Verify seatcount and IP list from Websense User

Step-by-step instructions for current versions of Websense software. You will see the list of IP addresses that the Filtering Service has gathered since the last successful database update, or since the Filtering Service was restarted.

Version 6.3.x (Windows)
- Run windows CMD
- From the Websense\BIN directory command prompt, type: consoleclient localhost 15869
- Enter 2 for PrintSelf.
- Enter 1 for Dump to Local File.
- Enter 3 for the Data Dump Level.
- Enter a text file name (example: ipcount.txt).
- Enter 16 for SubscriptionTracker.
- Enter Q to quit.
- At the DOS prompt, type the text file name (ipcount.txt) and it will open up in Notepad.

Interpreting the output data

License Map size: 5986
The current IP address count for today, from the last successful database update or the last Filtering Service restart until ConsoleClient was run.

Exceeded License Map size: 0
The number of IP addresses in excess of the subscribed seat count.

Last day map cleared: 2
The last day of the week where the license map was cleared (0= Sun 1=Mon 2=Tue 3=Wed 4=Thu 5=Fri 6=Sat)

Last day license exceeded email: -1
-1 indicates this has never happened; 0 indicates the email has been sent out.

Last day license 90% email: -1
-1 indicates this has never happened; 0 indicates the email has been sent out.

Current week user count(max): 5857
Maximum (peak) number of users during the current week, where the week starts on Sunday

Previous week user count(max): 6666
Maximum (peak) number of users during the previous week, where the week starts on Sunday

Symantec VVR Key Analysis in Data Replication

Overview

- Symantec obtained Veritas Volume Replicator (VVR) via their acquisition of Veritas in 2005
- VVR is a host-based replication software.
- VVR replicates at volume level.
- VVR does not have an integrated snapshot capability. It requires the purchase of FlashSnap agent.
- VVR can be purchase as an option to Veritas Storage Foundation (VSF)
- VVR requires VSF installed on both the source and target servers and convert the data volumes to VSF-managed volumes.

Key Points Analysis

- Delivers host-based replication that places the burden directly on the application server
- Supports only IP. No multiple host-to-appliance interconnects: 2G FC, 4G FC, iSCSI
- Snapshot support is provided with FlashSnap agent which needs to be purchased separately
- VVR requires to restart the entire volume replication if link or disruption is more than 30mins
- VVR require 4KB and above per i/o replication size
- FlashSnap provides application awareness for limited number of applications
- Requires Veritas Storage Foundation (VSF) for volume management
- VSF is required both at the source and target server
- When you purchase VVR, you also need to purchase VSF for each host increasing the cost of the solution significantly
- Heavy duty host software and VSF are disruptive to the environment and requires careful planning to minimize the impact when applying operating systems patches or application patches
- Impacts server resources and likely affects the performance of the application customer is protecting.
- Can only replicate to the same OS. Windows to windows, Linux to Linux, etc.
- No native compression support (requires 3rd party technology)
- No native encryption support
- Replication failure requires a full re-sync of the volume.
- Does not protect the application host operating system environment, only the application data.
- Requires separate products (NetBackup for Bare Metal Recovery)
- Requires several different software pieces in addition to VVR to effectively provide data protection and replication services, i.e. Veritas Storage Foundation (VxFS, VxVM), Cluster Server and FlashSnap, etc
- All of the software products running on the host adds complexity and affects the performance of the host server
- In addition to the cost of purchasing all of the software products, management of these software products in each host is complex and the complexity increases as the number of host increases

3Com Switch 4200G Quick Start Guide

Accessing the switch via serial
Set Serial Options as listed below :

Port : COM?? ( Run Device Manager and view active COM Port)
Baud rate : 19200
Data bits : 8
Parity : None
Stop bits :
Flow control : DTR/DSR, RTS/CTS and XONXOFF are all disabled

