How to secure your small business with a PIX firewall

Written by Ron Jones

One ofrepparttar more popular firewall products forrepparttar 133481 small business market isrepparttar 133482 Cisco PIX 501. Out ofrepparttar 133483 box it requires just a few configuration entries and you are up and running.

In this guide, we will walk throughrepparttar 133484 steps for configuring your brand new pix atrepparttar 133485 network edge.

This guide is written forrepparttar 133486 user who has no knowledge ofrepparttar 133487 PIX firewall. As such, it is not a treatise on network security, but a quick, by-the numbers guide to configuring a PIX firewall with as little jargon as possible.

We are assuming that you have an internet connection with at least one static IP address. Whilerepparttar 133488 PIX can easily handle a dynamic IP address (that isrepparttar 133489 default configuration), you won’t be able to easily configure remote access, VPNs, Mail, or web servers without a static IP address.

Your PIX should have come with an AC adapter, a yellow CAT 5 cable, an orange CAT5 cable and a flat, (typically) baby blue cable with a 9-pin serial connector on one end and an RJ-45 plug onrepparttar 133490 other.

The yellow CAT5 cable is a standard Ethernet cable and is used to connect your pc or server torepparttar 133491 4-port Ethernet switch built intorepparttar 133492 PIX.

The Orange CAT5 cable is a cross-over cable and may be required to connectrepparttar 133493 outside interface ofrepparttar 133494 PIX to your ISP’s router (if your PC’s or workstations are plugged into a Cisco switch insiderepparttar 133495 network, you will also require a cross-over cable for connecting to one ofrepparttar 133496 switch ports onrepparttar 133497 PIX).

What we are going to use for our configuration isrepparttar 133498 baby blue rollover cable. Insertrepparttar 133499 serial jack into one ofrepparttar 133500 serial ports onrepparttar 133501 back ofrepparttar 133502 PC or laptop you will be using to configurerepparttar 133503 PIX. Then, insertrepparttar 133504 RJ-45 plug intorepparttar 133505 port onrepparttar 133506 back ofrepparttar 133507 PIX labeled “console.”

Windows has a built in application that is used for (among other things) configuring serial devices. Usingrepparttar 133508 start menu, go to Start > Programs > Accessories > Communications > Hyper Terminal.

Chooserepparttar 133509 Hyper Terminal application. You may get a dialog box asking if you’d like to make Hyper Terminal your default telnet application. Unless you have a preference, go ahead and choose yes.

Then you will be asked forrepparttar 133510 area code from which you are dialing, although it isn’t applicable here,repparttar 133511 program still wants to know, so fill it in and click ‘next’ or ‘ok.’

You can callrepparttar 133512 connection anything you’d like; in this example we’ll use PIX. Click ‘ok’ to move on.

Next, we’ll be asked to enterrepparttar 133513 details forrepparttar 133514 phone number we’d like to dial. Since we aren't dialing a phone number, userepparttar 133515 drop-down selector atrepparttar 133516 bottom ofrepparttar 133517 box to choose COM1 or COM2 (whichever is applicable). If you have no idea which one is which, you may need to try it both ways.

Now, you will be expected to tellrepparttar 133518 application some specifics aboutrepparttar 133519 port settings so that it can effectively communicate withrepparttar 133520 PIX.

Luckily, it isn’t too complex, just remember 9600, 8, none, and 1. Enter these settings intorepparttar 133521 drop down selectors ofrepparttar 133522 box on your screen.

Now we are ready to set uprepparttar 133523 PIX. Insertrepparttar 133524 power cable and you will be greeted withrepparttar 133525 startup monologue (it’s not a dialog in this case, it’s just informing you of what is occurring).

Then, you will be greeted with a screen that asks if you’d like to programrepparttar 133526 PIX using interactive prompts. Forrepparttar 133527 purpose of this exercise, type no and click ‘enter’.

You will now get a prompt that looks like this: pixfirewall> Typerepparttar 133528 word ‘enable’ (no quotes), when prompted forrepparttar 133529 password, just click ‘enter’ asrepparttar 133530 default is no password.

The prompt has changed to a hash mark: Pixfirewall# Typerepparttar 133531 phrase ‘configure terminal’ (no quotes); you are tellingrepparttar 133532 PIX that you want to enterrepparttar 133533 global configuration mode and you will be doing your configuration viarepparttar 133534 terminal window.

