No Patents for This Bandwidth Shaper


By Art Reisman

CTO http://www.netequalizer.com

I often get asked if our NetEqualizer Technology is Patented. And the answer is NO.  The Netequalizer secret sauce is buried deep within our code , and is protected by copy right law.

As for patents, I have a disdain for software patents which was exemplified in this 2007 article that I wrote for Extreme Tech Magazine which explains my position.  Here is an excerpt

The problem with this patent, like many others in a misguided flood of new filings, is that it describes an obvious process to solve a naturally occurring problem.

For the full article click here “Analysis  Confessions of a Patent Holder

6 Tips for Installing a Wireless Network


I have been involved with supporting thousands of wireless networks over the past 14 years. From large professional sports arena’s to small home networks, I have seen successes and failures alike.  What follows are my learnings from living  with the pain and the success of these networks.

 

  1. Do not cut corners on coverage. The biggest and most egregious mistake that our customers have made over the years is shopping price over coverage.   The fewer access points installed the lower the net cost of the install. You may not realize  this mistake during initial trials.  Once your network is at full capacity coverage issues can be a nightmare for both customer and vendor.
  2. Use the best available  technology.  There are many different flavors of technology when installing a wireless network.  Note, the best technology may not be the most expensive, and the newest technology may not be the most reliable. As for specific recommendations on technology , I will include information in the comments section as information becomes available.
  3. Don’t let the advertised SPEED of  access point specifications overly influence your decision.  There are many factors that ultimately affect the end-user connection speed. In many cases the top advertised speed of an access point is unattainable. For an analogy would you pay an extra $50,000 for a car that could go 200 MPH when the speed limit is 75?    I have seen buildings with a 100 megabit  link to the Internet , purchasing 20 1 G access points.  Even for future expansion purposes this is way too much overkill,
  4. When choosing an IT company to help with the install, The midsize or small company in your area is likely a better bet than the large IT company.   I have personal experience working with a company that went from a great company to work with to a nightmare over a period of years. The reason was as they got bigger and hired more employees,  their talent pool become more diluted ,their prices got higher, while their work quality become a sore point with their customers.
  5. For large complex installations think about paying for a simulation. A company like Candelatech , specializes in simulating various loads on wireless networks and is well worth the up front investment prior to build out.
  6. Congestion control. Disclaimer: Yes we make a bandwidth controller and yes we are biased toward this technology. On many networks the best design and best wireless equipment are rendered irrelevant if there is not enough bandwidth to feed the animals.  A wide open heavily used network will come to  a halt without  some form of intelligent bandwidth control.

NetEqualizer News: July 2017


We hope you enjoy this month’s NetEqualizer Newsletter. Highlights include our 8.5 Release is Generally Available, along with an updated Quick Start Guide, our new DNS Traffic Tracking, and more!

 

July 2017

 

8.5 Release is Generally Available!
Greetings! Enjoy another issue of NetEqualizer News.

In our last newsletter, we mentioned that 8.5 development was complete. This month we are happy to announce that we have finished our testing phase (thanks test team!), and 8.5 is officially Generally Available! In this month’s newsletter we offer you detailed 8.5 Release Notes, preview some of the favorite 8.5 screens, and also provide the updated Quick Start Guide.

We will be updating the User Guide to 8.5 shortly, look to hear more in an upcoming newsletter.

We continue to work with you to solve some of your most pressing network problems – so if you have one that you would like to discuss with us, please call or email me anytime at 303.997.1300 x103 or art@apconnections.net.

And remember we are now on Twitter. You can follow us @NetEqualizer.

– Art Reisman (CTO)

In this Issue:

:: The 8.5 Release is Ready!

:: 8.5 Release Notes

:: 8.5 Release Quick Start Guide

:: Let NetEqualizer Be Your Bandwidth Referee

:: Best of Blog: Tracking Traffic by DNS

The 8.5 Release is Ready

8.5 Release is GA!

We are very happy to announce that our 8.5 Release is now Generally Available.

