The DDoS industrial Complex Just Keeps on Growing


DARPA (Defense Advanced Research Projects Agency) is now awarding projects to vendors so they can proliferate the security industry with next-generation tools to mitigate DDoS attacks.

In the article main points are:

DARPA says the XD3 program looks to develop technologies that:

  • Thwart DDoS attacks by dispersing cyber assets (physically and/or logically) to complicate adversarial targeting
  • Disguise the characteristics and behaviors of those assets to confuse or deceive the adversary
  • Blunt the effects of attacks that succeed in penetrating other defensive measures by using adaptive mitigation techniques on endpoints such as mission‐critical servers.

How about instead of creating infinite complexity, just stopping them.  I wrote how this could be done back in December in 2015.

Or better yet, how about stinging and arresting people who initiate them? Perhaps we don’t have the police powers to do so.  Maybe the FBI has the manpower to do this. Hopefully it will not get to the point where we need to just cut off those countries from the Internet.

Am I just stupid? Or am I missing something?  What would be the cost to the security industry if we actually found a non labor-intensive way to put and end to this nonsense?

By  Art Reisman
CTO www.netequalizer.com

 

 

The 1/4 Million DDoS Extortion


In Christian Sager’s June 2014 article “Why do people perform DDoS attacks“, he does an excellent job in outlining the possible motivations for DDoS attackers. I especially like the DDoS attack map site he references. Here is a snapshot from today’s attacks
DDoS attacks around the world

Christian covers a range of excellent points behind DDoS attacks, and yes he does address direct monitory extortion in the following excerpt.

Extortion:
Feedly’s claim that their DDoS attack was the result of extortionists isn’t that unbelievable. There have been several cases where a DDoS is followed by a ransom note. Once the site is down, the attackers demand money in exchange for stopping their attacks. Some even make the threat before the attack. In both cases their rate of success is usually low.

A DDoS attack with a ransom note is a bit crude when compared to the much more insidious indirect extortion going in the world of DDoS attacks.  One half Million Dollars is the base price for a firewall capable of mitigating a DDoS attack on a 10 gig network  (with limited success at that).  Vendors are selling thousands of them  year.  Let me state, I do not have evidence of any link between the sale of a Firewall product  to a deliberate DDoS attack, but I wonder why the DDoS attacks are so widespread and cannot help but to speculate. With equipment sales in infrastructure struggling in a flat IT infrastructure economy. The prevalence of wide spread DDoS attacks is picking up.

Why Are DDoS attacks so hard to block?


I started off this post thinking about whether or not moving your infrastructure to a cloud would give organizations better protection against DDoS attackers, and the short answer is: not really.

The issue with a coordinated DDoS attack is that it is usually orchestrated from a wide range of attacking computers, which are typically hijacked, and retrofitted with undetected scripts that can be turned on to send out a flood of data at target when directed by the hijacker.

When the attack is commenced all these disparate computers start sending data to your organization in unison. In order to stop  just one  of these attacking computers from flooding your network you have to cut it off upstream at the source.

Blocking the attackers incoming IP  at your local firewall doesn’t do any good because the  main pipe  coming from your upstream provider is still flooded with garbage, and most likely unusable.   So you have to follow the trail of attacking computer farther upstream. Your provider should be able to help if you can work with them, but that may or may not be effective, because the DDOS attack, if large enough can also torment your provider.   And even if you do manage to work upstream and block the IP’s where the attack is coming from , some DDOS attackers can just keep coming at you from new wave of  IP addresses.  One person acting alone can Hi-jack millions of computers from around the world and use them in waves of recurring attacks, with little effort.

How does a hijacker have the time to take over a million computers?

I’ll cover that in my next post.

As for the cloud offering protection, a cloud hosted IT infrastructure cannot provide any immunity, the cloud can be attacked; however the cloud providres might have the resources to detect and more easily block an attacker farther upstream  and a bit more quickly so there is some benefit.

 

See also

Regulate DDOS like pollution

DD4BC Group Targets Companies with Ransom-Driven DDoS Attacks

 

 

 

Regulate DDoS Like Pollution


I just read another article on DDOS attacks and how companies are being extorted.  As usual I am thinking way out of the box again.

Background on the mechanics of DDOS attack

The raw tools of  DDOS attacker are made possible by  the billions computing devices sitting around  the world attached  to the Internet.   A DDOS attacker probes constantly for computers to hack, and then once they have access to  several hundred or more in their control , they can point  them to any business, sending a storm of data requests jamming  Internet links from the outside. Think of a million people trying to cram into the door of your apartment all at once, you would be trapped inside.