Your prompt will now look like this: pixfirewall(config)#

The first thing we want to do is give your pix a host name. The PIX command syntax is: Variable name

Thus, to setrepparttar 133535 hostname we will enter: pixfirewall(config)# hostname mypix

Now,repparttar 133536 domain name; it’s alright if you don’t have a domain set up on your network, you can call it whatever you like. However, give some thought to whether a domain might be a possibility at some point and plan your naming scheme appropriately. pixfirewall(config)# domain-name

As you can see fromrepparttar 133537 configuration above,repparttar 133538 ethernet0 interface isrepparttar 133539 outside interface, with a security setting of 0, while ethernet1 isrepparttar 133540 inside interface with a security setting of 100. Additionally, you can see thatrepparttar 133541 interfaces are shutdown. All we need do to bring them up is enterrepparttar 133542 speed at which they should operate. As they are Ethernet interfaces, any software version after 6.3(3) will take 100full, prior to that, use 10full.

Coping with a Serious Data Loss from your Computer Hard Drive

Written by Darryl Peddle

Data loss is an expensive reality. It's a hard fact that it happens more often then users like to admit. A recent study byrepparttar accounting firm McGladrey and Pullen estimates that one out of every 500 data centers will experience a severe computer disaster this year. As a result, almost half of those companies will go out of business. Atrepparttar 133480 very least, a data loss disaster can mean lost income and missed business opportunities.

The other side of data loss isrepparttar 133481 psychological and emotional turmoil it can cause to IT managers and business owners. Despair, panic, andrepparttar 133482 knowledge thatrepparttar 133483 whole organization might be at risk are involved. In a sense, that's only fair, since human error is one ofrepparttar 133484 two largest contributing factors in data loss. Together with mechanical failure, it accounts for almost 75 per cent of all incidents. (Software corruption, computer viruses and physical disasters such as fire and water damage make uprepparttar 133485 rest.)

Disk drives today are typically reliable. Human beings, it turns out, are not. A Strategic Research Corp. study done in 2000 found that approximately 15 per cent of all unplanned downtime occurred due to human error. A significant proportion of that happened because users failed to implement adequate backup procedures, either having trouble with their backups, or having no backup at all.

How does it happen that skilled, high-level users put their systems - and their businesses - at such risk?

In many cases,repparttar 133486 problem starts long beforerepparttar 133487 precipitating system error is made, that is, when users place their faith in out-of-box solutions that may not, in fact, fit their organization's needs. Instead of assessing their business and technology requirements, then going to an appropriate engineered solution, even experienced IT professionals at large corporations will often simply buy what they're sold. In this case, faith in technology can be an vice instead of a virtue.

But human intervention itself can sometimes berepparttar 133488 straw that breaksrepparttar 133489 technology's back. Whenrepparttar 133490 office of a Venezuelan civil engineering firm was devastated by floods, its owners sent 17 soaked, mud-coated disks from three RAID arrays to us in plastic bags. A tough enough salvage job was made even more complex byrepparttar 133491 fact that someone had frozenrepparttar 133492 drives before shipping them. Asrepparttar 133493 disks thawed, yet more damage was done. (After eight weeks of painstaking directory-by-directory recovery, allrepparttar 133494 data fromrepparttar 133495 remaining fifteen disks was retrieved.)

Sometimes,repparttar 133496 underlying cause of a data loss event is simply shoddy housekeeping. The more arduousrepparttar 133497 required backup routine,repparttar 133498 less likely it will be done on a regular basis. A state ambulance monitoring system suffered a serious disk failure, only to discover that its automated backup hadn't run for fourteen months. A tape had jammed inrepparttar 133499 drive, but no-one had noticed.

When disaster strikes,repparttar 133500 normal human reaction is panic. Becauserepparttar 133501 loss of data signifies critical consequences, evenrepparttar 133502 most competent IT staff can jump to conclusions, and take inappropriate action. A blank screen at a critical time can lead to a series of naive decisions, each one compoundingrepparttar 133503 preceding error. Wrong buttons get pushed, andrepparttar 133504 disaster only gets worse. Sometimesrepparttar 133505 pressure to correctrepparttar 133506 system failure speedily can result in an attempt to reconfigure an entire RAID array. IT specialists are typically not equipped to deal with crisis modes or data recovery techniques. Just as a good physician is trained to prolong life,repparttar 133507 skilled IT specialist is trained to keeprepparttar 133508 system running. When a patient dies,repparttar 133509 physician turns to others, such as nurses or counselors to managerepparttar 133510 situation. When significant data loss occurs,repparttar 133511 IT specialist turns torepparttar 133512 data recovery professional.

Cont'd on page 2 ==> © 2005
Terms of Use