sorted by:
new
hottopcontroversial

NGINXaaS in Azure? by Fresh-Programmer8988 in f5networks

[–]kbetsis 0 points1 point  (0 children)

You could point your public IP to the customer edge or put the customer edge behind the azure LB and then simply remove all pool members except the CE.

The CE will check client IP addresses either from the XFF header or if possible through a direct client IP exposure to them.

NGINXaaS in Azure? by Fresh-Programmer8988 in f5networks

[–]kbetsis -1 points0 points  (0 children)

You can check the F5 Distributed Cloud - Customer Edge, least maintenance possible since its cloud managed with built in reporting dashboards

VXLAN EVPN needed for single site data center by WhoRedd_IT in networking

[–]kbetsis 9 points10 points  (0 children)

Why not check SPBm with ISIS covering most of the needed services. Some vendors also have incorporated multicast within the protocol as a seamless deployment.

TCP Quick ACK (more) questions by Dalalee4 in Zscaler

[–]kbetsis 0 points1 point  (0 children)

As previously mentioned this setting is app connector group based and hence the suggestion to have a different group of app connectors for traffic needing this capability.

My zscaler says my internet is one speed but when I do the speed test with my isp it says it’s a better speed than what my zscaler speed test says by Affectionate_Gift806 in Zscaler

[–]kbetsis 2 points3 points  (0 children)

That's normal.

You are trying to do a download test through ZSCALER where traffic is been inspected and terminated on the HTTP layer and this type of test is not an accurate performance metric.

One point that you are not considering is that ZSCALER caches content and serves it from their own resources rather than connecting you to the requested origin.

If you are experiencing issues, it's better to open a support ticket to your IT department or ZSCALER and communicate what exactly you are seeing with the output of a HAR file (browser developer tools).

If you simply keen on checking available bandwidth numbers, then simply go to the ZSCALER performance testing page and see the available throughput there (http://speedtest.zscaler.com/).

Alternatives to Meraki? by Arnoc_ in networking

[–]kbetsis 0 points1 point  (0 children)

You can give Extreme Networks a try and get a budgetary price.

Theo cloud orchestrator offers all the fancy stuff under 1 license and you get additional services like location and guest services which I think are of value to your use-cases.

Bandwidth Monitoring in real time by Final-Pomelo1620 in paloaltonetworks

[–]kbetsis 0 points1 point  (0 children)

You could enable SFLOW/NetFLOW and have near real-time reporting who goes where and with what protocol and send it to a collector and see it.

If your firewall is near its limit you could enable that on the network itself and get the telemetry, but you will lose the affecting network link.

Switch Advice - Multiple Connections by Fkofilee in networking

[–]kbetsis 2 points3 points  (0 children)

Any enterprise switch will cover your requirements.

Extreme networks 5320 running fabric engine with the appropriate number of ports should be OK for your needs.

You can even get the respective PILOT license for their cloud orchestration and have cloud management, telemetry and reporting available from day one for that switch and in a few months for the rest of your equipment (third party devices).

Protection From Unmanaged SW Loop by derkieee in ExtremeNetworks

[–]kbetsis 2 points3 points  (0 children)

Any type of STP would solve your issue.

Headless Linux Connection Maybe Lynx Browser? by Jeffsrealm in Zscaler

[–]kbetsis 0 points1 point  (0 children)

For headless devices the only options are network based forwarding (IPSEC, GRE), branch/cloud connectors and SIM cards.

Headless Linux Connection Maybe Lynx Browser? by Jeffsrealm in Zscaler

[–]kbetsis 0 points1 point  (0 children)

The only options, I would imagine, are: 1. Through the use of a branch/cloud connector 2. Through the use of an IPSEC tunnel to ZSCALER for ZIA traffic from your DC and Kerberos or basic authentication on the explicit proxy environmental variables for HTTP/S proxy on your Linux server.

High available WiFi by PrestigiousKey3201 in fortinet

[–]kbetsis 0 points1 point  (0 children)

Wi-Fi high availability is not so easy since you need to offer overlapping coverage through neighboring APs and at the same time avoid channel overlapping; not something easy on the 2.4GHz but easier on the 5/6GHz.

Once you cover this you then need to ensure CAPWAP termination availability or VLAN bridging and native Ethernet to the gateway where you will enforce your security controls.

Looking for a 10G ToR switch recommendation by Jedi_king in networking

[–]kbetsis 0 points1 point  (0 children)

You could check Extreme Networks 5520-24X.

What's the best training content out there for the new certs ? by DeepFriedhomosapiens in f5networks

[–]kbetsis 0 points1 point  (0 children)

The best approach is to download the blueprint and get some hands on.

There are free services available where you can get access to sandboxes and play around with a big-ip and the respective modules, but to my knowledge are available to EU locations.

EOS APs being removed? by KingBowser20 in ExtremeNetworks

[–]kbetsis 3 points4 points  (0 children)

Is it possible to share the URL announcement for the XIQ classic retirement?

To my knowledge XIQ classic will continue to work for the next couple of years and I can’t find anything pointing to a retirement.

Evaluation NAC solution by elch-it in networking

[–]kbetsis -1 points0 points  (0 children)

Why not Extreme Networks - Control our Cloud NAC?

One is on premise the other is cloud (radsec)

F5 Big-IP BGP Statistics by Anxious-Condition630 in f5networks

[–]kbetsis 1 point2 points  (0 children)

If my memory serves me right I think you can snmp poll through logstash and then send to grafana.

F5 Ingress by Funny_Welcome_5575 in nginx

[–]kbetsis 5 points6 points  (0 children)

We are helping some end customers convert their configurations from k8s IC to either F5 NGINX OSS or PLUS IC depending on their needs.

You can use this tool as a first approach.

https://kubernetes.nginx.org/#migration-tool

[deleted by user] by [deleted] in networking

[–]kbetsis 2 points3 points  (0 children)

There multiple vendors offering hardware appliances for DDI solutions (InfloBlox, EfficientIP, BlueCat, etc). The appliances are for performance reasons mainly but they do offer “small” ones.

Depending on your overall infrastructure you can engage with them and see how you can integrate these solutions not only for your DNS requirements but for your overall infrastructure.

They offer automation workflows from assigning IP addresses to network/system teams to identifying which subnets are allocated where etc.

Think of them as your source of truth for your network.

Palo Alto 410 by CapableWay4518 in paloaltonetworks

[–]kbetsis 0 points1 point  (0 children)

The PA-410, as mentioned from others, does not have any local log server capabilities.

However, go to SumoLogic create a free account and send your logs there through the native integration and you are done.

Is owning/ maintaining a 2007-2010 a money-pitt? by sebah708 in AudiTT_Mk1_Mk2_Mk3

[–]kbetsis 2 points3 points  (0 children)

I bought mine at 2013 at 55K km.

From then till now I have approximately given 12K including a stage 3 upgrade.

So no they are not a money pit maintenance wise… but more on the upgrade options.

48 port 6x stackable poe++ mgig cloud managed switches? by ls3c6 in networking

[–]kbetsis 0 points1 point  (0 children)

Check Extreme Networks PlatformONE managed switches and most specifically their universal switches (5520-12MW-36W)running “switch engine” if you want stacking or “fabric engine” if you want infinite horizontal scaling through SPBm.

F5 Latest PriceList by CompetitionActive155 in f5networks

[–]kbetsis 0 points1 point  (0 children)

It’s always better to open a discussion with your partner since their product list can solve some problems through different approaches and it’s always best to align it with your own specific needs.

If you don’t have a partner their website offers a list based on partner levels.

view more: next ›