How to secure your small business with a PIX firewall

Written by Ron Jones


Continued from page 1

pixfirewall(config)# interface ethernet0 100full pixfirewall(config)# lnterface ethernet1 100full

Now to assign an address torepparttar inside and outside interfaces;repparttar 133481 ip address command setsrepparttar 133482 ip address of an interface. The syntax is as follows: Ip address

An example might be as follows: Ip address outside pixfirewall(config)# ip address outside 12.25.241.2 255.255.255.252 (this IP address, netmask combination should not be used, it is shown here for example only. Userepparttar 133483 IP address/mask given to you by your ISP).

Thenrepparttar 133484 inside IP address ip address inside pixfirewall(config)# Ip address inside 192.168.0.1 255.255.255.0

A brief word about IP addressing is in order here.

One way that is used to conserve public IP addresses is throughrepparttar 133485 use of non-routable IP addressing blocks specified in RFC 1597. You may sometimes hear them referred to as “private” IP addresses, which is fine, but not quite technically accurate. There are three different blocks to choose from: 10.0.0.0 – 10.255.255.255 with a netmask of 255.0.0.0 172.16.0.0 – 172.31.255.255 with a netmask of 255.255.0.0 192.168.0.0 – 192.168.255.255 with a netmask of 255.255.255.0

as long as your internal network's IP addresses are all within one of those blocks of address space, you will not need to introducerepparttar 133486 complexity of routing within your LAN. An example scheme for those who are not familiar is shown below: PIX – 192.168.0.1 netmask 255.255.255.0 File/DHCP server – 192.168.0.2 netmask 255.255.255.0 Workstations – 192.168.0.10 – 192.168.0.254 netmask (each) 255.255.255.0 * I intentionally skipped overrepparttar 133487 192.168.0.3-9 addresses to plan for future expansion andrepparttar 133488 possible need for additional servers, you don't have to do this. * Configure your DHCP server to hand out addresses inrepparttar 133489 specified block using your ISP-provided DNS servers for name resolution. Make sure to change this should you ever decide to install a name server within your own network. * If you don't want to set up a DHCP server, just configure each PC withrepparttar 133490 IP address, default gateway, netmask & DNS servers

It is very important now to add a default route torepparttar 133491 PIX configuration. Another term for default route isrepparttar 133492 “default gateway.” You need to tellrepparttar 133493 PIX that if it receives traffic destined for a network that isn’t directly connected, it should send it torepparttar 133494 connected ISP router. Your ISP should have given yourepparttar 133495 IP address of your default gateway when you received your setup information.

Here isrepparttar 133496 syntax: Route The English translation is “if packets destined for interface onrepparttar 133497 network specified by network address are bounded by mask then route it via a next hop at repparttar 133498 optional command is used to give an indication of distance.

For example pixfirewall(config)# Route outside 0 0 <12.25.241.1> 1 (if packets are destined outsiderepparttar 133499 network to any ip address with any netmask, send them throughrepparttar 133500 ISPs default gateway, which is one hop away, meaning it isrepparttar 133501 device to whichrepparttar 133502 PIX is connected onrepparttar 133503 outside interface).

To password protect your PIX in order to prevent unauthorized access, use something that is secure and hard to guess. Try to stay away fromrepparttar 133504 names of spouses, children, pets, birthdays or other easily guessed variable. Whenever possible, use a combination of letters and numbers. The syntax is as follows (but please don’t use cisco as your actual password) pixfirewall(config)# Passwd cisco (noterepparttar 133505 abbreviated spelling ofrepparttar 133506 word password) this will set a password for basic access (rembemberrepparttar 133507 pixfirewall> prompt?) pixfirewall(config)# Enable password cisco this will setrepparttar 133508 password for administrative access

Now that your PIX has been given a basic configuration, you should be able to accessrepparttar 133509 internet, while preventing unauthorized access to your resources.

Ron Jones is the Founder and President of The Fulcrum Technology Group, Inc. Located just North of Atlanta, this consulting firm specializes in business technology solutions that will enable you to maintain a competitive advantage by increasing productivity, improving reliability and reducing expenses.


Coping with a Serious Data Loss from your Computer Hard Drive

Written by Darryl Peddle


Continued from page 1

Data recovery specialists are innovative problem solvers. Often,repparttar application of basic common sense, when no-one else is in any condition to apply it, isrepparttar 133480 beginning ofrepparttar 133481 journey towards data recovery. The data recovery specialist draws on a wealth of experience, married to a "never say die" attitude, and a comprehensive tool kit of problem-solving procedures. Successful recovery outcomes hinge on a combination of innovative logistics, applied problem-solving, and "technology triage,"repparttar 133482 process of stabilizing an affected system quickly, analyzing and treating its wounds, and preparing it for surgery. The triage process sets priorities, such as targeting which files are needed first or which are absolutely vital torepparttar 133483 functioning ofrepparttar 133484 business, and establishes whether files might be recovered in less structured formats (such as text-only), which may be desirable when time is crucial.

The art and science of professional data recovery can spellrepparttar 133485 difference between a business' success or its failure. Before that level of intervention is required, though, users can take steps to ensure thatrepparttar 133486 probability of a data loss disaster is minimized.

Basic to any business technology plan is a regular fire-drill procedure. Back-up routines may be in place, staff may assigned to specific roles, hardware and software may be configured - but, ifrepparttar 133487 user isn't completely sure that everything worksrepparttar 133488 way it should, a data loss event is inevitable. Having adequate, tested, and current backups in place is critical. A hardware breakdown should not be compounded by human error - ifrepparttar 133489 malfunctioning drive is critical,repparttar 133490 task of dealing with it should go to a data recovery professional.

Just as data loss disasters are rooted in a combination of mechanical failure and human error, so, too,repparttar 133491 data recovery solution lies in a creative marriage ofrepparttar 133492 technological andrepparttar 133493 human. The underlying philosophy of successful data recovery is that technology is something to be used by human beings, not something that uses us.

Name: Darryl Peddle Company: CBL Technologies, Canada Author description: Darryl Peddle is an Internet Marketing Specialist with CBL Technologies, one of the largest data recovery specialists in the world. Website: http://www.cbltech.com




    <Back to Page 1
 
ImproveHomeLife.com © 2005
Terms of Use