Pages

Senin, 30 April 2012

Wordpress security tweaks to keep in mind

Takeaway: Wordpress has powerful default security measures already in place, but it doesn’t hurt to enhance that security with tweaks that will make it even harder for hackers and bots from accessing your site and website files.

Web security has always been a hot topic. Popular CMS and blogging platforms like Wordpress have powerful default security measures already in place. However, it doesn’t hurt to enhance that security with your very own tweaks that will make it even harder for hackers and bots from accessing your site and website files. If you have a Wordpress-powered blog or site, then dive in and check out these ready-to-implement enhancements.

Use SSL

SSL allows you to securely transact over the internet. If you run a Wordpress-powered e-commerce site, using SSL ensures that all your data is encrypted during transfer, making it impossible to read it if it is intercepted.  To force Wordpress to use SSL, ensure that your hosting server is SSL-enabled. After confirming that it can handle SSL, navigate to the root of your Wordpress installation and open the wp-admin directory. Open the wp-config.php file and add the following code:

Define (‘FORCE_SSL_ADMIN', true);
 
The above code defines the FORCE_SSL_ADMIN constant and sets it to always TRUE so that users, by default, are always using the secure SSL connection when accessing your site.

Protect using .htaccess

.htaccess files are powerful configuration files that can be used to control many aspects of your web server. You can make page redirects, password-protect your directories and subdirectories and perform a bunch of other security enhancements. In this case, we want to use .htaccess to restrict access to our Wordpress files. One of these files is the wp-config.php file, which contains the site’s database information like usernames, passwords and so on. Ensure that you create a backup of the .htaccess file before continuing. Once you do that, open the file and add the following code:

<files wp-config.php>
 
Order allow, deny
 
Deny from all
 
</files>
 
The above code ensures that no bots can change your Wordpress configuration file by preventing access to it.
You can also configure .htaccess to prevent other sites from hot-linking to your content, especially your images. Hot-linking consumes your server’s bandwidth which is something you don’t want happening especially if you have a limited bandwidth subscription. To prevent content scrapers from hot-linking, add the code below to your .htaccess file:

RewriteEngine On
 
#Replace ?mysite\.com/ your blog url goes here
 
RewriteCond %{HTTP_REFERER} !^http://(.+\.) ?mysite\.com/ [NC]
 
RewriteCond %{HTTP_REFERER} !^$
 
#Replace /images/nohotlink.jpg with your "don't hotlink" image url
 
RewriteRule .*\.(jpe?g|gif|bmp|png)$  /images/nohotlink.jpg [L]
 
Once you save the file, websites that try to link to your images will display the ‘nohotlink.jpg image file. You can even change the nohotlink.jpg file to display something else, say an image with your website address.

Hide your Admin login

When you are logged in as the admin of your Wordpress website, anything you do such as posting and commenting will be displayed as “By Admin” on your posts and pages. This alerts hackers and other malicious people that your admin account is still in existent and there lies the possibility of brute force attacks on your site. To remove your admin account, navigate to your Wordpress editor and paste the code below to the functions.php file:

Function remove_comment_author_class ($classes) {
 
Foreach ($classes as $key => $class){
 
If (strstr ($class, "comment-author-")) {
 
Unset ($classes [$key]);
 
}
 
}
 
Return $classes;
 
}
 
Add_filter (‘comment-class', ‘remove_comment_author_class');

Hide error messages

Hackers can also identify your site vulnerabilities by simply reading error messages when something goes wrong with your Wordpress site. To remove these error messages, add the following code to your functions.php file:

add_filter('login_errors',create_function('$a', "return null;"));
 
The above tweaks can be implemented immediately with immediate benefits to your Wordpress-powered website.

Should SMBs upgrade to Windows 8?

Takeaway: Every small business OS-upgrade choice as a cost/benefit ratio. Calculate the cost, calculate the benefit, and divide. Here’s a look at the variables you should consider.
I’ve been using Microsoft-based desktop PCs for a long time. I remember buying a light brown desktop PC in a huge metal case and having also to buy DOS 4.0 separately so it could run software. DOS 5.0 was not far behind, and I’ve been faced with operating system upgrade decisions in small businesses ever since.
The release of the Windows 8 Consumer Preview in February reminded me that yet another OS upgrade decision will soon be upon us. And although I, and many other cogs in the SMB machine, tend to wait out the initial stage (aka Service Pack 0), the fact that the world is moving on requires that we give some thought to whether we should join the bandwagon.
I look at every small business OS-upgrade choice as a cost/benefit ratio. Calculate the cost, calculate the benefit, and divide. It’s a subjective and metaphorical number, to be sure, but the process of trying to calculate it is a useful one. It forces you to evaluate the decision on the basis of facts and not just emotion. If the costs outweigh the benefits, upgrading should wait. The benefits must outweigh the costs for an OS upgrade to make sense.
Let’s take a look at the variables you should consider.

The costs

Costs come in the form of both time and money, so we’ll count both.
Licenses
The first and most obvious cost is that of licenses. Microsoft has not released pricing for Windows 8, but you should count on something north of $100 per PC at a minimum, not counting the cost of staff time to do the upgrades. It’ll be higher if you’re buying full licenses instead of upgrades. When counting this up, remember to include any PCs or laptops that aren’t obvious upgrade targets at first; it’s better to count those costs and subtract them later if you find you can leave some machines out of the process than not to count them and then find yourself needing to spend money you don’t have.
Cost: $100+ per machine

Installation time
The second cost is that of installation time-the time it takes to do the upgrade on each machine, which never goes flawlessly. Whether you do this yourself or hire it out, this cost is always higher than that of the licenses. If you hire it out, remember that your staff will still be entirely unproductive during the upgrade, which means that it’s always going to cost you something. And if something goes wrong and the installer hasn’t taken adequate precautions, you could spend even more time cleaning up the mess. Figure on at least half a day for each machine, plus the out of pocket cost your consultant charges, if applicable.
Cost: One half day per person + installation T&M
Unfamiliarity
The third cost hits after the upgrade is done, and that is the cost of leaving behind familiar ways of doing things. Even if you ultimately decide that Windows 8 is easier to use than Windows 7 (or XP) was, it will still change the way you and your coworkers work. And although Microsoft promises that the Windows 7 desktop will be available as an “app” in Windows 8, that’s little more than a hack that lets you get going quickly, before you really know what you’re doing. You won’t be learning how to use Windows 8’s UI as long as you’re using its Windows 7-style desktop, you’ll just be coping. Sooner or later, you’ll have to invest time in adopting Windows 8’s ways.
Trust me on this one-this cost will be high. Windows 8 is a radical departure from the habits you’ve acquired. No matter what you do about this, you and your people will lose a lot of time figuring out how to be productive on Windows 8.
Another issue on this topic is that the whole Metro UI is geared toward consumers, not workers, meaning that it’s designed to appeal to those using up their leisure time-music, videos, social media, that sort of thing. It remains to be seen how much of this new stuff will fit into your work life.
The bottom line is that everyone will have to stop doing things from force of habit; nothing you do will be efficient for a while. I would set aside at least a whole week, starting with the one in which you do the upgrades, for this. You are paying the price of finding out where everything went and how to get things done, and there will be a lot of hits and misses. Remember, Vista was less of a leap from XP than 8 is from 7.
Cost: One to two weeks per person.

Replacing software
The fourth cost comes from finding replacements for applications that won’t run on the new OS. Microsoft says that anything that runs on Windows 7 will run on Windows 8. If true, this won’t be an issue. But you would be wise to get news on the applications on which you rely before taking this assumption to the bank. Make an exhaustive list of applications and utilities that each person who will be getting an upgrade uses, and check with the vendor for all of them. And then find a way to test them on a real machine.
Cost: Several days to research application compatibility

The benefits

The benefits are much harder to pin down. Microsoft, and some reviewers, will always claim that the newer version is easier to use than the previous version, but usability is too subjective to matter. Many claimed that Vista was easier to use than XP, but I never did.
In the case of Windows 8, the usability equation is even murkier. So much new replaces so much old that little will be the same, making most of your acquired habits an enemy of your intuition. Is it easier to point to an invisible hotspot in the corner of the screen than to click on a Start button? Even if it is, is it easier when you need a touch screen and don’t have one? For the past 18 years, Microsoft preached the importance of “discoverability” in user interfaces, but no longer. Now, Microsoft is giving up discoverability like a bad relationship. Whether it’s easy to use or not, you’ll need training to learn how to use it. You won’t be able to just figure it out. So if I were you, I would not consider usability in to be a benefit. Just leave it out of the equation.
The benefits that matter are new capabilities. Typically Microsoft claims that the new OS corresponds with the dawn of a new era of something, and the new OS lets you join it. Let’s see what new stuff Windows 8 brings.