By far the most exciting and pleasant surprise feature is the reporting by DNS name. This essentially gives NetEqualizer reporting the ability to show detailed traffic by type without the need for expensive and unreliable Layer 7 filtering. The ramifications and the history on why this is possible make for an interesting story, and thus we have dedicated a full article on the subject – see here. This is just one of the many exciting features available in our 8.5 Release – we preview some of these below…

1) DNS Visibility (Hostname Reporting)
As mentioned above, we are very excited about the new ability to track and view traffic flows by hostnames. With the 8.5 Release, you can view hostnames in the Active Connections table:

And, you can track these hosts by adding them to Traffic History-> Manage Tracked Hosts, as shown below. This enables you to view data by hostname in our Traffic History graphs, as shown in the graph below. This is in addition to our current offerings of Traffic History by IP address, Pool, or VLAN:

2) Login and Logout
The 8.5 Release also has more security features added – including login/logout, session management, and HTTPS.

3) Color-coding in the NetEqualizer Log
We’ve also enhanced the ability to read the log file by adding color-coded markings to our log entries. In 8.5, this includes penalty and informational entries. Below we show how information-only entries are highlighted:

These markings will show new penalties, increased penalties, decreased penalties, and removed penalties, as well as informational entries about traffic that is going through your NetEqualizer (see above).

4) Pool-specific Equalizing (Pool Level Ratio and Hog Minimum)
One of the most requested features we’ve heard from our users, the 8.5 Release has the ability to fine tune your Pool settings even further with pool-specific HOGMIN and RATIO parameters.

Feel free to use the network-wide defaults or create your own! The changes will be reflected in the Pool dashboard:

There are many more changes that we are know you will be excited to see. If you are interested in the 8.5 Release, please contact us. The 8.5 Release is free to customers with valid NSS (NetEqualizer Software and Support) subscriptions.

8.5 Release Notes
You have read about some of our 8.5 features & screens above.  If you are interested in learning more about 8.5, you can read our official 8.5 Release Notes, which as always, are posted on our NetEqualizer Blog site (www.netequalizernews.com).

8.5 Release Quick Start Guide

Take a look at our new Quick Start Guide!

We are happy to share a preview of our updated Quick Start Guide, which now reflects our 8.5 Release!

Some of the key changes now discussed include:

1) our new Login/Log Out capability, highlighted on Page 4.
2) our enhanced Active Connections Table on Page 11, which now shows penalty status for each data flow.
3) our “visual” NetEqualizer Log on Page 12, which contains detailed color-coded information about penalty statuses.

As this is the Demo Version, it does not contain passwords. As always, we ship the full Quick Start Guide with each NetEqualizer unit, so that you will receive an updated version with passwords each time you purchase a NetEqualizer.

Click here or on the image at right to view the full Quick Start Guide.

Let NetEqualizer Be Your Bandwidth Referee

NetEqualizer works so well you won’t even notice it!

The best compliment you can give an umpire or referee in a sporting event is that you did not notice them, and with that example in mind we can safely say our configuration checking is doing its job.

It is rare for us to get Support calls regarding configuration mistakes. This invisibility and smoothness of operation is due to ongoing work behind the scenes to make sure that configuration changes make sense and guide the user away from common mistakes. With every release we improve in this area! I’m sure our long-time customers from the very early days (circa 2005) would not recognize the GUI and ease of use if they made a jump all in one step.

As part of our 8.5 offering, our Support Team has enhanced their configuration validation capabilities. When you send in your diagnostic file, they can now automatically check your Traffic Limits and P2P Limits against a more complex set of validity rules, including unintended overlapping IP ranges.

If you are interested in taking advantage of this 8.5 feature, contact our Support Team to learn more.

Best Of Blog

Tracking Traffic by DNS

By Art Reisman

The video rental industry of the early 80’s was comprised of 1000’s of independent stores. Corner video rental shops were as numerous as today’s Starbucks. In the late 1990’s, consolidation took over. Blockbuster, with its bright blue canopy lighting up the night sky, swallowed them up like doggy treats. All the small retail outlets were gone. Blockbuster had changed everything – their economy of scale, and their chain store familiarity, had overrun the small operators…

Photo of the Month
After the storm – summer vacation on the lake…

One of our staff members just returned from a lake vacation, which in my opinion is the best kind of vacation in summer. This shot was taken right after a rainstorm on the lake. The sun peaking through the clouds really highlighted the landscape and made the rainbow stunning.

APconnections, home of the NetEqualizer | (303) 997-1300 | Email | Website 

Tracking Traffic by DNS


The video rental industry of the early 80’s was comprised of 1000’s of independent stores.  Corner video rental shops were as numerous as today’s Starbucks.  In the late 1990’s, consolidation took over.  Blockbuster with its bright blue canopy lighting up the night sky swallowed them up like doggy treats.   All the small retail outlets were gone. Blockbuster had changed everything, their economy of scale, and their chain store familiarity, had overrun the small operators.

