the nodes.
As a trend, disaggregation seems to be most useful for very large companies like Facebook and Google, or cloud providers. The technology does not necessarily have significant implications for small or medium sized businesses. Historically, however, technology has a way of trickling down from the pioneering phases of existing only within large companies with tremendous resources, to becoming more standardized across the board.
Large venues like stadiums or concert halls are challenging environments for Wi-Fi deployments. Most of today’s phones and tablets carry Wi-Fi interfaces. A safe assumption is that at least one device per person in a stadium carry a Wi-Fi interface. Monetizing those Wi-Fi interfaces with real time information of the event in the venue, targeted advertising, internet access, multimedia and social applications can create new revenues to the owner of the venue, if executed properly.
NFV workloads pose challenges for IIAS providers. Learn how hardware performance enhancements (DPA&EPA) by Intel, integrated with virtualization providers, can be an NFV enabler, and how advanced orchestration by TOSCA and Cloudify can put the right VNF on the right hardware and coordinate complex deployments.
In this slides deck, we gonna look into Wireless penetration testing requirements like hardware & software, Various IEEE standards. and also deep dive into WEP, WPA, WPA2 & its Security threats & Security best practices.
Using a set of Network Critical Success Factors (NCSFs) - things network operators need to get right to run a good network - I then use them to evaluate IPv4 Network Address Translation.
I then look at the fundamental nature of IPv6 (and IPv4), and how it can better suite the two different application communications architectures - client-server and peer-to-peer.
Finally, I describe how some of the perceived benefits of NAT can be achieved with IPv6 without performing address translation.
This is an updated version of my AusNOG 2016 presentation on the same topic.
This document discusses the transformation of the telecommunications industry towards digital technologies and software-defined networks. It specifically focuses on software-defined wide area networks (SD-WAN) and how SD-WAN is driving the adoption of network functions virtualization infrastructure (NFVi) and universal customer premise equipment (uCPE). The document provides an overview of SD-WAN and uCPE deployment options, reference architectures, and Intel's product portfolio for enabling virtualized network functions on uCPE devices.
The document discusses ISP network design. It covers topics such as point of presence (PoP) topologies and modules, backbone design including routing protocols and link types, and placement of ISP services like DNS. For DNS, it recommends having a primary server in a secure location, secondary servers for redundancy in diverse locations, and caching servers in each PoP for fast lookups. The document provides examples of effective DNS deployment with secondary servers around the world.
This document provides an overview of storage technologies, including direct attached storage (DAS), network attached storage (NAS), iSCSI, and storage area networks (SAN). It defines key components like RAID controllers and host bus adapters, compares internal and external storage, and describes protocols like Fibre Channel and iSCSI. The benefits of SANs are consolidated storage and reduced costs. Fibre Channel is designed for high performance while iSCSI offers moderate performance at a lower cost.
The AirLive RS-1200 is a multi-function security gateway that offers firewall, VPN, bandwidth management, content filtering, and other network security functions in one device. It has two WAN ports for load balancing or redundancy, and supports features like VPN, QoS bandwidth control, policy-based firewall, and virtual servers. The RS-1200 provides these comprehensive security functions for small offices or homes while being easy to configure and manage.
At Microsoft’s annual developers conference, Microsoft Azure CTO Mark Russinovich disclosed major advances in Microsoft’s hyperscale deployment of Intel field programmable gate arrays (FPGAs). These advances have resulted in the industry’s fastest public cloud network, and new technology for acceleration of Deep Neural Networks (DNNs) that replicate “thinking” in a manner that’s conceptually similar to that of the human brain.
Watch the video: http://wp.me/p3RLHQ-gNu
Sign up for our insideHPC Newsletter: http://insidehpc.com/newsletter
This document provides a help and tutorial for TopStyle Pro version 3.11. It covers getting started with TopStyle, editing style sheets and HTML/XHTML, working with colors, previews, validation, site management, reports, mappings, customization, and third-party integration. It also includes appendices on CSS basics and tips, TopStyle tips and tricks, style sheet resources, keyboard shortcuts, and regular expressions.