Setting up the Management
Default username : admin
Password : none

Go to config mode

[JB-AccessSwitch]dis cur
#
sysname JB-AccessSwitch
#
igmp-snooping enable
#
queue-scheduler wrr group1 0 1 1 2 2 3 3 4 4 5 5 9 6 13 7 15
#
radius scheme system
#
domain system
#
local-user admin
password simple XXXXX
service-type ssh telnet terminal
level 3
local-user manager
password simple XXXXX
service-type ssh telnet terminal
level 2
local-user monitor
password simple monitor
service-type ssh telnet terminal
level 1
#
vlan 1
igmp-snooping enable
#
interface Vlan-interface1
ip address 10.247.25.9 255.255.255.0
#
ip route-static 0.0.0.0 0.0.0.0 10.247.25.1 preference 60
#
snmp-agent
snmp-agent local-engineid 8000002B0022577BBD806877
snmp-agent community read public
snmp-agent community write private
snmp-agent sys-info contact furynax
snmp-agent sys-info location JohorBharu
snmp-agent sys-info version all

Saving the configuration

[JB-AccessSwitch] save
The configuration will be written to the device.
Are you sure?[Y/N]y
Please input the file name(*.cfg)(To leave the existing filename
unchanged press the enter key):
Now saving current configuration to the device.
Saving configuration. Please wait...
............
Unit1 save configuration flash:/3comoscfg.cfg successfully

[JB-AccessSwitch]
%Apr 2 00:14:12:769 2000 JB-AccessSwitch CFM/3/CFM_LOG:- 1 -Unit1 saved configuration successfully.

10 Most Helpful Windows commands for troubleshooting

mstsc	Opens the Remote Desktop (RDP) tool
winmsd	Opens the System Information dialog box
inetcpl.cpil	Opens the Internet Explorer Properties dialog box
cmd	Opens the Windows Command Prompt using the 32-bit cmd shell
mmc	Opens the Microsoft Management Console (MMC)
services.msc	Opens the Windows Services dialog box
eventvwr.msc	Opens the Windows Event Viewer
dxdiag	Opens the DirectX Diagnostic Tool
\\<>\c$	Opens a UNC to the C: share
shutdown –m \\hostname –r –f	Gracefully reboot the remote machine when everything else fails

Basic Deployment of BIG-IP LTM (with Persistence) for ABC Portal

Prerequisites and configuration notes

The following are prerequisites for this solution:
- For this deployment, BIG-IP LTM system must be running version 9.0 or later (in my case BIG-IP version is 9.3.1 Build 37.1)
- Assume that the BIG-IP LTM device is already installed in the network, and objects like Self IPs and VLANs have already been created.

Creating Pool
The next step is to define a load balancing pool for the ABC WWW servers. BIG-IP LTM pool is a set of devices grouped together to receive traffic according to a load balancing method.

- On the Main tab, expand Local Traffic, and then click Pools.
- In the upper right portion of the screen, click the Create button.
- From the Configuration list, select Advanced.
- In the Name box, type a name for your pool.In my example, I use abc-http-pool
- In the Slow Ramp Time box, type 300. For this pool, I use the Least Connections load balancing method. I set the Ramp Time in order to ensure that if a pool member becomes available after maintenance or a new member is added, the Least Connections load balancing algorithm does not send all new connections to that member (a newly available member will always have the least number of connections).
- In the IP ToS to Server and Link QoS to Server rows, make sure Pass Through is selected.
- From the Load Balancing Method list, choose your preferred load balancing method (different load balancing methods may yield optimal results for a particular network). In my case, I choose Least Connections (member).
- In this pool, leave the Priority Group Activation Disabled.
- In the New Members section, make sure the New Address option button is selected.
- In the Address box, add the first WWW server to the pool. Type 10.X.X.X
- In the Service Port box, type 80 or select HTTP from the list.
- Click the Add button to add the member to the list.
- Repeat these steps for the remaining servers, 10.X.X.1 and 2.