Metro-style applications
The Metro UI, a smartphone-style interface, is Windows 8’s most visible new capability and one that I think bears some attention. If you’ve ever seen a smartphone, you’ve seen the basic concept-you navigate the machine, and your applications, through a set of tiles using gestures and swipes. It looks and feels exactly like a smartphone.
It’s not the look and feel per se that may benefit you so much as the applications designed to take advantage of it. Developers will write some new applications for this way of doing things, and you’ll need Windows 8 to run them. The question is: Do you need any of them? Do you even know what they are? If the answer’s yes, add points for this benefit. In other words, if you see some new Metro-style applications on the horizon, consider the capabilities they bring as part of the equation.
Just remember that gestures and swipes are for touch screens, not mouse and keyboard users, so the benefit here depends on whether you have the hardware to take advantage of it.
So, if you need to run (or develop) Metro-style (touch-screen) applications, this capability will drive the benefit side of the equation up. If not, it simply gives you access to all the new software being written, if you have the hardware.
Benefit: New apps

Picture passwords
Windows 8 will let you create a logon password that consists of a series of gestures over an image. For example, you could view a photograph of your family, draw a circle around one person, drag a line across another, and associate that set of gestures with your account. You then use those gestures while viewing the photograph to log into Windows.
Is this really a big enough benefit to mention? I think so. For some people, remembering passwords is a huge problem, leading to unsecure desktop logins. A good business PC needs a strong password. If you can’t remember it, you have a business vulnerability. Some people will find it much easier to remember a series of gestures than an alphanumeric sequence.
Again, the downside is that you have to have a touch-screen in order to use it. So if you’re upgrading an existing, mouse-driven machine, this benefit will add zero points.
Benefit: More-secure desktops

Windows Live credentials and SkyDrive
Windows 8 lets you link a local account with a Windows Live account, an account that authenticates you in the cloud rather than locally. If you have more than one Windows 8 PC, this lets you share the same commonly-used settings across all of your machines. You get the same look and feel and common access to your Metro-style applications. If you travel a lot or use different machines in different places or just need a more predictable user experience in all of these various locations, this capability may be worth something to you. The downside is that the benefit is limited to common Windows settings and Metro-style applications only.
The bigger benefit here comes from SkyDrive. SkyDrive is a Windows Live service and web site that lets you store files in the cloud, and you can use it now with Windows 7. But with Windows 8, SkyDrive becomes a Metro-style application and an integrated part of the operating system. You can store files in SkyDrive with Explorer-like efficiency, and then get access to them from any other Windows 8 PC you log into. This makes it a lot easier to work on files from different machines and spares you from having to email yourself files or copy them to USB drives before leaving the office.
Of course, this all falls down whenever and wherever you don’t have reliable, high-speed access to the Internet. I’ve gone plenty of places where reliable, high-speed connectivity is a problem. Consider this before plunging in with both feet.
Benefit: Mobility options

Storage spaces
Windows 8’s Storage Spaces is a virtualized form of storage-a way of grouping a set of real hard drives into one large hard drive that doesn’t actually exist, so you can expand your storage and make it easier to manage. Even better, it lets you use classic data-protection schemes like mirroring and striping. Sounds like RAID, doesn’t it? That’s essentially what it is. But in this case, it’s accessible enough that it may actually be something that SMBs can use and manage without an IT specialist on board. It’s available on both server and client, and it’s relatively easy to set up.
This is one area where I think Windows 8 could be of great benefit to you. Many SMBs have a big problem with data protection, because they don’t have the money or time to manage complex data-protection schemes. It’s always been true in the companies I’ve worked for, all of which have been SMBs. (I suppose the exception might be those that are funded by venture capital, but they are a tiny minority.) Their data is just as important to them as it is to larger businesses, but the resources are just not there. Storage Spaces promises to change that.
So, if you have a lot of data that that is not adequately backed up, or if you are constantly struggling to come up with enough storage for your business, give this one big points. It’s a significant benefit.
Benefit: Data expansion and protection
Other miscellaneous, tiny little new capabilities
Windows 8 brings a lot of other new capabilities, but I don’t consider any of them very significant to SMBs. Here are some of the ones that might contribute to your decision:
Internet Explorer 10 will be available in two versions, one as a desktop-style and another as a Metro-style application. It promises to have better support for HTML5 and CSS3, and to be faster, than previous versions of IE. Other than that, it remains to be seen how much bang you’ll get for this buck.
Refresh and Reset, two ways of undoing icky changes to Windows, will make it easier to back out of an installation gone bad. It’s System Restore in two different colors, the second of which essentially reinstalls Windows. I, for one, welcome this kind of change, but it’s a two-edged sword. If it has the results that users expect, it may be a boon to SMBs, who need all the push-button solutions they can get. If not, it could be like giving hand grenades to children. We’ll see.
Windows To Go will let you put your Windows 8 installation on a bootable USB drive. This is not exactly a mainstream feature, but it will certainly be welcome by small development shops like mine.
Benefit: Minor improvements

Intangibles

I used Windows Vista for four years before switching to Windows 7. I was slow to upgrade because I couldn’t see much difference between them. But on those occasions when I did use it (usually helping someone else with a problem on their machine), I noticed that it booted significantly faster than mine-so much faster, that it caught my attention. I had noticed that my Vista machine booted slowly and found myself annoyed by it, but the slowness really came to light whenever I used a Windows 7 machine. When I finally upgraded, I could hardly believe the difference. I’ve got other reasons for having made the move, but for me, the boot time became a surprisingly significant reason to upgrade.
I bring this up not because Windows 8 promises to boot faster than Windows 7, but because there may be benefits that you can’t learn about without using the system, and the only one who can determine their value is you. So if possible, even if you decide not to upgrade, find a system that you can play with. Get some experience with it. See if you notice anything that proves to be valuable to you, something you weren’t looking for. You may find a compelling reason not listed in the features.
Benefit: Intangibles

One more thing

Having said all this about costs and benefits, remember that the specifics of your situation trump all. Your business is unique, and nothing any writer can outline in a blog will speak to the issues that only you experience in the day-to-day operations of your business.
Therefore, you need to take samples. Get some experience with it. Get at least one person to install Windows 8 and use it in some capacity in the context of your business. Give this person some time and the means to exercise it. Install and run applications that your company needs to run. And do it before you upgrade the whole company. There’s no teacher like experience, and this experience will give you someone who has sorted through the issues before everyone else has to.
Conclusion
Windows 8 is upon us. Should you upgrade when it’s released? Get yourself a spreadsheet and do a cost/benefit analysis. Doing this will help you size up both halves of the equation in the context of your business. Whatever you do, don’t panic. Windows 7 will be around for a long, long time; there is no need to join a bandwagon that may not be going in your direction. Nothing bad will happen if you take your time with this-if anything, it’ll help you be clear about why you’re doing it.

Five Signs that being an early technology adopter is a good bet for your business

Takeaway: Jump on the right technology bandwagon and you may be commended for having the vision to lead the company to the next level.

When does it make sense to be an early adopter of technology?  It depends on your endgame. As an individual, if you buy a new smartphone or tablet computer and figure out that your shiny new gadget isn’t exactly what you needed, the worst that can happen is you’re out a few hundred dollars and feel frustrated or disappointed.  For a business, the stakes are much higher: jump on the right technology bandwagon and you may be commended for having the vision to lead the company to the next level; choose the wrong technology and you could put the company’s entire data, technology, and communication infrastructure in jeopardy.