In a similar fashion to the fledgling video rental industry, circa 1990’s Internet content was scattered across the spectrum of the web, ripe for consolidation.  I can still remember all of the geeks at my office creating and hosting their own personal websites. They used primitive tools and their own public IP’s to weave these sites together.  Movies  and music were bootlegged, and shared across a network of underground file-sharing sites.

Although we do not have one Internet “Blockbuster” today, there has been major consolidation.  Instead of all traffic coming from 100’s of thousands of personal or small niche content providers, most of it comes from the big content providers. Google, Amazon, Netflix, Facebook, Pinterest are all familiar names today.

So far I have reminisced about a nice bit of history, and I suspect you might be wondering how all of this prelude relates to tracking traffic by DNS?

Three years ago we added a DNS (domain name system) server lookup from our GUI interface, as more of a novelty than anything else. Tracking traffic by content was always a high priority for our customers, but most techniques had relied on a technology called “deep packet inspection” to identify traffic.  This technology was costly, and ineffective on its best day, but it was the only way to chase down nefarious content such as P2P.

Over the last couple of years I noticed again the world had changed. With the consolidation of content from a small number of large providers, you could now count on some consistency in the domain from which it originated.  I would often click on our DNS feature and notice a common name for my data.   For example, my YouTube videos resolved to one or two DNS names,  and I found the same to be true with my Facebook video.  We realized that this consolidation might make DNS tracking useful for our customers, and so we have now put DNS tracking into our current NetEqualizer 8.5 release.

Another benefit of tracking by domain is the fact that most encrypted data will report a valid domain.  This should help to identify traffic patterns on a network.

It will be interesting to get feedback on this feature as it hits the real world, stay tuned!

India IT a Limited Supply


Before founding my current company, I was on the technical staff for a large telecom provider.  In the early 1990’s about half of our tech team were hired on the H-1 visa’s  from India, all very sharp and good engineers.  As the tech economy heated up, the quality of our Engineers from India dropped off significantly, to the point where many were actually let go after trial periods, at a time when we desperately needed technical help.

The unlimited supply of offshore engineering talent evidently had its limits.  To illustrate I share the following experience.

Around the year 2000, in the height of the tech boom, my manager, also from India, sent me on a recruiting trip to look for grad students at a US job fair hosted for UCLA students.

In my pre-trip briefing we went over a list of ten technology universities in India, as he handed me the list he said,  “Don’t worry about a candidates technical ability, if they come from any one of these ten universities they are already vetted for competency, just make sure they have a good attitude, and can think out-of-the-box.”

He also said if they did not attend one of the 10 schools on the list then don’t even consider them, as there is a big drop off in talent at the second tier schools in India.

Upon some further conversations I learned that India’s top tech schools are on par with the  best US undergrad engineering schools.  In India there is extreme competition and vetting to get into these schools.  The dirty little secret was that there were only a limited number of graduates from these universities.  Initially, US companies were only seeing the cream of the Indian Education system.  As the tech demand grew, the second tier engineers were well-enough trained to “talk the talk” in an interview, but in the real world they often did not have that extra gear to do demanding engineering work and so projects suffered.

In the following years, many US-based engineers in the trenches saw some of this incompetence and were able to convince their management to put a halt to offshoring R&D projects when the warning signs were evident.  These companies seemed to be in the minority.  Since many large companies treated their IT staff, and to some extent their R&D staff, like commodities, they continued to offshore based on lower costs and the false stereotype that these Indian companies could perform on par with their in-house R&D teams.  The old adage you get what you pay for held true here once again.

This is not to say there were not some very successful cost savings made possible by Inidan engineers,  but the companies that benefited were the ones that got in early and had strong local Indian management, like my boss, who knew the limits of Indian engineering resources.

How I Survived a Ransomware Attack


By Art Reisman

About six months ago, I was trying to access a web site when I got the infamous message: “Your Flash Player is out-of-date”.  I was provided with a link to a site to update my Adobe Flash Player.  At the time, I thought nothing of updating my Flash Player, as this had happened perhaps 100 times already. That begs the question as to why my perfectly fine and happy Adobe Flash Player constantly needs to be updated?  Another story for another day.