TopStyle Help & <b>Tutorial</b>tutorialsruby
This document provides a table of contents for the TopStyle Pro Help & Tutorial, which teaches how to use the TopStyle software for editing style sheets and HTML/XHTML documents. It lists over 50 sections that provide explanations and instructions for features like creating and opening files, editing styles, working with colors, previews, validation, site management, reports and customizing the software. The document was created by Giampaolo Bellavite from the online help provided with TopStyle version 3.11.
The Art Institute of Atlanta IMD 210 Fundamentals of Scripting <b>...</b>tutorialsruby
This document provides the course outline for IMD 210 Fundamentals of Scripting Languages at The Art Institute of Atlanta during the Spring 2005 quarter. The course focuses on integrating programming concepts with interface design using scripting languages like JavaScript and CSS. It will cover topics like DOM, CSS layout, JavaScript variables, conditionals, and events. Students will complete 4 assignments including redesigning existing websites, and there will be weekly quizzes, a midterm, and final exam. The course is worth 4 credits and meets once a week for class and lab.
This document provides the course outline for IMD 210 Fundamentals of Scripting Languages at The Art Institute of Atlanta during the Spring 2005 quarter. The course focuses on integrating programming concepts with interface design using scripting languages like JavaScript and CSS. It will cover topics like DOM, CSS layout, JavaScript variables, conditionals, and events. Students will complete 4 assignments including redesigning existing websites, and there will be weekly quizzes, a midterm, and final exam. The course is worth 4 credits and meets once a week for class and lab.
The group aims to bridge gaps between peer-to-peer database architectures and scaling multimedia information retrieval. They develop a probabilistic multimedia database system with abstraction layers for applications and researchers. They also research challenges of peer-to-peer networks for distributed data management. Both lines are supported by the MonetDB platform to exploit custom hardware and adaptive query optimization. The goal is a modular solution linking theoretical optimal solutions to application demands under resource limitations.
Standardization and Knowledge Transfer – INS0tutorialsruby
The group aims to bridge gaps between peer-to-peer database architectures and scaling multimedia information retrieval. They develop a probabilistic multimedia database system with abstraction layers and a flexible model. They also research challenges of peer-to-peer networks for distributed data management. Both lines are supported by the MonetDB platform to exploit custom hardware and adaptive query optimization. The goal is a modular solution linking theoretical optimal solutions to application demands under resource limitations.
This document provides an introduction to converting HTML documents to XHTML, including the basic syntax changes needed like making all tags lowercase and closing all tags. It provides examples of correct XHTML markup for different tags. It also explains the new DOCTYPE declaration and shows a sample well-formed XHTML document incorporating all the discussed changes. Resources for learning more about XHTML are listed at the end.
This document provides an introduction to converting HTML documents to XHTML, including the basic syntax changes needed like making all tags lowercase and closing all tags. It provides examples of correct XHTML markup for different tags. It also explains the new DOCTYPE declaration and shows a sample well-formed XHTML document incorporating all the discussed changes. Resources for learning more about XHTML are listed at the end.
XHTML is a markup language that provides structure and semantics to web pages. It is based on XML and is more strict than HTML. XHTML pages must have a document type definition, html and head tags, and a body where the visible content goes. Common XHTML tags include paragraphs, lists, links, images, and divisions to logically separate content. While XHTML provides structure, CSS is used to style pages and control visual presentation by defining rules for tags. CSS rules are defined in external style sheets to keep presentation separate from structure and content.
XHTML is a markup language that provides structure and semantics to web pages. It is based on XML and is more strict than HTML. XHTML pages must have a document type definition, html and head tags, and a body where the visible content goes. Common XHTML tags include paragraphs, lists, links, images, and divisions to logically separate content. While XHTML provides structure, CSS is used to style pages and control visual presentation through rules that target specific XHTML elements.