So how does a business person determine when it makes sense to be an early adopter of technology, and when it’s more prudent to wait? Here are the 5 signs that it makes sense to take a chance on a new technology:

1.When the technology provider has a good reputation: Products and technologies that are new to the market often have bugs of “undocumented features” that haven’t been fully worked out, so you should always expect a few surprises.  That said, being an early adopter of a new technology offered by a larger or more established company is a much safer bet than adopting a new technology developed by a smaller, lesser known company that has fewer users and fewer resources.
2.When there’s good support in place: When considering whether to be early to the party for a particular technology, one thing you’ll want to know in advance is what your options are when it comes to getting help and support when you need it.  And support can come in many forms-from a company’s toll-free number that connects you to tech support advisors, to community-led forums where users help each other to uncover issues and solve problems. Before you invest your time or money into a new technology, check out the support resources available and determine if they meet your needs and the way you like to work.

3.When there’s a lot to be gained: Jumping into a technology early can be a huge competitive advantage, if it’s done in a careful way.  First, identify areas where technology could have a huge impact on your business-for example, would a new cloud-based security option radically lower your cost and the strain on your IT department?  Would a new lead management system increase employee productivity and revenue generation activities? After you’ve identified the areas where new technology has the potential to make the biggest difference on your bottom line, research your choices. Should you identify a technology that appears to fit the bill, map out a parallel approach to implementing the new technology, with one plan for the implementation process, and a backup plan that will protect what you already have until the new technology has proven itself.

4.When it’s a good time for change: Half of the pain involved in adopting any new technology is in getting “buy in” from the people who will be using it every day.  If you’re starting a new division, are going to be adding new members to your team, or are simply tackling a new project, this is a better time to adopt new software or technology than when you’re in the midst of a huge project or struggling to finish work prior to a deadline. Take a look at where your business is today, and determine if now is a good time to introduce something new, or if there’s something happening in a few months that would make this transition easier.

5.When it’s easy to try and use: Any new technology you adopt will have a better chance of being accepted and adopted if it enhances or encourages small changes to something you are already doing, rather than asking you to completely alter your processes. Your business should consider being an early adopter of technology in situations where you are able to make incremental changes and gauge results along the way.  If you have any question as to whether the technology is exactly what you need, look for opportunities to negotiate some sort of trial use. The goal here is to see how this new technology works in your day-to-day business situation before you’ve made a huge commitment of time, resources, or budget.
When it comes to adopting a new technology, there will always be internal and external factors to think about, and making a decision can be a challenging process. However, by evaluating early adoption opportunities from the perspective of choosing the right provider, ensuring proper support resources are in place, identifying areas where the technology would radically improve your competitive advantage, planning for good timing, and insisting on incremental implementation that works for your business, you’ll be well on your way toward making informed and successful decisions about which new technologies deserve your early consideration.

Brian Woodrick is the Director of Product Management at Ungerboeck Software International, a leading provider of event management software.

Having a fling with VMware Flings, vBenchmark

Takeaway: Lauren Malhoit takes a look at the newest version of vBenchmark.
Have you heard of or used VMware Flings before?  The definition of fling on the website is:  “A fling is a short-term thing, not a serious relationship but a fun one.  Likewise, the tools that are offered here are intended to be played with and explored.”  That’s just what I did with the newest version of vBenchmark, a fling that came out a couple weeks ago.  vBenchmark lets you check for efficiency and baseline your VMware virtual environment in a really simple way.

To install vBenchmark, go to the labs.vmware.com/flings website and click on vBenchmark at the top of the page.  Click “I agree…” and then select the .OVF file from the pull-down menu (assuming you’re going to put this virtual appliance on one of your ESXi hosts).  Then click download.  When this has finished downloading open your vSphere Client and go to File>>Deploy OVF Template.  Browse to you downloaded .OVF file and select it.  Go through the wizard picking the proper ESXi servers and datastores.  There is an option to configure networking at the end of the wizard; however, I found that I had to reconfigure networking on the actual command line while it was running.  Make sure you pick a network adapter that is compatible with Linux.  Try pinging it to see if you have network connectivity.
If you do have network connectivity, you can open a browser and go to
https://ipaddress.of.vBenchmark.server.  You’ll need to enter your vCenter server IP address (or addresses) and credentials.  Then click Initiate Query & Proceed to Dashboard.  After a few seconds you will be taken to a dashboard that gives a brief overview of your initial environment.  It shows various things like your physical and virtual infrastructure configuration, efficiency regarding CPU, memory, and administrator productivity, time it takes to provision or reconfigure VMs and quality of service.

One really neat thing you can do is compare this information with similar companies by clicking on the “Tell Me How” links next to each category.  Essentially there is a repository of metrics classified by company size and industry.  When you share your info (everything is scrubbed so as not to release any confidential data) the dashboard changes and you can compare your results with your peers (as you can see in Figure A).  On the dashboard you may also click on “Metric Definitions” to get a clearer understanding of what all of these categories and metrics mean.

Figure A


There are other tabs besides the Dashboard tab that allow you to go to the different categories individually.  Under these tabs you can sort by vCenter instance or by vSphere edition.  By default the values are averaged out, but you can also click on the “Show Minimum/Maximum” link to see more than just the averages.

Under the vSphere 5 RAM Pools tab it will show you a representation of how much vRAM you have and how much you’re entitled to (shown in Figure B).  If you recall, VMware changed its licensing and each vSphere edition is entitled to a certain amount of vRAM.  If you don’t remember what your edition includes, you can click on the “vSphere 5 vRAM Entitlements per Physical CPU” link to see the official vRAM entitlements for each edition.

Figure B


I mentioned baselining in the first paragraph.  Although this is kind of a quick and dirty way of doing it, there is an Options link in the upper right corner of the page where you can save or export your current data for review at a later date.  This is kind of a nice feature to compare your current metrics to what you’ve come up with in the past.  This is a really neat tool.  The portal has a really clean and modern look to it.  It’s easy to set up and comprehend and who doesn’t love to compare their environments to others.  Check it out if you get a chance!

Managing Macs in a Windows Shop, part 1

Takeaway: Lauren Malhoit walks you through the initial steps of bringing Macs into a Windows shop.
Some of our end users made the request to use Macs in our environment, which has been basically all Windows (except for a few Linux servers).  I set about finding the best way to manage these Macs in our little Windows world.  I put the question out to other admins to see what they were using to manage Macs and the answers I got back were mostly along the lines of “we don’t” or “let us know what you end up doing.”  Those options weren’t viable for us so here are the other options I found:  Changing the Active Directory schema so that you can manage Mac policy via Group Policy Management, using software like Likewise or Centrify, or setting up what is called the “Magic Triangle.”  I went with the latter as it seemed to be the option that offered the most flexibility while still managing the devices with account policies.  From the research I’ve done, changing the Active Directory schema is the least recommended setup as it could corrupt your current Active Directory setup and doesn’t work 100% of the time.  The Magic Triangle in Figure A describes the links between the Mac Server, Active Directory Domain Controller, and the Mac clients.