In my haste, I clicked the link and promptly received the Adobe Flash update for my Mac and installed it. For all intents and purposes, that was the end of my Mac.  This thing just took it over, destroying it.  It would insidiously let me get started with my daily work and then within a few minutes I would receive a barrage of almost constant messages popping up telling me I had a virus and to call some number for help.  Classic Ransomware.  At the time I did not think Macs were vulnerable to this type of thing, as the only viruses I had contracted prior were on my Windows machines, which I tossed in the scrap pile several years ago for that very reason.

My solution to this dilemma was simply to re-load my Mac from scratch.  I was up and running again in about one hour.   A hassle yes, the end of the world – no.

Now you might be wondering what about all my data programs and files I store on my Mac?  And to that I answer what data files?  Everything I do is in the Cloud, nothing is stored on my Mac, as I believe that there is no reason to store anything locally.

Gmail, Quickbooks, WordPress, photos, documents, and everything else that I use are all stored in the Cloud!

For backup purposes, I periodically e-mail a list of all my important Cloud links to myself.  Since they are stored in Gmail, they are always accessible and I can access them from any computer.  Data recovery amounts to nothing more than finding my most recent backup list e-mail and clicking on my Cloud links as needed.

NetEqualizer News: May 2017


We hope you enjoy this month’s NetEqualizer Newsletter. Highlights include an update on the 8.5 Release, a reminder about our NetEqualizer Leasing program, a customer story about how RTR helped them identify a virus in their network, a refreshed NetEqualizer white paper, and more!

 

May 2017

 

8.5 Release – Development is Complete!
Greetings! Enjoy another issue of NetEqualizer News.

Our 8.5 Release development has completed, five happy stars to the development team! This month we talk about Enhanced DNS resolution reporting, and preview the Read-Only Administrative Access screens. If you would like to get your hands on the 8.5 release as a beta tester, please contact us to participate. Look for the 8.5 Release to be generally available early summer 2017.  

We continue to work with you to solve some of your most pressing network problems – so if you have one that you would like to discuss with us, please call or email me anytime at 303.997.1300 x103 or art@apconnections.net.

And remember we are now on Twitter. You can follow us @NetEqualizer.

– Art Reisman (CTO)

In this Issue:

:: First Impressions on our 8.5 Release

:: NetEqualizer Leasing always great option!

:: RTR Traffic History Reports Capture Unknown Virus Activity for WNPL

:: Updated Executive White Paper

:: Best of Blog: How to Create and Send an Encrypted File With No NSA Backdoor

First Impressions on our 8.5 Release

8.5 Release Development is Complete!

I finally got a chance to kick the tires on our 8.5 release, and it kicked me back! I really like so much in 8.5, it is difficult to determine where to start!

The biggest wow factor to hit me was our enhanced DNS reporting. For years our customers have been asking, “Can you tell me how much traffic went to YouTube or Netflix?” Well, I am thrilled to say that finally the answer is yes.

With our DNS reporting you can now track all the data to any well-known public domain. The screen shot below of our Active Connections Report says it all. You can see the domains in the DST (destination) and SRC (source) columns for all live traffic flowing through the network.

In addition to being able to see public domains for all active traffic, you can now also view Traffic History for any host names that you have set up to track. You can see history for a selected public domain in the screenshot below.

I also love our expanded login capabilities. Many of our customers have a support Help Desk team on site. These are the first responders for network problems in your organization. Just like their counterparts in the medical field (EMTs), they may not be trained in advanced surgical techniques. For example, you would not want them making policy changes on your bandwidth controller, but you definitely need your help desk personnel to do some initial triage, gather some data, and keep the patient alive, until the doctor arrives on scene.

Our NEW Read Only login will give them access to RTR and all its advanced reporting screens, without the possibility of any life-threatening policy changes to the network.

You can see that this person is logged in as Read Only by looking in the top right portion of the menu bar for the RTR icon, or looking for the “report” login next to the new Logout feature.

And finally, we continue to expand our Preferences capabilities, so that you can customize your experience with the NetEqualizer.

“Remember one hundred and twenty eight thousand bytes per second is a Megabit.” I was getting tired of uttering this phrase and being an apologist for our units displayed on our connection tracking (Active Connections) screen. In fairness to our engineering team, the connection tracking table started out as a simple troubleshooting tool for internal use, and has now morphed into one of the more important real-time reporting screens for our customers.

With 8.5 we bring you units in Megabits (or whatever unit your preference may be)! See the screenshot below. Once you select your preference, these units will be on your Active Connections Report.