This document discusses how to create and use external cascading style sheets (CSS) in Dreamweaver. It provides steps to:
1. Open the CSS Styles tab in Dreamweaver and create a new external CSS stylesheet using a sample text style.
2. Save the stylesheet and link it to a new HTML page to style elements like headings, text sizes, and boxes.
3. Edit existing styles by selecting a tag in the CSS Styles panel and modifying properties directly, or by clicking the tag and using the pencil icon to edit in a window. This allows customizing styles globally across all linked pages.
This document provides an overview of how to create and use cascading style sheets (CSS) in Dreamweaver. It describes the different types of style sheets, including external and internal style sheets. It outlines the steps to create an external style sheet in Dreamweaver using the CSS Styles panel and provides instructions for linking the external style sheet to an HTML page. The document demonstrates how to experiment with predefined styles and how to edit, add, and delete styles in the CSS stylesheet.
This document appears to be a weekly update from an intro to computer science course. It includes summaries of classmates' demographics, comfort levels, and prior experience. It also discusses time spent on problem sets and recommends upcoming courses in CS51 and CS61. Finally, it recommends reading on TCP/IP, HTTP, XHTML, CSS, PHP, SQL and using the bulletin board for questions.
The document discusses how to use Cascading Style Sheets (CSS) with Corvid Servlet Runtime templates to control formatting and layout. CSS allows separating design from content, making templates simpler and easier to maintain. It also enables adapting appearance for different devices. The document provides examples of using CSS classes to style template elements and explains how to set up a demo system using the included CSS and templates.
The document discusses how to use Cascading Style Sheets (CSS) with Corvid Servlet Runtime templates to control formatting and layout. CSS allows separating design from content, making templates simpler and easier to maintain. It also enables customization of appearance for different devices. The document provides examples of how to apply CSS classes and rules to Corvid template elements to control fonts, colors, positioning and more.
The document provides an introduction to CSS and how it works with HTML to control the presentation and styling of web page content. It explains basic CSS concepts like selectors, properties and values, and how CSS rules are used to target specific HTML elements and style them. Examples are given of common CSS properties and selectors and how they can be used to style elements and format the layout of web pages.
The document introduces CSS and how it works with HTML to separate content from presentation, allowing the styling of web pages through rules that target HTML elements. It explains CSS syntax and various selectors like type, class, ID, and descendant selectors. Examples are provided of how CSS can be used to style properties like color, font, padding, and layout of elements on a page.
Cascading Style Sheets (CSS) allow users to define how HTML elements are presented on a page. CSS enables changing the appearance and layout of an entire website by editing just one CSS file. CSS uses selectors to apply styles to HTML elements via properties and values. Styles can be defined internally in HTML or externally in CSS files. CSS can control text formatting, colors, spacing, positioning and more to achieve visual consistency across web pages.
Cascading Style Sheets (CSS) allow users to define how HTML elements are presented on a page. CSS enables changing the appearance and layout of an entire website by editing just one CSS file. CSS uses selectors to apply styles to HTML elements via properties and values. Styles can be defined internally in HTML or externally in CSS files. CSS can control text formatting, colors, spacing, positioning and more to achieve visual consistency across web pages.
This document provides instructions on using JavaScript to allow website visitors to select different cascading style sheets (CSS) and have their preference remembered via cookies. It discusses linking different types of style sheets, detecting browsers and objects, creating and reading cookies, and programming functions to get the current active style sheet and toggle between them when pages load and unload. Code snippets are provided to implement these functions to enable style sheet selection and remember the user's preference on future page visits.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...Jason Yip
The typical problem in product engineering is not bad strategy, so much as “no strategy”. This leads to confusion, lack of motivation, and incoherent action. The next time you look for a strategy and find an empty space, instead of waiting for it to be filled, I will show you how to fill it in yourself. If you’re wrong, it forces a correction. If you’re right, it helps create focus. I’ll share how I’ve approached this in the past, both what works and lessons for what didn’t work so well.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
AppSec PNW: Android and iOS Application Security with MobSF
66_pfSenseTutorial
1. pfSense Tutorial
BSDCan 2008
From zero to hero with pfSense
May 13, 2008
Chris Buechler <cmb@bsdperimeter.com>
Scott Ullrich <sullrich@bsdperimeter.com>
2. History of pfSense
Started as a work project 13 years ago when we needed a
internal firewall
Originally Linux, switched to FreeBSD 2.2
Evolution of this path shrunk the firewall down to a Soekris
size
Moatware was started
Met Chris Buechler during this time
Sell a number of products
Sales guy moves to Florida
Moatware fails
Chris and myself debate starting over fresh
pfSense is forked from m0n0wall roughly 4 years ago
Still going strong today
3. pfSense Overview
Customized FreeBSD distribution tailored for use as a
firewall and router.