Figure A


In this first part of a series of posts, I will go through the initial steps I took to install the necessary apps and try to save any of you from some of the troubleshooting (and starting over) that I had to go through.  Mac OS X Lion Server is not exactly what I would call enterprise ready, but it seems they’re working on it.  In this series I’ll be specifically talking about Lion server 10.7.  Be warned, different versions may have different options and there doesn’t seem to be a whole lot out there specific to 10.7, but it is pretty close to 10.6.  You can purchase Mac OS X Lion Server from the Apple Store for $50 and install it on a currently running Mac OS X machine like a Mac Pro or Mac Mini.  I downloaded the Mac OS on a USB stick and started there. Here is a very detailed step-by-step:
  1. Insert the USB with Mac OS X in the Mac device
  2. Press the Option key while it is booting so that you may select the boot device
  3. Select the Mac OS X USB to boot
  4. Select Disk Utility to create and name partitions.
  5. Close Disk Utility
  6. Now choose (Re)install Mac OS X at the beginning menu
  7. Choose the drive you’d like to install the OS on (most likely the partition you just created) and give it a few minutes to install.
  8. Go through the account creation wizard
  9. Login using the account you just created which is by default an admin account
  10. Click on System Preferences in the dock to open it
  11. Click on Network
  12. Configure the Ethernet Adapter accordingly (I used a manual configuration to give it a static IP)
  13. Click Show All to return to System Preferences
  14. Click on Sharing
  15. You may edit the server’s name here (let’s call it MacServer) *Avoid using hyphens
  16. Put a checkmark next to Remote Login and Remote Management.
  17. While Remote Management is highlighted click on Computer Settings and put a check next to Anyone may request permission to control screen and VNC Viewers may control screen with password (enter a password in the password field).
  18. Now you may go back to your workstation and connect to the IP address using a VNC Viewer.  Before you click to connect, click Options and select Hextile and Full (all available colors).  You will not be able to connect if you don’t use these options.
  19. Once connected, make sure you have an internet connection and then click on the App Store icon in the dock and search for OS X Lion Server.  Purchase and download it.
  20. Click on the server icon and click through the wizard to finish the installation.
At this point you have a Mac Device that you’re using as a Mac Server, a Windows Domain Controller (I’m assuming) and at least one Mac client machine to test with.  For the Mac client, I suggest not using a Mac Book Air, as it does not have an Ethernet port.  It seems that most of the configuration requires all of the components be on the same subnet (for example 192.168.1.0/24).  The configuration will not work on different subnets or over wireless, even if your wireless has access to your network using an ACS or something like that.  If you do have a Mac Book Air, you can purchase a dongle so that you may connect to the network using a network cable and that seems to work pretty well.

In the next posts I’ll go through configuring the magic triangle and setting up some of the policies I am using.  I highly recommend going through not only the steps, but the actual blog posts in order, as that seems to be VERY important (luckily I only had to completely wipe everything once and start over once…).  Good luck!

Five online tools that simplify HTML5 coding

Takeaway: HTML5 is revolutionizing website and web application development. Developers can benefit immensely from online tools that enhance and simplify coding in HTML5.

By now, you have probably heard all the hype about HTML5 and how to implement it on your Web projects. The addition of new tags that define page structures, support for multimedia content that includes features previously delegated to plugins like Flash and support for error handling can sometimes be overwhelming.  HTML5 makes a developer’s work easier and learning how to code in HTML5 will equip you with the valuable knowledge as its adoption continues to pick up.
Below are five tools that can help you learn and enhance your HTML5 coding skills:

Initializr
If you want to get started on a new HTML5 project, Initializr will help you do it  in seconds. Initializr generates customizable templates in HTML5. Using the HTML5 boilerplate allows you to skip the boring stuff and provides the tools necessary to start developing using the templates provided immediately.  It provides three pre-configured options to choose from:  Classic, Responsive or a Bootstrap. Demos and repository codes are available all the way. The next step involves fine-tuning the template and adding support libraries. Your finished template is now ready for download.

HTML5 cheat sheets
With new additions and changes always being made to HTML5 it can be a little daunting to keep track or even remember all the new features. Some of these features include new tags, Event Handler content attributes and browser support.  A HTML cheat sheet can be a handy tool for a busy developer. This link offers developers cheat sheets that can be enlarged, printed or shared. Whether you are a developer or not, these cheat sheets can be used as reference guides for your HTML5 projects anytime.

HTML5 Reset
If you are looking to save time when starting new projects, then HTML5 Reset will help you do that. The website offers a set of HTML, CSS and JavaScript files that will help get your project off the ground pretty fast. A blank HTML5 WordPress theme is offered to anyone designing and developing for the WordPress platform. The HTML5 theme includes HTML5 Markup, CSS declaration elements, a widget sidebar and built-in support for JQuery and Analytics.
HTML5 demos and examples

One of the best ways of learning programming is seeing your code in action. The HTML5 Demos website lists example demos in HTML5 that include the use of the <canvas> tag, drag-n-drop functionality, and chat features implementation among other things. The website shows the demo, what browsers support it, and the actual code used. This is a great resource for anyone looking to learn from experienced developers already using HTML5.

LimeJS
LimeJS is a HTML5 game framework that supports all desktop browsers and modern touch-screens. Built with the ‘Closure’ library from Google that has been used to develop Gmail, Google Docs and other Google products, LimeJS is fast, feature rich and integrates well with other developer tools making it highly flexible. The LimeJS website provides the complete class documentation and JavaScript library files for the framework.

The next digital battlefield: Your wallet

Takeaway: Handset companies, mobile operators and banks are wrestling for control of the mobile payments market.

Mobile operator O2 is the latest to unveil a mobile payments service as the battle to control the wallet of the future continues to intensify.

The company’s O2 wallet service allows customers to transfer up to £500 via their mobile phone, with retailers including Debenhams, Comet, Sainsbury’s Direct and Tesco Direct signing up to accept payments.
While the mobile payments market is at best nascent, in the long term all sorts of payments are likely to go contactless and mobile, so mobile operators, handset makers and credit card companies are jockeying for position and launching a variety of payment options, none of which so far have reached anything near critical mass.

Earlier this month Barclaycard showed off PayTag, a miniature credit card it hopes customers will stick on the back of their mobile phones to make contactless payments. Back in February Barclays unveiled its Pingit app for iPhone, Android and BlackBerry handsets, which allows users to link their mobile phone number to their bank account and make payments to anyone who owns a mobile phone in the UK.
Meanwhile, Samsung is working with Visa on a soon-to-be-released NFC enabled smartphone for athletes at the London 2012 Olympics.

Mark Austin, head of contactless at Visa Europe said the Olympics is likely to be a big driver for contactless payments as there will be 3,000 contactless point of sales devices and 350 contactless vending machines.
Contactless has a number of benefits for retailer – including cutting fraud and increasing spending, he said:
“People are limited by how much cash they have in their pocket: the transaction value is inflated when you are using a card because you are less constrained – which is why retailers accept cards.”
Nearly every major retail brand has a contactless plan, he said.  Visa has issued 21 million contactless cards in the UK and there are 104,000 contactless terminals.
And he added: “People still prefer to make contactless payments with cards now but more and more will use phones,” he said.

And it’s not just the existing players that are interested in mobile payments: to complicate the situation further there are new entrants into the market like Google – with its Google Wallet service - that also want to swoop in and take over the mobile payments business.

“This is exactly what Google is aiming to do with its mobile wallet service and if it gains critical mass then it will have a disruptive impact on operators,” said Eden Zoller, principal analyst at Ovum.
Automatically sign up for TechRepublic's CIO Insights newsletter!

Configure a Cisco Catalyst 2950 switch with this template

While configuring a new Cisco Catalyst switch isn't necessarily difficult, it can be time-consuming. Why not automate the process with an Excel template? We've created an Excel template that will help you automate the configuration of a new Cisco Catalyst 2950 switch.

What this template does

This template will generate the configuration for a Catalyst 2950 switch according to the information you supply. The template contains two worksheets.
The first worksheet is a reference, which offers a sample configuration that lists the various commands and their purposes. This sample configuration performs the following actions for the switch:
  • Enables password encryption.
  • Configures a hostname.
  • Creates an enable secret password to control administration.
  • Configures AAA authentication to use local username/password information to control Telnet and console access.
  • Enables the HTTP Web server for remote administration.
  • Configures the Web server to use the local authentication database.
  • Configures Telnet and console lines to prevent configuration interruption from console logging messages.
  • Configures a DNS domain name suffix.
  • Configures a specified local DNS server.
  • Configures the proper time zone, and points the switch to a local NTP time server for date and time synchronization.
  • Configures the local logging system to put date and time stamps on all log entries.
  • Creates a local administrative account with a specified username and password.
  • Creates an IP address on the VLAN1 interface for switch administration, and enables that interface.
  • Creates a default gateway.
  • Configures all ports to be access switch ports so they bypass spanning-tree negotiation and come up faster.
  • Saves this new running-configuration to the startup-configuration, which preserves the configuration during rebooting.
You can input your configuration information for your network on the second worksheet. If there's a setting you don't need, you remove it.

What you need to know

Here's a list of things you need to know before you download the template:
  • Click the Enable Macros button when you open the Excel workbook.
  • By default, this configures nothing on Gig-E uplink ports.
  • All Fast Ethernet interfaces belong to VLAN 1 only, and it creates no other VLANs.

Get the template

Now that you know what the template can do for you and how to use it, you can get started. Follow these steps:
  1. Download the template.
  2. Open the Excel file, and fill out the yellow sections on the Variables worksheet.
  3. Click the Replace button; it will generate the appropriate configuration on a new worksheet called Cat2950 - 1.
  4. Copy the configuration from the Excel file, and paste it into the Cisco CLI. You can copy directly from Excel into a Telnet or SSH session or even the console port.
For more information, see the Cisco's Catalyst 2950 and Catalyst 2955 Switches documentation.

We want your feedback

What do you think of this template? Would you like to see other templates covering different topics or products? Share your opinions in this article's discussion.

Miss a column?

Check out the Cisco Routers and Switches Archive, and catch up on David Davis' most recent columns.
Want to learn more about router and switch management? Automatically sign up for our free Cisco Routers and Switches newsletter, delivered each Friday!
David Davis has worked in the IT industry for 12 years and holds several certifications, including CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of systems/network administrators for a privately owned retail company and performs networking/systems consulting on a part-time basis.

10 PowerShell commands every Windows admin should know

Takeaway: PowerShell combines the speed of the command line with the flexibility of a scripting language, making it a valuable Windows administration tool. Here are a few basic commands you’ll want to master.
Over the last few years, Microsoft has been trying to make PowerShell the management tool of choice.

Almost all the newer Microsoft server products require PowerShell, and there are lots of management tasks that can’t be accomplished without delving into the command line. As a Windows administrator, you need to be familiar with the basics of using PowerShell. Here are 10 commands to get you started.
Note: This article is also available as a PDF download.

1: Get-Help

The first PowerShell cmdlet every administrator should learn is Get-Help. You can use this command to get help with any other command. For example, if you want to know how the Get-Process command works, you can type:
Get-Help -Name Get-Process
and Windows will display the full command syntax.
You can also use Get-Help with individual nouns and verbs. For example, to find out all the commands you can use with the Get verb, type:
Get-Help -Name Get-*

2: Set-ExecutionPolicy

Although you can create and execute PowerShell scripts, Microsoft has disabled scripting by default in an effort to prevent malicious code from executing in a PowerShell environment. You can use the Set-ExecutionPolicy command to control the level of security surrounding PowerShell scripts. Four levels of security are available to you:
  • Restricted — Restricted is the default execution policy and locks PowerShell down so that commands can be entered only interactively. PowerShell scripts are not allowed to run.
  • All Signed — If the execution policy is set to All Signed then scripts will be allowed to run, but only if they are signed by a trusted publisher.
  • Remote Signed — If the execution policy is set to Remote Signed, any PowerShell scripts that have been locally created will be allowed to run. Scripts created remotely are allowed to run only if they are signed by a trusted publisher.
  • Unrestricted — As the name implies, Unrestricted removes all restrictions from the execution policy.
You can set an execution policy by entering the Set-ExecutionPolicy command followed by the name of the policy. For example, if you wanted to allow scripts to run in an unrestricted manner you could type:
Set-ExecutionPolicy Unrestricted

3: Get-ExecutionPolicy

If you’re working on an unfamiliar server, you’ll need to know what execution policy is in use before you attempt to run a script. You can find out by using the Get-ExecutionPolicy command.

4: Get-Service

The Get-Service command provides a list of all of the services that are installed on the system. If you are interested in a specific service you can append the -Name switch and the name of the service (wildcards are permitted) When you do, Windows will show you the service’s state.

5: ConvertTo-HTML

PowerShell can provide a wealth of information about the system, but sometimes you need to do more than just view the information onscreen. Sometimes, it’s helpful to create a report you can send to someone. One way of accomplishing this is by using the ConvertTo-HTML command.
To use this command, simply pipe the output from another command into the ConvertTo-HTML command. You will have to use the -Property switch to control which output properties are included in the HTML file and you will have to provide a filename.
To see how this command might be used, think back to the previous section, where we typed Get-Service to create a list of every service that’s installed on the system. Now imagine that you want to create an HTML report that lists the name of each service along with its status (regardless of whether the service is running). To do so, you could use the following command:
Get-Service | ConvertTo-HTML -Property Name, Status > C:\services.htm

6: Export-CSV

Just as you can create an HTML report based on PowerShell data, you can also export data from PowerShell into a CSV file that you can open using Microsoft Excel. The syntax is similar to that of converting a command’s output to HTML. At a minimum, you must provide an output filename. For example, to export the list of system services to a CSV file, you could use the following command:
Get-Service | Export-CSV c:\service.csv

7: Select-Object

If you tried using the command above, you know that there were numerous properties included in the CSV file. It’s often helpful to narrow things down by including only the properties you are really interested in. This is where the Select-Object command comes into play. The Select-Object command allows you to specify specific properties for inclusion. For example, to create a CSV file containing the name of each system service and its status, you could use the following command:
Get-Service | Select-Object Name, Status | Export-CSV c:\service.csv

8: Get-EventLog

You can actually use PowerShell to parse your computer’s event logs. There are several parameters available, but you can try out the command by simply providing the -Log switch followed by the name of the log file. For example, to see the Application log, you could use the following command:
Get-EventLog -Log "Application"
Of course, you would rarely use this command in the real world. You’re more likely to use other commands to filter the output and dump it to a CSV or an HTML file.

9: Get-Process

Just as you can use the Get-Service command to display a list of all of the system services, you can use the Get-Process command to display a list of all of the processes that are currently running on the system.

10: Stop-Process

Sometimes, a process will freeze up. When this happens, you can use the Get-Process command to get the name or the process ID for the process that has stopped responding. You can then terminate the process by using the Stop-Process command. You can terminate a process based on its name or on its process ID. For example, you could terminate Notepad by using one of the following commands:
Stop-Process -Name notepad
Stop-Process -ID 2668
Keep in mind that the process ID may change from session to session.

10 tips for troubleshooting DNS problems

Takeaway: Figuring out what’s wrong with DNS will go faster if you have a set of troubleshooting steps to follow. Brien Posey shares his approach to isolating the cause of DNS problems.
DNS is one of the most essential services on any Windows network. Active Directory can’t function without DNS, and it’s is also used by any number of other network functions. So it’s critical to troubleshoot DNS problems as fast as possible. Thankfully, the process is usually fairly easy. Here are10 of my favorite DNS troubleshooting techniques.
Note: This article is also available as a PDF download.

1: Verify network connectivity

When DNS problems occur, one of the first things you should do is verify that the DNS server still has network connectivity. After all, if the problem ends up being something as simple as a NIC failure, you can save yourself a lot of time by checking for the problem up front.
The easiest way to verify connectivity is to log on to the DNS server and try to ping a few machines. You should also try to ping the DNS server from a few random machines. Remember that ping will work only if you allow ICMP packets through the firewall on the machine you are pinging.

2: Determine the scope of the problem

After you have determined that basic connectivity still exists, the next step is to determine the scope of the problem. Are Internet name resolutions failing or are local name resolutions failing too? The answer is going to make a difference in how you will have to troubleshoot the problem. For example, if local name resolution works but Internet name resolution does not, the problem may lie with one of your ISP’s DNS servers.

3: Find out whether all users are affected

Another thing to look at is whether the problem affects all of the users on the network or it’s limited to a subset of users. If you determine that only some users are affected, check to see whether all those users are located on a common network segment. If so, the problem could be related to a router failure or a DHCP configuration error.

4: See whether the DNS server is performing load balancing

Organizations hosting high demand Web servers sometimes try to distribute the workload across multiple identical Web servers by using a load balancing technique called DNS Round Robin. The problem with this technique is that the DNS server has no way of knowing when one of the servers has failed. As a result, inbound traffic is still directed to all the servers in round robin fashion, even if one of those servers is offline. The result is intermittent connectivity problems to the load-balanced resource.

5: Check the DNS server’s forwarders

If you determine that local name resolution requests are working but Internet requests are failing, check to see whether your DNS server uses forwarders. Even though many DNS servers use root hints for Internet name resolution, some use forwarders to link to an ISP’s DNS server. And if the ISP’s DNS server goes down, Internet name resolution will cease to function as the entries in the resolver cache expire. If your DNS server does use forwarders, you can try pinging the server to see whether it’s online. You might also have to call the ISP to see whether it’s having any DNS issues and to make sure that the IP address you are using in your forwarder is still valid.

6: Try pinging a host

If name resolutions are failing on your local network, try pinging some of the servers on your network. Start out by pinging the server’s IP address. This will confirm that connectivity to the server is working. Next, try pinging by computer name and by the server’s fully qualified domain name.
If you can ping the host by IP address but not by name, check your DNS server to make sure that a Host (A) record exists for the host. Without a Host (A) record, the DNS server will be unable to resolve the host’s name.

7: Use NSLookup

One of the handiest tools for troubleshooting DNS failures is the NSLOOKUP command, which you can access from a Windows Command Prompt window. Simply type NSLOOKUP followed by the name of the host for which you want to test the name resolution. Windows will return the name and IP address of the DNS server that resolved the name (although the DNS server’s name is often listed as Unknown). It will also provide you with the fully qualified domain name and the IP address of the host you specified.
NSLOOKUP is useful for two things. First, it allows you to verify that name resolution is working. Second, if name resolution isn’t working, it allows you to confirm which DNS server is being used. Keep in mind that NSLOOKUP will list only the DNS server it initially connects to. If the name resolution request is forwarded to other DNS servers, those servers are not listed.

8: Try an alternate DNS server

Most organizations have at least two DNS servers. If your primary DNS server is having problems, try using an alternate. If name resolution begins working after you switch DNS servers, you have confirmed that the problem is indeed related to the DNS server and not to some external factor.

9: Scan for viruses

About a week ago, someone called me because every time they would try to visit certain Web sites they were redirected to a malicious Web site instead. I initially suspected a DNS poisoning attack, but ruled out such an attack because only one computer was affected.
The problem was that a virus had integrated itself into the TCP/IP stack and was intercepting all name resolution requests. Even though this initially appeared to be a DNS problem, the virus was ultimately to blame.

10: Reboot the DNS server

I know that it sounds like a cliché, but when all else fails, reboot the DNS server. I have seen several situations over the years in which name resolution stopped for an unknown reason but rebooting the DNS server fixed the problem.
Likewise, I have seen at least two examples of consumer-grade routers that have stopped forwarding DNS requests even though other types of traffic continue to flow. In one of these situations, resetting the router fixed the problem. In the other situation, the router had to be replaced. It was thought that the router might have been damaged by a power surge that had occurred a day before the problems started.

10 cool things you can do with a USB flash drive

Your USB flash drive can do a whole lot more than just move data around. Greg Shultz introduces a variety of creative ways to put that drive to good use.


Transporting your data is probably the most common use for a USB flash drive. But there’s a world of other things you can do with these handy pocket-size drives. Here are 10 ways you can use that USB flash drive to do more than just move data.
Note: This article is also available as a PDF download.

1: Run portable applications

In addition to storing your data, you can run portable applications from a USB flash drive. For example, OpenOffice, which is a complete office suite that includes a word processor, spreadsheet, presentation tool, drawing package, and database, is available as a portable application. Mozilla Firefox and Thunderbird are also available as portable applications. When you combine the office suite with the ability to surf the Web and check email, you’ll be able to take your most vital computing applications with you wherever you go — right in your pocket.
If that’s not enough, you can choose other applications to install on your USB flash drive from PortableApps.com (Figure A). You can even install an entire prepackaged suite of applications that includes such things as an audio player, games, an antivirus utility, and a handy menu system.

Figure A


The PortableApps.com suite comes with a menu system to allow you to easily access your portable applications.

2: Boot an operating system

If you want to do more than just run your own applications, you might want to consider booting an entire operating system from your USB flash drive. You can boot either Windows or Linux from a USB flash drive; however, the process is not an exact science and you may be in for a technical adventure.
Fortunately, there are some guides you can follow. To learn how to boot Windows XP from a USB flash drive, see the article Creating a bootable USB flash drive for Windows XP. To learn how to boot a version of Linux from a USB flash drive, see the article Puppy Linux teaches an old dog new tricks.

3: Connect to a wireless network

If you have a wireless network, you can use the Wireless Network Setup Wizard in Windows XP or the Windows Connect Now (WCN) feature built into Vista to save wireless network configuration information to a USB flash drive. You can then use your drive to quickly and easily connect another computer or a WCN-compatible device, such as a router or printer, to your wireless network. To learn more about using the Wireless Network Setup Wizard, see the Help And Support Center, which is accessible from Windows XP’s Start menu. To learn more about using the Windows Connect Now feature, see Windows Help And Support, which is accessible from Windows Vista’s Start menu.

4: Create a password reset disk

A password reset disk can really come in handy if you forget the password to your user account on a Windows system that is not a part of a domain. If you find yourself in that situation, you can use the password reset disk to reset your password and quickly get back into your user account. In Windows Vista, you can use USB flash drive rather than a floppy disk as a password reset disk (Figure B). For details on how to do so, see the article Create a Vista password reset disk using a USB flash drive.

Figure B


You can use your USB flash drive as a password reset disk.

5: Boost performance

If you’re running Windows Vista, you can use a USB flash drive to speed up your system with the ReadyBoost technology. ReadyBoost can use the storage space on a USB Flash drive as an additional memory cache to aid the memory cache on your hard disk. And because flash memory is more responsive than a hard disk, with its physical moving parts, the memory cache provided by ReadyBoost can significantly improve system responsiveness.
Using ReadyBoost is easy. You just insert your USB flash drive into your Vista system and follow the onscreen prompts to configure and use ReadyBoost. If you want more details, check out the article How SuperFetch and ReadyBoost work together.

6: Manage it

If all you really want to do with your USB flash drive is transport data, and you’re running Windows XP, you can do so more efficiently with the Microsoft USB Flash Drive Manager (Figure C). Once you have installed this manager, you can easily copy files to and from your drive, back up and restore the entire flash drive to and from your hard disk, change the drive label, and even create an autorun.inf file to launch Drive Manager automatically when you plug in the drive. To learn more about and download the USB Flash Drive Manager visit the Microsoft TechNet Magazine site.

Figure C


The Microsoft USB Flash Drive Manager provides you with a host of features, such as drive backup.

7: Use it as an MP3 player

Would you like to be listening to music when you’re using a computer at the office, but you don’t have an MP3 player? If so, you can use a USB flash drive as an MP3 player along with Windows Media Player and a set of headphones. Just copy your MP3 files to your USB flash drive, plug it into your computer, and direct Windows Media Player to build a library of the songs on your drive. You can use all of Windows Media Player’s playback features, such as playlists and favorites, to easily customize your music listening experience. And best of all, you won’t have to worry about running low on battery power.

8: Password-protect it

If you use a USB flash drive to transport sensitive data that you would prefer to protect from prying eyes, should you lose the drive, Rohos Mini Drive (Figure D) can safeguard that data. This security tool allows you to create a secret partition on the drive and then password-protect/encrypt that partition, thus protecting any documents you copy to that partition via the utility’s file manager. You can download (and read a review of) Rohos Mini Drive at Download.com.

Figure D


Using Rohos Mini Drive, you can secure sensitive files on your USB flash drive.

9: Run a Web site from it

If you are a Web developer, you may be interested to know that with Server2Go, you can easily run a Web server that supports Apache, PHP, MySQL, and Perl right from a USB flash drive. You can use Server2Go right out of the box without any installation. It runs on all versions of Windows, supports most common browsers, and is completely free. To a developer, the benefits of having a portable Web server on a USB drive are numerous. For example, imagine being able to carry a live Web site demo into a sales pitch meeting. For more information about this package, visit the Server2Go site.

10: Lock your PC

Have you ever seen a movie in which a person in some secret government installation simply inserts and removes a card to log in and log out of a PC? If you thought that idea was cool, you’ll definitely want to investigate Predator (Figure E). Once installed and configured, this little freeware utility will allow you to turn a USB flash drive into a key you can use to lock and unlock your computer.

Figure E


With Predator, you can use a USB flash drive as a key to lock and unlock your computer.
While the USB flash drive is connected to your computer, everything works as it normally would. Once you remove the USB flash drive, your computer is locked down — the keyboard and mouse are disabled and the screen darkens. To unlock your computer, you just plug in the USB flash drive and the computer will be unlocked and you can begin using it. To learn more about Predator, and/or to download it, visit the developer’s Web site.

10 email tips for preventing problems and avoiding aggravation

Takeaway: There are plenty of ways to mishandle email communications — and mistakes can range from embarrassing to inefficient to highly irritating. These tips will help you sidestep potential email problems.
In 2008, I wrote a pair of articles that focused on email habits that are annoying at best and career-damaging at worst. This topic proved so popular — and I have discovered and committed so many more errors since then — I thought I would share some tips for avoiding some of the most common email mistakes.
Note: This article is also available as a PDF download.

1: Address the email only when it is ready to send

Have you ever sent an email prematurely? The best way to avoid such a mistake is to leave the addressee field blank until you are positive the note is ready for sending. That way, even if you accidentally click the Send button, nothing will happen because the software won’t know where to send it. In fact, the Send button probably will be grayed out.
If you are replying to an email, follow the same procedure. In this case, however, before starting your message, cut the recipient’s name from the addressee field (this person was the original sender) and paste it into the body of your note. Then, when are ready to send, cut that address from the body and re-paste it into the addressee field.

2: Attach any files before composing your note

How many times have you gotten an email that referenced files that you never received because the sender failed to attach them? How many times have you meant to attach a file, but forgot? Avoid this embarrassment and annoyance by attaching these files first, before you even start composing your note.

3: Tell the other person which email you used when sending

Is someone saying your email was never received? Don’t answer by simply saying, “I did send you an email.”  Be specific and spell out the user name and the domain name of the address. Even if you typed the address correctly, that address might not be the main one the other person uses. In addition, of course, you could have mistyped the address or used the wrong syntax, such as typing an underscore instead of a period between first name and last name.
Likewise, if you are planning to send someone an email in the future, tell that person which address you will use.

4: Reply to a new person from the same address that received that person’s note

Let’s say you get an email from someone for the first time, but you expect to exchange more in the future. When you reply to that person, do so from the same address to which your sender addressed his or her note.
Your sender probably is using a spam filter. Such filters often will assume that any recipient of outgoing mail from that sender is good and will whitelist that recipient address. Therefore, when you reply from that address, your sender’s spam filter will allow your reply to get through.
Suppose, however, that you reply to that sender from a different email address, perhaps because the one that received the message is your less commonly used one. The sender’s spam filter might not recognize this other address, and your note could be trapped in the spam filter’s junk/spam mailbox. For this reason, the best approach is to reply from the same address that originally received that note.

5: If you want the other person to use a different address for you, say so first

What if you really would like that person to send to an alternate email address? In this case, simply say so. However, do so via phone, or via a note from the “old” address, i.e., the one your sender originally used. If you tell the sender via an email from that new address, you run into the same potential spam filter problem.

6: Send a test message first

You may get an email address from a new client or associate who dictates the address to you verbally or you might type it in by hand from a business card. To be safe, especially if you will be sending sensitive information, send a test message first to make sure you didn’t mistype while entering the address. If the person replies with a confirmation, you know that you entered the address correctly.

7: Copy and paste the address instead of manual typing

Copying and pasting an address instead of manually typing will eliminate potential mistakes. Just be aware that the address to be copied still might be wrong, so sending a test message even in such cases still is desirable.

8: Be careful with addressee auto-complete

A friend once told me of an experience she had one summer. She had written an actual hard-copy letter to her then-boyfriend. She also had written a letter to one of her girlfriends, in which she talked about some new guy she had just met. She mailed the letters, then a few days later got a call from the girlfriend telling her she had gotten the boyfriend’s letter.
Your email program might predict the name of an addressee and complete that field for you. While convenient, this feature carries with it the risk that you will send an email to the wrong person. If you can live with the risk of what happened to my friend, at least verify the addressee name before clicking Send. If you’d prefer to eliminate the risk, go into your email program’s options menu and disable the auto-complete feature.

9: Point recipient to “subject line messages”

Some guides on email advise you put a short message solely in the subject line to save time for the recipient. Be aware, though, that doing so may cause your message to be missed. Just this morning, I emailed a client with a request that he send me a check to cover mailing expenses. I put the dollar amount right in the subject line. Twenty minutes later, he emailed me back and asked for the amount. Now, this client is a good person, and I am not criticizing him. However, like many of us, he might be conditioned to click on the inbox entry and look for information in Putting the message in the subject line is still is a good idea. However, to be safe, I would put a short line in the body that says “see subject line for message.” I know it partially defeats the purpose of using the subject line this way, but it lessens the chances of missed information.

10:  Be careful about too-large attachments

Network speeds and bandwidth have increased dramatically over time. Maybe these days a 1MB attachment would not cause the problems it would have 10 years ago. Nonetheless, be sensitive to sending attachments that are too large. You still could cause problems for your co-workers and anger the network administrator, both on your side and your recipient’s side.
Ask your help desk about any limits on file sizes. Also, make sure you have to send an actual file. For example, could you merely send a Web page address instead? If you really do need to send large files, consider an FTP service such as www.yousendit.com

Bonus tip: Check and verify Web links you send

After I typed the above Web page address, I copied it and pasted it into my Web browser to make sure I got to the right page. The same principle applies here as for email addresses: You want to make sure you didn’t mistype or use the wrong domain name extension in Web addresses. If you are giving information about the White House Web site, for example, be aware that it is www.whitehouse.gov. Use of any other extension might lead to embarrassing results for your recipient and hence problems for you.

Configure QoS on your Cisco router with this template

Using quality of service (QoS) on Cisco network devices helps provide both bandwidth and priority to certain types of network traffic. The network administrator tells the network devices which traffic requires what bandwidth and priority.

It's important to understand the difference between bandwidth and priority. As the network devices (switches or routers) encounter the designated traffic, they give that traffic priority by sending it before other traffic; they give the traffic bandwidth by sending more of it than other traffic.

As I mentioned last time, configuring QoS is very complex. There are many different ways of using QoS as well as different types of QoS. Last time, I discussed how to use Cisco IOS AutoQoS to automatically configure a router to give bandwidth and priority to VoIP traffic ("Learn the benefits of Cisco AutoQoS").
This time, let's take a step back and look at how to configure basic QoS for a given scenario using a downloadable template. Let's begin with a sample scenario.

Our sample scenario

Let's say you have a Cisco 871W router at home. You use this router for Skype VoIP service, to play Counter-Strike over the Internet, and for traditional Internet activities (e.g., Web browsing and e-mail).
However, you're experiencing performance issues with your Skype phone service when simultaneously surfing the Web. When downloading a file, your phone service sounds horrible. In addition, your Internet game suffers when you download FTP files.
This is a prime example of how QoS comes in handy—you need to give these different types of traffic the bandwidth and the priority they require. Once you've configured QoS, you should be able to talk on the phone, play your game, and download files—all at the same time—without experiencing any performance issues.
Keep in mind that this is only an example. Once you understand how to configure QoS, you can customize it to fit your organization's needs. In addition, the downloadable template will create the configuration file, and you can modify it to fit your company's needs.