With our 8.5 release entering the system test phase, we will soon be looking for Beta Testers (June/July timeframe). If you are interested in participating, please contact us.

NetEqualizer leasing always a great option!

Check out our leasing program!

Do you have a short term need for a bandwidth shaper? Perhaps a conference event, or something to tide you over while waiting for a bandwidth upgrade? Maybe your business model requires you to spread out expenses over time instead of an up front purchase? If you answered yes to one or more of these questions, now is the time to contact us about leasing a NetEqualizer. We offer leases starting at 2 months with no long term contract.

RTR Traffic History Reports Capture Unknown Virus Activity for WNPL

RTR has more uses than you might think…

The following is an email we received from Kevin Getty – Head of Information Technology for Warren-Newport Public Library. Kevin found an interesting use for our RTR interface and associated data.

Thanks Kevin!
————————————————————————————————

Having some spare time one day I decided to see what I could do with the data that’s provided by the four week traffic history report. First I downloaded the data and imported it into a spreadsheet to see what was available and formatted it into a more user friendly display. Once formatted I grouped the data by IP address and started to analyze the upload throughputs by user per day. I quickly realized what “normal” activity was looking like for our network PC’s.

Once the IP’s were resolved to DNS names, I was surprised to see such high bandwidth from a specific PC. Bandwidth that was large and during closed office hours spreading across multiple days. I approached the user to see if they had any experience with slow or intermittent internet access and sure enough they did. Their experience of slowness was the NetEQ doing it’s wonderful job of penalizing them and normally it should, but the user experienced slowness due to a bug on the computer. They also stated they left their PC on overnight because they didn’t want to lose what they had been working on, so this explained why the traffic showed during closed hours. When asked if they knew when they started to experience slowness, their answer matched what the data showed in the four week report.

The next step was to investigate to see if the PC had any bugs or malware that hadn’t been caught yet. Using several antivirus and malware removal utilities that are known to be successful at finding the little buggers, all came up empty. So the next thing was to restore the user’s Windows profile from backup prior to the high traffic use. After restoring the profile and monitoring for a day, the reports showed normal traffic.

Since then I’ve written a windows application that will download the reports and analyze the traffic. Granted, not all high usage is necessarily bad traffic, but the uploading was what caught my eye and is analyzed in the application to signal an alarm. The first screenshot shows the overall bandwidth usage of the report.

The second shows the selected PC that was showing high usage. You’ll notice the consistent upload and download across several days.

I do have suggestions for your reports. Selectable date ranges and resolved DNS names would be nice.

I’ve been using NetEQ for over a decade now and I’m not sure what I’d do without it. Thanks for a great product and keep up the great work!

Updated Executive White Paper

Take a look at our refreshed white paper…

Our Executive White Paper has been updated to highlight a key capability of the NetEqualizer – that we are able to shape both encrypted and unencrypted traffic.

This is an important advantage of behavior-based shaping. Application traffic shapers are only able to shape unencrypted traffic, as they need to classify it to work with it. We have also updated the Comparison Table on Page 2 to better highlight how the NetEqualizer compares to Other Traffic Shapers.

The Executive White Paper is a good summary for management to read to get a quick feel of the NetEqualizer’s core capabilities, and also to understand how it differs from traditional application shapers.

Read our updated Executive White Paper here

Best Of Blog

How to Create and Send an Encrypted File with No NSA Backdoor

By Art Reisman

Note: Believe it or not in a previous life, before I settled on computer science, I was a math major. Not much stuck from those days but I did remember one lesson very well, and that was that there are a plethora of ways to implement a mathematic encryption of data. In the following blog article I share with you an easy to use a program for personal encryption.

Below is a little routine I wrote to encrypt and decrypt a file.

This script is meant for encrypting text files and sending them privately through e-mail as an attachment.

Note: The author makes no claims about whether this encryption technique can be broken. It would not be easy.

Here is what you need to use this program.
1. Mac or other computer that can run a perl script from the command line
2. very basic knowledge of how to create and edit a file from the command line

Photo of the Month
Kansas Prairie Home from Days Gone By…

One of our staff members was visiting western Kansas recently, and decided to take a bike tour.  This house is one of many that remain from the Dust Bowl days, when many farmers abandoned their homes due to the prolonged severe drought. These homes dot the land, much of which was given away by the Homestead Acts.

APconnections, home of the NetEqualizer | (303) 997-1300 | Email | Website 
%d bloggers like this: