Prihlásiť sa Odoslať Novinky :: FAQ :: Rozšírené vyhľadávanie :: Napísali o nás :: Ankety
Main Menu
· Home
· 
· FAQ
· 
· Diskusia
· 
Main Menu
· Domov

Moduly
· AvantGo
· Downloads
· FAQ
· News
· Recommend Us
· Reviews
· Search
· Sections
· Stats
· Topics
· Top List
· Web Links
· Forum
Jazyk
Výber jazykovej mutácie:

FAQ  •  Search  •  Register  •  Log in to check your private messages
Log in  •  Maximize
The time now is 26.06.2024 - 11:25

SKFREE Forum Index » SKFree Network » Troubleshooting

Problem s blokovanim P2P

Post new topic Reply to topic
View previous topic Printable version Log in to check your private messages View next topic
Page 2 of 5 < 12345 >
Author Message
eXplorer
Post subject: RE: Problem s blokovanim P2P  PostPosted: 11.12.2009 - 16:03 #78116
Majster


Joined: Feb 25, 2003
Posts: 2606
Location: BA,BB
gyro: tych 300Mbit ma byt full duplex ? box teda musi mat 600Mbit priepusnost na application control resp IPS
 
 View user's profile Send private message Visit poster's website  
Reply with quote Back to top
gyro
Post subject: RE: Problem s blokovanim P2P  PostPosted: 11.12.2009 - 16:09 #78117
Majster


Joined: Okt 22, 2003
Posts: 3321
Location: Banská Bystrica - Rudlová
content ma zaujima len down ..
 
 View user's profile Send private message Send e-mail Visit poster's website ICQ Number 
Reply with quote Back to top
421
Post subject: RE: Problem s blokovanim P2P  PostPosted: 11.12.2009 - 16:57 #78121
Majster


Joined: Jún 12, 2005
Posts: 2739
Location: zilina
....lebo up uz z toho nejde:-)
 
 View user's profile Send private message Visit poster's website  
Reply with quote Back to top
eXplorer
Post subject: RE: Problem s blokovanim P2P  PostPosted: 11.12.2009 - 17:10 #78122
Majster


Joined: Feb 25, 2003
Posts: 2606
Location: BA,BB
Potom by ti mohol stacit tento model
http://www.fortinet.com/products/fortigate/200B.html
Presnu cenu zatial stale neviem, ale odhadujem to na nejakych 5000 euro

Ak chces kontrolovat oba smery a mat rozumnu rezervu aj do buducnosti tak:
http://www.fortinet.com/products/fortigate/620B.html
Cena 15515 Euro (standardna cena bez zliav)

Na Application Control sa vyuziva IPS senzor takze treba pozerat na priepustnost IPS nie firewallu samotneho, ten je pri modeli 620B az sialene vysoko Very Happy

A aby som nezabudol, vsetky Fortigate boxy (od najnizsieho) podporuju HA mod cize clustering, moznost je Active-Active cluster alebo Active-Passive. Cena druheho boxu do HA clustra je s 50% zlavou.


Last edited by eXplorer on 11.12.2009 - 17:18; edited 1 time in total
 
 View user's profile Send private message Visit poster's website  
Reply with quote Back to top
gyro
Post subject: RE: Problem s blokovanim P2P  PostPosted: 11.12.2009 - 17:14 #78125
Majster


Joined: Okt 22, 2003
Posts: 3321
Location: Banská Bystrica - Rudlová
Lacne to nie je Smile
 
 View user's profile Send private message Send e-mail Visit poster's website ICQ Number 
Reply with quote Back to top
eXplorer
Post subject: RE: Problem s blokovanim P2P  PostPosted: 11.12.2009 - 17:19 #78128
Majster


Joined: Feb 25, 2003
Posts: 2606
Location: BA,BB
gyro wrote: ›Lacne to nie je Smile


kolko stoji Allot ? neponukame ho, pretoze nie je dovod ked existuje all-in-one riesenie - nemam teda aktualny cennik.
 
 View user's profile Send private message Visit poster's website  
Reply with quote Back to top
gyro
Post subject: RE: Problem s blokovanim P2P  PostPosted: 11.12.2009 - 17:27 #78129
Majster


Joined: Okt 22, 2003
Posts: 3321
Location: Banská Bystrica - Rudlová
Allot je jeden nepodareny smejd s vysokou spotrebou elektriny. Skorej som to porovnaval s Kerberom od SOMI systems ale to je vykonov tiez asi niekde dole.
 
 View user's profile Send private message Send e-mail Visit poster's website ICQ Number 
Reply with quote Back to top
eXplorer
Post subject: RE: Problem s blokovanim P2P  PostPosted: 11.12.2009 - 18:35 #78131
Majster


Joined: Feb 25, 2003
Posts: 2606
Location: BA,BB
Allot je jednoucelovy box, toto je all-in-one security riesenie s velmi zaujimavymi featurkami - vpodstate mozes vyhodit centralny firewall, shaper, "NAT-er", FUP manager atd. Podporuje aj dynamicky routing OSPF, BGP. Od TPlinku, Zyxelu a podobnych haluzi je to veeeeeelmi daleko.

Ked das 2 boxy do clustra tak mas dostupnost na urovni 99,999% a pri Active-Active clustri ziskas dvojnasobnu priepustnost a obidva boxy sa tvaria ako jedno zariadenie dokonca s jednou MAC adresou Wink bezna prax je umiestnit kazde zariadenie do inej budovy (geo-cluster). Manazment oboch zariadeni cez jednu IP (jedno rozhranie) je samozrejmost.

Fortinet neporovnavaj so softwarovymi rieseniami, konkurentom pre Fortinet je Cisco, Checkpoint a Juniper a mozno casom PaloAlto Networks. Narozdiel od konkurencie Fortinet integruje velmi vela veci do jedneho boxu, konkurencia ma na kazdu featurku zvlast box co zvysuje naklady, nechcem tym ale povedat ze konkurencne produkty su zle. Napr Juniper patri k spicke ale je o viac boxoch ... a teda aj o cene.
 
 View user's profile Send private message Visit poster's website  
Reply with quote Back to top
m-tec
Post subject: RE: Problem s blokovanim P2P  PostPosted: 11.12.2009 - 18:45 #78132
Ucen


Joined: Máj 31, 2006
Posts: 965
Location: Šahy
Tak to ste mu teda poradili... Very Happy Chlapec potrebuje odstrelit jedneho cloveka a vy mu tu nukate jadrovu zbran ktorou vyhladis cele mesto Very HappyVery HappyVery Happy Jablko aku velku mas siet? (nemam umysel sa ta nijako dotknut, ale mam taky dojem ze potrebujes jednoduchu radu ako nastavit pravidla pre malu siet)
 
 View user's profile Send private message Visit poster's website ICQ Number 
Reply with quote Back to top
eXplorer
Post subject: RE: Problem s blokovanim P2P  PostPosted: 11.12.2009 - 18:52 #78133
Majster


Joined: Feb 25, 2003
Posts: 2606
Location: BA,BB
m-tec wrote: ›Tak to ste mu teda poradili... Very Happy Chlapec potrebuje odstrelit jedneho cloveka a vy mu tu nukate jadrovu zbran ktorou vyhladis cele mesto Very HappyVery HappyVery Happy Jablko aku velku mas siet? (nemam umysel sa ta nijako dotknut, ale mam taky dojem ze potrebujes jednoduchu radu ako nastavit pravidla pre malu siet)


Fortigate 50B zvladne 30Mbit na IPSku (pri 512B UDP paketoch) a stoji 450 Euro, to je tiez jadrova elektraren ? Smile jablko nenapisal aku chce priepustnost a ci je to pre 10 alebo 1000 pripadne 10000 uzivatelov, odpovedal som na gyrov dotaz. Software FortiOS je na vsetkych Fortinet boxoch rovnaky, male boxy nie su ochudobnene o ziadne funkcie, existuju drobne vynimky napriklad podpora agregovanych rozhrani (EtherChannel v Cisco terminologii).

http://www.fortinet.com/products/fortigate/50B.html
 
 View user's profile Send private message Visit poster's website  
Reply with quote Back to top
gyro
Post subject: RE: Problem s blokovanim P2P  PostPosted: 11.12.2009 - 19:13 #78135
Majster


Joined: Okt 22, 2003
Posts: 3321
Location: Banská Bystrica - Rudlová
Aka je moznost externeho manazovania (vlastny billing system)? A ake su moznosti prefinancovania?
 
 View user's profile Send private message Send e-mail Visit poster's website ICQ Number 
Reply with quote Back to top
eXplorer
Post subject: RE: Problem s blokovanim P2P  PostPosted: 12.12.2009 - 17:05 #78169
Majster


Joined: Feb 25, 2003
Posts: 2606
Location: BA,BB
gyro: vzdialeny manazment je okrem webu (http aj https) mozne robit cez SSH, pricom SSH-cko na Fortigate podporuje autentifikaciu pomocou klucov, tj. nezadavas meno heslo. Tento sposob je urceny na vzdialenu (automaticku) spravu pomocou externeho manazovacieho nastroja.

http://kb.fortinet.com/kb/microsites/se ... %201435600

Command line reference manual je:
http://docs.forticare.com/fgt/techdocs/ ... te-cli.pdf
Manual k web rozhraniu:
http://docs.forticare.com/fgt/techdocs/ ... -admin.pdf

Co sa tyka financovania, toto ako firma neriesime, standardne mame splatnost faktur 14 dni pokial zakaznik chce prefinancovat technologiu na dlhsie obdobie (pozicka alebo leasing) riesime to cez leasingovu spolocnost s ktorou spolupracujeme. Pripadne si financovanie cez leasingovku (svoju) dohodne zakaznik sam.
 
 View user's profile Send private message Visit poster's website  
Reply with quote Back to top
jablko
Post subject: RE: Problem s blokovanim P2P  PostPosted: 13.12.2009 - 07:00 #78175
Basic


Joined: Feb 17, 2006
Posts: 121
m-tec wrote: ›1. takym tahacom treba natvrdo obmedzit upload na napr.128k
2. mozno by som hladal chybu aj v backbone, ked ten nestiha v dosledku tahania, automaticky sa zvysuju pingy
3. connection limit per user nastavit na P2P max.200 a na usera celkovo max.300
ak ani toto nepomoze, skontrolovat ci ma dobry signal, ACK a pod.


1.upload som uz skusal obmedzovat a nepomohlo
2.aj to som kontroloval, problem je vyskoky ping medzi ap a klientom
3.limit mam samozrejme nastaveny.

preto tu pisem lebo si neviem poradit
 
 View user's profile Send private message Visit poster's website  
Reply with quote Back to top
jablko
Post subject: RE: Problem s blokovanim P2P  PostPosted: 13.12.2009 - 07:06 #78176
Basic


Joined: Feb 17, 2006
Posts: 121
m-tec wrote: ›Tak to ste mu teda poradili... Very Happy Chlapec potrebuje odstrelit jedneho cloveka a vy mu tu nukate jadrovu zbran ktorou vyhladis cele mesto Very HappyVery HappyVery Happy Jablko aku velku mas siet? (nemam umysel sa ta nijako dotknut, ale mam taky dojem ze potrebujes jednoduchu radu ako nastavit pravidla pre malu siet)


mam okolo 1600 klientov
okolo 60 mbit a idem zvysovat na 100mbit.
packetov okolo 8000 v spicke down.

Nemam zo zariedeniami typu fortinet skusenosti ale myslim ze ta 80tka by mi mohla pomoct.
Co myslite?
 
 View user's profile Send private message Visit poster's website  
Reply with quote Back to top
zelmar
Post subject: RE: Problem s blokovanim P2P  PostPosted: 13.12.2009 - 09:29 #78177
Guru


Joined: Okt 23, 2005
Posts: 1031
Location: /etc/bin/ladin
jablko wrote: ›
m-tec wrote: ›Tak to ste mu teda poradili... Very Happy Chlapec potrebuje odstrelit jedneho cloveka a vy mu tu nukate jadrovu zbran ktorou vyhladis cele mesto Very HappyVery HappyVery Happy Jablko aku velku mas siet? (nemam umysel sa ta nijako dotknut, ale mam taky dojem ze potrebujes jednoduchu radu ako nastavit pravidla pre malu siet)


mam okolo 1600 klientov
okolo 60 mbit a idem zvysovat na 100mbit.
packetov okolo 8000 v spicke down.

Nemam zo zariedeniami typu fortinet skusenosti ale myslim ze ta 80tka by mi mohla pomoct.
Co myslite?


Kurva to ako robis ze 60M na 1600 userov? Predavas iba 128kbps linky?Ved v normalnom svete by si potreboval minimalne 100M a viac. A aj pps je nejako malinko na tolko userov.

PS: CHcem viediet to pravidlo na torrentakov (Mikrotik/linux na to nemá gule aby s nimi nieco bez extremneho obmedzenia ostatnych služieb/portov urobil)
 
 View user's profile Send private message Visit poster's website ICQ Number 
Reply with quote Back to top
Display posts from previous:     
All times are GMT
Post new topic Reply to topic
View previous topic Printable version Log in to check your private messages View next topic
Page 2 of 5 < 12345 >
Jump to:  

SKFREE Forum Index » SKFree Network » Troubleshooting
Powered by PNphpBB2 © 2003-2005 The PNphpBB Group
Credits

(C) SKFree 2002-2010: Powered by POSTNUKE. Môžete prebera? naše správy vo formáte XML(RSS)