pfSense has many base features and can be extended with
the package system including one touch installations of
popular 3rd party packages such as SpamD (spam filter)
and Squid (web caching).
Includes many features found in commercial products such
as Cisco PIX, Sonicwall, Watchguard, etc.
Many support avenues available, mailing lists, forum and
commercial support.
Has the best price on the planet.... Free!
5. pfSense Stable Versions
1.0 - October 4, 2006 *
1.0.1 - October 20, 2006 *
1.2 - RELENG_1_2 - February 25, 2008
Downloaded more than 500,000 times to date
* Not branched in CVS
6. pfSense Development Versions
Current Development Versions
1.3-ALPHA - RELENG_1
2.0-ALPHA-ALPHA-ALPHA - HEAD
Snapshots are built every two hours
available at http://snapshots.pfsense.org
Bonus for attendees - 1.3 snapshots available
7. Minimum Hardware Requirements
CPU - 100 MHz (500+ MHz for best experience)
RAM - 128 MB (256 MB or more is encouraged)
Platform Specific
Live CD
CD-ROM drive (currently USB CD-ROM devices are not supported)
USB flash drive or floppy drive to store configuration
Full Installation
CD-ROM for initial installation
1 GB hard drive
Embedded
128 MB CF
serial port for console
null modem cable
8. Popular hardware
NICs - Intel Pro/100 and Pro/1000
Embedded hardware
PC Engines WRAP and ALIX
Soekris
Nexcom
Hacom
Mini ITX
Most Dell servers work well
Many HP and Compaq servers work well
VMware - entire product line
9. Hardware Sizing Guidance
Throughput Considerations
Packets per second
Bandwidth required
10-20 Mbps - No less than 266 MHz CPU
21-50 Mbps - No less than 500 MHz CPU
51-200 Mbps - No less than 1.0 GHz CPU
201-500 Mbps - server class or newer desktop hardware
PCI-x or PCI-e network adapters
No less than 2.0 GHz CPU
501+ Mbps - server class hardware
PCI-x or PCI-e network adapters
No less than 3.0 GHz CPU
10. Hardware Sizing Guidance
Feature Considerations
VPN
Number of connections not much of a factor
Very CPU intensive
Throughput
4 Mb - 266 MHz
10 Mb - 500 MHz
11. Hardware Sizing Guidance
Feature Considerations
Large and busy Captive Portal deployments
Increased CPU requirements
Large state tables
1 KB per state RAM requirement
100,000 states = ~97 MB RAM
500,000 states = ~488 MB RAM
1,000,000 states = ~976 MB RAM
etc...
One million states!
21. Initial Configuration
Assigning network interfaces
Setting the LAN IP address
Browsing into the pfSense webConfigurator
Walk through the initial setup wizard
Setup firewall rules for LAN and WAN interfaces
Setup any additional NAT port forwards or 1:1 entries
Ensure FTP helper is working as needed
22. Firewall aliases
Allows grouping of multiple IPs, subnets or ports.
Can vastly simplify and reduce your rule sets.
Red input boxes are alias friendly.
