Engineer Net security

The Fortigate100D firewall & MPLS networks

Fortigate100DI find it profitable to sit around the development teams. Someone always says “hey Tref come and see this”. On this occasion it was a couple of Fortigate100D firewalls.

Now the cynics amongst you will say so what? A firewall? What’s so interesting about that? I realise that there can be few readers of this blog of that disposition and those that are have probably only stumbled upon it by accident, never to return.

I also realise that it’s not quite the same as saying “hey Tref come and see this Cisco CRS-3 322 Tbps router”. Well we don’t have such a beast at Timico, yet (although it is is surely just a question of time before we need routers of that capacity, Cisco or otherwise). It’s unlikely that the Cisco CRS-3 would have been lying around the lab anyway as it takes up three racks and no doubt a DC hall full of power.

In fact the FortiGate100D is not a particularly high spec firewall at least compared with what you can get. It is however more than adequate for the job it is lined up for which is a network refresh of one of our customer’s MPLS implementations.

It is in the lab being set up and tested prior to roll-out sometime over the next few weeks.  These things don’t want rushing, they want careful planning. That’s probably the single biggest difference between us as an ISP now and when we first started off with just a few hundred ADSL customer and a few Ethernet connections. Planning and project management is a far bigger proportion of the network engineering job now that the straight setting up of the noughts and ones. It’s a discipline that leads to fewer tears later on and I’m all for cutting down on the time spent weeping by engineers.

These particular firewalls are destined for separate London locations on our core network. Once in they won’t see the light of day for a few more years. TTFN.

PS thanks to that fine person Gareth Bryan for this snippet.

Engineer internet spam

Spam 2.0

I don’t know about you but I have started getting spam through Facebook. So far it isn’t the classical type of spam selling viagra etc.  I have however been getting friend requests from attractive young ladies with exotic names. 

I also seem to be inundated with notifications of rubbish that I have no interest in checking out.

I was discussing this with Dave Ward, one of our Tech Consultants, who mentioned that Fortinet have now brought out Spam2.0 filters for their firewalls.  Social Networking sites have started having their vulnerabilities exploited. 

People are getting spammed with direct messages, apparently from friends.  Facebook chat, for example, is one way used to insert worms onto someone’s PC and thence onto your network.

Fortinet has an application that allows companies to let employees access Facebook whilst blocking access to applications such as chat known to be vunerable.  Screenshot below. You might need to click a couple of times on the picture to get it to a viewable size/quality.  Also check out the recent Wikipedia article on Social Networking Spam.


PS Don’t get me wrong here.  I am a happily married man and whilst I’m sure I quite like being chatted up by nice young ladies one has to ask why complete strangers, whose interests seem to be dating and meeting members of the opposite sex, would want to approach me…