Stonesoft News
(3 votes, average: 4.33 out of 5)
Loading ...Log browsing and filtering is one of the most frequent administrators’ tasks. That’s why we continuosly try to improve the workflows related to logs. In SMC 5.2 there are a few nice shortcuts that you can utilize when filtering the logs:
(7 votes, average: 5.00 out of 5) Loading ...
We have noticed that a lot of StoneGate administrators are constantly inquiring the country, city, organization information from these web portals:
In order to save administrator’s time, StoneGate 5.2 has now integrated whois action. You can right-click any IP address in logs, statistics or reports. The results of whois query are displayed in a separate info dialog.
(2 votes, average: 3.50 out of 5) Loading ...It is not uncommon to wait for an ISP to lease sufficient number of addresses on the link until you are able to install a cluster which by default requires at least 3 addresses: 1- CVI, 2 – for each NDI for every node of the cluster (considering a simple cluster of two elements – to imagine a scenario with more nodes just add the corresponding number of NDI addresses).
Thus, for the cluster to work normally at least /29 mask on the link is needed.
Whereas most of the time ISPs provide only /30 mask by default. Luckily StoneSofft cluster technology allows clustering in that situation too.
To build a cluster one has to:
1) create a cluster element;
2) add a CVI for the external interface and uncheck the NDI checkbox;
After that the firewall will be up and successfully running even with VPN configuration.
BUT there are some subtle issues:
1) management should be, of course, at one of the internal interfaces,
2) static ARP entries should be made on external interfaces (which do not have an NDI) for the neighboring router IP address;
3) pings/traceroutes and other throubleshooting utilities will be unavailable through the external interface as those imply using the interface addresses which we are lacking in this situation.
Recent Comments