25. Firewall Rules
Firewall rules are always evaluated on incoming traffic
(therefore rules have to go to the interface tha traffic is
initiated from)
If a connection was allowed (like a client at LAN requesting
a webpage from a server at WAN) it will create a state. The
reverse connection (the server at WAN sending the content
to the client at LAN) will then be allowed automatically (no
rule at interface WAN is needed).
Rules are always applied on a first match basis from top to
down.
26. Firewall Rules - Troubleshooting
Enable logging on rules
Check firewall log in Status -> System logs -> Firewall
Click action icon (block, pass, reject)
Source port is not the same as destination port
Diagnostics -> States offers additional information for
passed traffic especially in multi-WAN environments
WAN rules - NAT applies first
Use private IPs as destination
in NAT rules
27. NAT
Directions
Outbound
Internal network(s) to Internet
Inbound
Internet to internal network(s)
Default Configuration
Outbound
NAT to WAN IP (or to any OPT-Interface that has a
gateway set)
Inbound
Nothing permitted
28. NAT - Inbound
Simple port forwarding
1:1 NAT
Does not forward connections from the LAN -> WAN -> LAN
without enabling NAT Reflection
29. NAT - 1:1
Slightly different process than with other commercial products:
Create a VIP (only CARP IPs can be used by the firewall itself,
other VIPs can only be forwarded)
Create a 1:1 NAT mapping between the VIP and an internal host
Create firewall rules allowing traffic the the internal host address
Troubleshooting - ICMP doesn't work with PARP; 1:1 NAT won't
work with NAT-reflection
30. NAT - Outbound
Default configuration
NAT all traffic out WAN to WAN IP
NAT all traffic out OPT WANs to OPT WAN IP
Advanced Outbound NAT
Manual NAT rule creation
Static Port
Live demo
31. FTP Considerations
When using the FTP Helper and VIPs, the type must be set
to CARP.
FTP only works on primary WAN
The helper can be disabled if you wish to port forward TCP
port 21 and the TCP data port ranges that are setup in the
FTP server (or use 1:1 NAT). Don't forget to permit the
traffic with firewall rules!
32. Multi-WAN
Ability to use multiple Internet connections
Most are dual WAN
Multiple installs with 6 or more WANs
Why use multi-WAN?
Provide Internet redundancy
Aggregate bandwidth
33. Multi-WAN
Interface configuration
Policy routing overview
Load balancing caveats
Some applications do not work with load balancing (like
https, ftp, sip ... use failoverpools for these)
Do not use sticky connections (apparently broken)
Caveats: Services running on pfSense (like squid, DNS,
IPsec) can't make use of load balancing or policy based
routing. They will use the system's default gateway (you'll
need to add some static routes for DNS servers or IPsec-
endpoints on OPT WANs)
34. Multi-WAN - Choosing Connectivity
Check and price available service
Cable
DSL
Metro Ethernet
T1
Fixed wireless
etc...
Reliability
Disparate ISP networks
Cable path
39. Multi-WAN and 1:1 NAT
Each 1:1 NAT entry tied to specific WAN
Host can have multiple 1:1 entries, one per WAN
40. Multi-WAN Failover
Enables a secondary WAN link to be used in the event the
primary WAN goes offline.
Create a Gateway Pool for failover
Ensure that monitor IPs are nearby and reliably respond
to ICMP (not the physical link determines if a WAN is
down but the failure of the monitoring ping)
Add interfaces to the pool
Modify the default LAN rule to use the failover pool as the
gateway
Create static routes for WAN2 DNS Servers
41. Multi-WAN Load Balancing
Round robin equal distribution among selected WAN
interfaces
Not capable (yet) of unequal load distribution
Requires unique gateway IP for each WAN (adds static
routes behind the scenes for monitors to make the monitor
pings leave through the correct WAN)
Sticky connections not functional
42. Multi-WAN Load Balancing
Round robin equal distribution among selected WAN
interfaces
Not capable (yet) of unequal load distribution
Requires unique gateway IP for each WAN
Create a Load Balancer Pool of type "Load Balancing"
Ensure monitor IPs are nearby and respond reliably to
ICMP
Add interfaces to the pool
Modify the default LAN rule to use the load balancer pool as
the gateway
Create policy-based routes for WAN2 DNS Servers and non-
balanced applications
43. VPN Capabilities
IPsec (with filtering support)
PPTP (with filtering support)
OpenVPN (filtering available in 1.3)
L2TP might appear in 1.3
44. VPN Uses
Remote Access
IPsec
PPTP
OpenVPN
Site to site connectivity
IPsec
OpenVPN
45. IPsec
Site to site
Variable configuration options between vendor
implementations, sometimes a square is actually a circle
Always double and triple check configurations on both
sides of the tunnel
46. IPsec Site to Site Static IP
Static public IPs on both ends
At each endpoint, create a tunnel on the interface which
sees the traffic (typically WAN)
Do not duplicate remote subnets
Ensure that Phase 1 and Phase 2 options match on both
tunnels _exactly_
Create firewallrules to allow traffic in coming from the tunnel
(firewall -> rules, ipsec)
47. IPsec Site to Site Dynamic IP
Static IP on one end, dynamic on the other
Make the endpoint with the static IP to allow mobile clients
(vpn -> ipsec, mobile clients)
Add identifiers to be used by the dynamic remote system
(vpn>ipsec, preshared keys)
On the dynamic endpoint system setup a static tunnel (vpn -
> ipsec, tunnels). Use the same parameters as the static
end on the mobile clients tab. Use the preshared key that
you generated as identifier and secret.
Hint: tunnel to tunnel routing works if you use a subnetmask
with all remote subnets of dynamic endpoints at the static
endpoint
48. OpenVPN
Open source SSL VPN solution
less problematic behind NAT (other then PPTP or IPSEC)
Cross platform client support
Windows 2000, XP, 2003, Vista, 2008
Mac OS X
FreeBSD
NetBSD
OpenBSD
Linux
Windows Mobile (Pocket PC) - alpha
49. OpenVPN Certificate Generation
Keys must be generated on another system with 1.2
1.3 already includes all certificate management in the web
interface)
Organizations with existing PKI should use it
Quick and easy way - easyrsa included with OpenVPN
50. PPTP Considerations
Currently more than one client behind pfSense cannot
connect to the same PPTP server at the same time
GRE state is not kept by PF which can cause strange
behavior when PPTP server is enabled for clients behind
pfSense
we'll hopefully have a fix for this in 1.3
51. PPPoE Server
Point to Point Protocol over Ethernet
Layer 2 protocol using PPP
Creates one to one network link with server
RADIUS authentication
Common usages
Internet Service Providers
Locked down wireless deployments
Anywhere layer 2 authentication is
desirable
52. Traffic Shaper - what it is and isn't
Current implementation in 1.2 is very limited
Only suitable for two interface deployments - LAN and WAN
No IPsec shaping
Shaping at layers 3 and 4
No deep packet inspection
No application layer shaping
53. Traffic Shaper
Always start with the EZ Shaper Wizard
Penalty Box may be IPs or an alias
Ensure all VOIP-participants and server IP addresses
belong to an alias
P2P Catch-all which puts any unclassified traffic into the
P2P queue.
Editing shaper rules
IP TOS and TCP Flags are used to determine match, not
re-written
54. Routing
Disabling NAT
Routing Protocols
BGP (available in packages)
RIP (v1 and v2)
55. Server Load Balancing
Load balance traffic across multiple servers
Configure a server pool
Assign a virtual server address
Create firewall rules allowing traffic to server pool
Support for multiple load balanced virtual servers - combine
load balanced HTTP, SMTP and DNS services all in one
box
Real F5 not included. Sorry guys.
56. Captive Portal
Commonly known as "hotspot". The user's web access will be
redirected to an authentication page. Unless he is
authenticated all traffic from his Client will be blocked.
CP pages/elements can be hosted on pfSense itself
CP pages can be PHP as well
Built-in User manager or RADIUS-Support
RADIUS-Accounting support
Passthrough IP-/MAC-adress support
Caveats: Can't be used with Multiwan or Schedules;
"Reauthenticate users every minute" option won't work for very
large installs (many concurrent logged in users)
57. Wireless
Common Deployments
Access Point
Wireless WAN
Site to site connections
Caveats: A WLAN interface can only be bridged when in
access point mode. Site to site connections have to be routed
and multi-point bridges are not possible.
59. Hardware Redundancy - Overview
CARP is used to provide high availability of service across multiple
devices
CARP Misnomers - CARP does not provide configuration
synchronization of pf-state synchronization
pfSense CARP clusters require a minimum of 3 static addresses
per network segment within the same subnet until CARPdev
VRRP traffic conflicts - ensure unique VHIDs
Not all multicast is equal in the eyes of switch makers
61. CARP VIPs
Must be within the same subnet range as the interface they
are attached to
Issues with the current FreeBSD implementation
pfSense webGUI defends against this
VHID groups must be unique for each CARP VIP or VRRP
address
Advertising frequency ( >0 for backup devices )
62. pfsync and XMLRPC
PFSync is used to synchronize firewall states between
multiple machines participating in a high-availability
configuration such as a CARP cluster (stateful failover or
"seamless" failover)
XMLRPC is used to mirror pfSense configurations across
multiple pfSense installations participating in a CARP
cluster
63. DHCP Server
Standard ISC DHCP daemon supports typical DHCP options
Features:
Deny unknown clients
Dynamic DNS configuration with dynamic DHCP client
registration
DHCP Failover
PXE boot server options
64. DHCP Relay
Relay DHCP requests to DHCP server on another interface
Append circuit ID and agent ID to requests
Allows for the proxying of requests to a DHCP server used
on the WAN subnet
65. DNS Forwarder
Caching DNS service
Works with DHCP to register and provide DNS to dynamic
clients
Option to add custom host or domain mappings
Can be sometimes abused to override name resolution for
unwanted domains
66. Content Filtering "Trick"
OpenDNS Setup
Sign up for free OpenDNS account
Add your network
Configure category restrictions
pfSense Setup
Permit outbound TCP/UDP port 53 only to:
208.67.222.222
208.67.220.220
Configure above two DNS servers on pfSense
67. Dynamic DNS
pfSense can act as a Dynamic DNS client for a number of Dynamic
DNS services including:
DynDNS
DyNS
EasyDNS
ODS
DHS
no-ip
Zone edit
You must configure a DNS server in System: General setup or allow
the DNS server list to be overridden by DHCP/PPP on WAN for
dynamic DNS updates to work.
68. SNMP
SNMP daemon for integrating with existing monitoring
systems. Useful for applications like:
Cacti
Zabbix
Nagios
MRTG
monomon (Windows)
AirPort Flow Monitor (OSX)
69. UPnP
pfSense includes a UPnP daemon for supporting applications
like:
IM (MSN Messenger)
Some streaming audio/video applications
P2P clients
Xbox live
IRC Clients
70. UPnP
Caveats:
Only uses one WAN at a time
Dynamically generated rules won't obey traffic shaper
config
Inherently risky and flawed protocol
restrict
71. Wake on LAN
pfSense allows the administrator to store MAC addresses of
WOL-supported computers and may wake up one or all
machines upon mouse click.
Easy way to become more "green" friendly
72. Backing up and restoring config.xml
All pfSense configuration data and pfSense 3rd party package
data is saved in config.xml. It is quite easy to backup this
configuration file and restore it (even configuration sections).
To backup pfSense visit Diagnostics -> Backup /
restore. Click download configuration.
To restore a pfSense config.xml backup visit Diagnostics ->
Backup / restore. Click browse, locate the config.xml
backup on your local hard disk / network and then click
Restore configuration.
73. Virtualization and pfSense
Known Working Hypervisors
VMware
Entire product line - ESX, Server, Player, Workstation,
Fusion
Parallels
Microsoft Virtual PC and Virtual Server
Sort of...
just like it "sort of..." works for everything
VirtualBox
74. Virtualization and pfSense
Uses
Perimeter firewall
Not necessarily a good idea
Segregating virtual networks from physical
Routing between virtual networks
75. VMware and pfSense
Installer tweaks
Use VMware tools
Use e1000 or vmxnet network adapters
VMware support
Possibly limited
76. Packages
Packages extend the capabilities of a pfSense install by
allowing users to install relevant software. Many of these
packages are still under development and testing. Packages
include:
Squid - HTTP Cache
TinyDNS - DNS server
SpamD - Spam deferral daemon
Siproxy - SIP proxy daemon
Snort - Network intrusion detection daemon
Zabbix Agent - Agent for system monitoring
77. DNS Server package (tinydns)
It works for Lycos. It works for citysearch.com. It works for pobox.com.
It works for 1.85 million more .com's. It works for several of the
Internet's largest domain-hosting companies: directNIC,
MyDomain/NamesDirect, Interland, Dotster, Easyspace, Namezero,
Netfirms, and Rackspace Managed Hosting. It'll work for you too.
Features
Fully authoritative domain name server
Does not allow zone transfers by default
Failover support (using ping) provided by pfSense
Helps allow for 5.9's when using multiple ISPs
78. SPAMD
spamd is a fake sendmail(8)-like daemon which rejects false
mail. It is designed to be very efficient so that it does not slow
down the receiving machine.
Features
Greylisting - Temporarily fails a new connection. Well
behaved MTAs will wait and resend the message again.
Whitelists - Hosts that will bypass the greylist process.
Blacklists - Hosts that will be blocked out right.
79. SPAMD
RBL Support - be aware of RBL TOS and licenses, many
charge for commercial use
Stutter text - slows down the session to 300 baud like
speeds
Supports multiple SMTP servers behind pfSense
80. Editing config.xml
Config.xml is the main storage location for all of pfSense and it's
installed packages configuration settings.
Editing the file can be accomplished via three different ways:
Via the webConfigurator
Via the console
Via a remote console (SSH)
To enable SSH, visit System -> Advanced -> Enable Secure Shell
Good idea to rm /tmp/config.cache after changes to clear out the config
cache ... Diagnostics -> Edit file does this for you automatically.
84. Introduction to pfSense 1.3
FreeBSD 7.x base (currently 7.0 - RELENG_7_0)
PHP 5
Dashboard in base (available as package in 1.2)
Improved routing and gateway support
User manager with integration for Active Directory, Novell
eDirectory and OpenLDAP
IPsec Dynamic DNS support
Includes latest verson of OpenBSD PF
FreeBSD IP alias VIP support
85. Introduction to pfSense 1.3
OpenVPN improvements
OpenVPN 2.1
Vista support
Integrated user and certificate management
Traffic filtering
User grouping for firewall rules
Client installer package generation
86. Introduction to pfSense 1.3
Traffic shaper rewritten
Multiple interface capable (multi-WAN and multiple
internal networks)
Multiple wizards for various configuration scenarios
IPsec shaping now possible
DiffServ support
Live Demo
87. pfSense Developer Summit
First three pfSense developers in attendance here. More than
10 years combined dedication to the project.
Chris and Scott - September 2004
pfSense name chosen, launched - November 2004
Bill Marquette - February 2005
Getting together all week to work on pfSense
88. Commercial Offerings
On an hourly basis
Support
Network design
Configuration review
Vulnerability assessment
Hourly or project basis
Development
Hourly or project basis
Nearly all new 1.3 features are the result of sponsored
development
Helps support the project!
www.bsdperimeter.com
89. Questions, additional demos, etc.
At this point we would like to open the floor for questions and or
give you additional demonstrations of your choosing.
90. Feedback
Should be able to submit at bsdcan.org post-conference
Can email us - coreteam@pfsense.org