Configure QoS

Let's review the steps to configuring QoS on a Cisco router.
Step 1: Define the traffic
You must tell the router which traffic you want to give QoS, which you can accomplish either using an access control list (ACL) or using Network Based Application Recognition (NBAR). An ACL is the traditional way to define any traffic for a router.
With NBAR, however, the router just recognizes the traffic traveling through the router—it knows that HTTP is HTTP, Skype is Skype, etc. But there's a limited list of protocols and applications that the router recognizes.
While the router won't recognize every single application, each IOS upgrade adds more to the list. In addition, you can create custom application recognition files.
Step 2: Create a class-map
A class-map defines the traffic into groups. For example, you could create a class-map called VoIP traffic and put all VoIP protocols under it.
Step 3: Create a policy-map
A policy-map matches the classes from the class-map with how much bandwidth and/or priority you want to give this traffic.
Step 4: Apply the policy-map to the interface
Like an ACL, you must apply the policy-map to the specific interface you want it to affect. You can apply the policy-map in either output or input mode. Here's the command to use:
service-policy output|input {name of policy-map}
If you're using NBAR to recognize the traffic, you must also use the ip nbar protocol-discovery command on the interface. This enables NBAR to begin looking at the traffic.

Download the QoS template

Now that you know the basic steps to configuring QoS, you can get started with our downloadable QoS template. (This is the same template that TechRepublic's George Ou has used to explain how to configure the Cisco 871W router for basic configurations, advanced 871W configurations, and an IPSec site-to-site VPN.)
Follow these steps:
  1. Download the template.
  2. Open the Excel file, and fill out the yellow sections on the Variables worksheet.
  3. Click the Replace button; it will generate the appropriate QoS configuration on a new sheet called QOS-1.
  4. Copy the configuration from the Excel file, and paste it into the Cisco CLI. You can copy directly from Excel into a Telnet or SSH session or even the console port.

Miss a column?

Check out the Cisco Routers and Switches Archive, and catch up on David Davis' most recent columns.
Want to learn more about router and switch management? Automatically sign up for our free Cisco Routers and Switches newsletter, delivered each Friday!
David Davis has worked in the IT industry for 12 years and holds several certifications, including CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of systems/network administrators for a privately owned retail company and performs networking/systems consulting on a part-time basis.

10 essential tools and services for work-at-home IT pros

Takeaway: You can’t work out of your home effectively without the right setup. Justin James shares what he’s discovered about equipping the IT home office.

I have been working out of my home office for more than three years now, with job functions that cover a wide variety of IT roles, such as software developer, network engineer, and system administrator. Over this period of time, I have learned that the office equipment, software, and services needs of remote workers are different from those of someone on site in a number of ways. Today, I’m going to share what I’ve found to be 10 must-have tools and services for remote IT workers.

1: Quality Internet service

If you are working from home, it is obvious that you will need the Internet all day long to do your job. Where a lot of people go wrong on this is by getting cheap Internet service, such as a consumer grade DSL or cable modem line. The problem is, these services are aimed at providing fast downloads, sometimes with a “burst” of bandwidth for a big item. But they have slow upload speeds, no static IP address, and no guarantees of service quality.
Instead, I recommend a business class account. While it is more expensive, the benefits for a home worker are huge. Having a static IP address lets the home office feel more comfortable in opening services to you, for example, and host services yourself if needed. Business class accounts come with bandwidth and technical support response time guarantees, as opposed to the “best effort” you get with consumer accounts. And many times, the bandwidth is segregated from the residential access so your access does not get jumbled up with the mass of BitTorrent, Xbox Live, and Netflix from the house next door.

2: A real phone

Cell phones are great, but when it comes to call quality, nothing can replace a true desk phone. Even if that phone is connected to VOIP, the quality of the call is far superior. You will be on the phone a lot more than you would be if you were in the office, which makes call quality very important. I tried a good cell phone + good Bluetooth headset, and not only were the bills huge (often more than $200 a month), but the call quality was lousy. Now, I have an inexpensive phone, a Vonage account, and a Jabra GN9350 headset (cannot recommend this item enough), and it’s rare to be asked to repeat myself.

3: Company credit card

When you are on your own, you can’t wait for a central purchasing department to buy something and have it shipped to you. And as an IT professional, you will often buy things that cost more than you will feel comfortable paying for out of your own pocket and getting reimbursed for. In addition, there will be times when you’re on the road and need to pay travel costs. Have your employer furnish you with a company credit card, and life will get a lot easier for you.

4: Ergonomic office furniture and layout

I’ve written a number of articles here at TechRepublic about the ergonomic equipment I use, and there is a reason for it. If you thought you spent a lot of time at your desk in an office, just wait. You will spend even more time at the desk when working from home. It’s simple: You no longer need to get up for anything other than a bathroom break or food and drink. The days of going to the server room or a co-worker’s desk to solve a problem are over, and it is not uncommon to discover that you’ve been at your desk for eight to 10 hours without more than a five-minute break. You don’t even leave the house to get lunch most of the time. Being in a chair this long makes ergonomics even more important than they are in an office. Personally, I love the Herman Miller Embody chair and Envelop desk, the Kinesis Advantage keyboard, and Evoluent Vertical Mouse. Find what works for you.

5: Scanner and inexpensive black-and-white laser printer

Print may be dead, but you will still need to print things out from time to time. Printing is so infrequent for me that inkjet cartridges are often dried out after only a few printings, which is why I recommend a small, inexpensive black and white laser printer. You can get one for under $100 that does a perfectly good job and never dries out. The only things I find myself printing are directions and contracts to be signed. And that is where the scanner comes into play. I have found that working at home, there are about five to 10 times a year where something requires a real signature. Given that you can buy a dirt cheap flatbed scanner for under $50, it does not make sense to lose half an hour driving to the office store just to send a fax. That half hour is worth $50 or so to your employer anyway.

6: Redundancy, onsite backups, and offsite backups

When I worked at an office, there was an IT department (or I was the IT department) that took care of my data needs. If a drive or entire PC died, they would have it swapped out and fixed in a few hours. Everything was stored on the network or they had backups being done on my computer. Working at home is a different ball of wax. Given the speed of the network, I find myself storing a lot more locally and syncing when needed, instead of directly using network storage. And if the system blows up, I am responsible for getting myself back online. As a result, I count on a combination of RAID 1 (mirrored drives) to protect myself in case of drive failure, an internal disk dedicated to nightly backups in case of system meltdown, and offsite backups through an online backup provider to handle catastrophes (such as a fire).

7: Smartphone

When I worked in an office, a smartphone was a “like to have” not a “must have.” If I was away from my desk, it was rarely more than a 10-minute walk back in case something went horribly wrong. But at the same time, it was expected that it would take a real emergency to get me back into the office after hours. Working from home, there is the assumption that you are somewhat available regardless of the time or hour. Having a smartphone allows me to stay on top of what’s going on and provide that availability, while still letting me screen out the less important problems. You will especially want to make sure that your phone handles email seamlessly. I have found that the Samsung Focus (a WP7 device) fits my needs better than anything else I have used, but it is a matter of personal taste and needs.

8: Power protection

In an office, the IT department and facilities teams handled power issues for me. At home, dealing with power outages and protecting the equipment from power spikes and dips are my responsibility. Faced with a choice between being out of commission for three days to repair equipment damaged by a “power event” and spending money on a good, line conditioning UPS, the UPS is a better bet. I like the low-end Eaton/Powerware dual conversion units. They provide my small setup here with plenty of runtime in case of power outage and give me 100% assurance that a power event won’t wipe me out.

9: Laptop/notebook

Working from home, you will need to be on the road at least once in a while. For me, that is about once a year to visit the home office, and a few times a year when I go on vacation or three-day weekends. While that does not justify a great mobile machine for me (I am using a laptop that was mid-range three years ago), I still need one. Depending on your requirements, you may need a better one. I like to have a powerful desktop machine but just enough laptop power to do what I need to do on the road. You may prefer a full desktop replacement.

10: Gym membership

If it weren’t for the gym, I would probably leave my property about three times a week. Getting to the gym every day not only provides me exercise, but it also gives me a much-needed break in the workday. (Remember, you aren’t taking lunch breaks anymore.) Working from home, I have found myself even more sedentary than I was in an office, so getting to the gym is an important part of staying healthy and sane. If you don’t like the gym, take walks or go for a jog every day.