Creating an HTTP profile
- On the Main tab, expand Local Traffic, and then click Profiles.
- In the upper right portion of the screen, click the Create button.
- In the Name box, type a name for this profile. Type abc-http.
- From the Parent Profile list, select http
- Modify any of the other settings as applicable for your network.
- Click the Finished

Creating the TCP profile
- On the Main tab, expand Local Traffic, and then click Profiles.
- On the Menu bar, from the Protocol menu, click tcp.
- In the upper right portion of the screen, click the Create button.
- In the Name box, type a name for this profile.Type abc-tcp.
- From the Parent Profile list, select tcp.
- Click the Finished

Creating the persistence profile
- On the Main tab, expand Local Traffic, and then click Profiles.
- On the Menu bar, click Persistence.
- In the upper right portion of the screen, click the Create button.
- In the Name box, type a name for this profile. Type abc-cookie.
- From the Persistence Type list, select Cookie.
- Click the Finished

Creating the virtual server
- On the Main tab, expand Local Traffic, and then click Virtual Servers
- In the upper right portion of the screen, click the Create button.
- In the Name box, type a name for this virtual server.Type abc-http-vs.
- In the Destination section, select the Host option button.
- In the Address box, type the IP address of this virtual server.
- In the Service Port box, type 80, or select HTTP from the list
- From the Configuration list, select Advanced.
- Leave the Type list at the default setting: Standard.
- From the Protocol Profile (Client) list select the name of the profile created in the Creating the TCP profile section. Select abc-tcp.
- From the HTTP Profile list, select the name of the profile created in the Creating an HTTP profile section. Select abc-http.
- From the SNAT Pool list, select AutomapIn the Resources section, from the Default Pool list, select the pool created in the Creating the pool section. Select abc-http-pool.
- From the Default Persistence Profile list, select the persistence profile created in the Creating the persistence profile section. Select abc-cookie

- Click the Finished button.

ZPM Agent on Linux

- Make sure you are authenticated as a root user. It requires root privilege. Otherwise, the installation will not proceed.

- Check the Java version

[root@paranoid root]# java –version
java version "1.6.0"
Java(TM) SE Runtime Environment (build 1.6.0-b105)
Java HotSpot(TM) Client VM (build 1.6.0-b105, mixed mode, sharing)
[root@paranoid root]#

- Make sure it is running on version 1.4 and above. If it is not running on version 1.4 and above, please install the Sun Java. Any other Java such as IBM JVM is not supported. If any other JVM is installed, uninstall it and then install Sun JVM

- Copy the unixupdateagent.tar of ZPM from CD to /root/zpmagent directory. Create zpmagent directory if not exist

[root@paranoid root]# cd zpmagent/
[root@paranoid zpmagent]# ls unixupdateagent.tar

- Extract unixupdateagent.tar file using the command below

[root@paranoid zpmagent]# tar -xvf unixupdateagent.tar
./install
./patchagent.tar
./README.txt
./patchagent.properties
./env.class
./InstallArchive.jar
./install.ncf
./support.tar

- Run “./install”

[root@paranoid patchlinkagent]# ./install

- Installation wizard will appear. Below are the screenshots

Installing ZENworks Patch Management Agent 6.3450
Copyright (c) 2006 Novell Corporation

Performing tests for Manual install...
Manual installation tests successfully completed.

- Press Enter to use default path (/usr/local) of ZPM Agent installation

Enter the directory where ZENworks Patch Management Agent should
be installed [/usr/local]:
Expanding archive...

- Enter the correct address and serial keyas given by the administrator

Enter your ZENworks Patch Management Server address:
http://
Enter the serial number that appears as xxxxxxxx-xxxxxxxx:
Server Serial Number>
Do you have a proxy?[y|N]: N
Do you wish to add this agent to existing groups on ZENworks Patch
Management Server?[y|N]: N

- Once completed, the summarized installation report will be displayed

This machine's IP Address is: 10.251.25.254
This machine's name is: paranoid
This agent has been converted to a service.
Successfully registered!
Now starting ZENworks Patch Management Agent...
ZENworks Patch Management Agent started with pid 2640.
View the ZENworks Patch Management Agent logs in
/usr/local/patchagent/update/log

To uninstall the ZENworks Patch Management Agent, run:

[root@paranoid root]# cd /usr/local/patchagent
[root@paranoid patchlinkagent]./uninstall