I know first hand this can happen. I put some vulnerable poorly written HTML code on a home computer I was  testing with , and somebody found it , exploited the HTML code and turned it into an attacking computer.

The best and perhaps the only reliable way to stop a DDOS attack is to stop it at the source computers. The problem here is that these are privately owned and are maintained by people that usually have no idea that their computer has been hijacked.  The larger providers do have fairly sophisticated software to detect attacks coming from home users but obviously this is not working very well.

Despite how Orwellian this might sound , I am thinking that perhaps some government standard built into the line cards that connect to the Internet is where we will find a solution.    Okay, I can hear the groans and feel the tomatoes hitting my face , but before you pass judgment , remember these attacks are terroristic in nature. We debate heavily over gun control and the second amendment, and yet we sort of sit idly by and take  trillions in dollars of economic hits from internet terrorists.

A technical solution is quite feasible and here is how it would work. 

Most of the devices that connect computers to the Internet have mini computers built into them. These computers that handle the lowest level of communication are basically factory sealed at the time of manufacture. For example: the computer chips inside wireless Lan cards that connect you to the outside world, they have little factory sealed computer programs.

The footprint of a DDOS attack going out is much different than normal usage patterns and could be easily spotted and detected by the chip sets in these line cards.

The EPA regulates the smoke stacks on coal power plants and the emissions on cars to keep our air clean. The same precedent could be used to regulate any device that connects to the internet. It is absurd at the ease of which a few people can bring down entire multi billion dollar corporations. By inserting a simple logic  in the chip sets of consumer devices we could detect and disable DDOS attack attempts before they get going. In essence  we would remove the criminals tool set , perhaps entirely in a matter of a few years . The beauty of this proposal is that it would have no effect on the operating systems that computers use.  IOS , Linux, Windows would not require any updates, only the platforms that they run on.

I am likely about 10 years ahead of my time with this writing , but I suspect given the rise of DDOS attacks this may be a very viable solution. We’ll see when the dust settles.

 

Posted in DDoS. 3 Comments »

NetEqualizer DDoS Firewall: Simple and Effective without the Bloat


One of the challenges when creating a security tool is validating that it works when the S$%^ hits the fan.  We have heard (via anonymous sources) that many of the high-dollar solutions out there create bloated, rotting piles of information, whose only purpose is to look impressive due to their voluminous output.  A typical $100K buys you a CYA report. A tool that covers  everything, leaving the customer to decide what to do; which is usually nothing or some misguided “make work”. These non-specific tools are about as useful as a weather forecast that predicts everything all the time. Rain, Snow, Wind, Hot, Cold, for everyday of the year. If you predict everything you can’t be wrong?

On the other hand, the reports from the field coming in for our DDoS tool are:

Yes, it works.

Yes, it is simple to use.

Yes, it takes action when appropriate.

We have confirmation that our DDoS tool, combined with our shaping algorithms, has kept some very large institutions up and running while under very heavy, sophisticated DDoS attacks.   The reasons are simple. We look at the pattern of incoming packets in a normal situation.  When the pattern reaches a watermark that is clearly beyond normal, we block those incoming circuits. If needed, we can also take a softer approach, so the attacker is not aware we are throttling them.  This is needed because in some situations outright blocking will alert the attacker you are on to them and cause the attacker to double-down.

When under DDoS attack you don’t need reports; you need immediate action. If you would like to discuss our solution in more detail feel free to contact us.

DDoS Attacker Caught in the Act


Before the telescope, planets and stars were just dots of light to the human eye. Before the invention of X-rays, and the MRI, doctors often could not determine the cause of a problem until a person was in an autopsy room.

Today, there is no reason to remain blind to DDoS and hacking intrusions.

This morning I got a text message from our training engineer at a customer site. “Just stopped a Chinese DDoS attack at the #### school.”

Our training engineer was not even doing a security audit. He was simply walking through the features of our product. He had scrolled over to our DDoS monitoring tool, and right away this attack popped out. It was as clear as a large cancerous tumor in an MRI. He noticed an outside entity was bombarding the customer link with all kinds of queries.

The attacker stood out because our DDoS tool identifies uninvited queries, as well as gives you a count of how often they are hitting your enterprise. Our engineer then checked the source of the incoming IP, and thus removed any lingering doubt that this was a hostile attack. The requests were originating from China, which was not an expected source of traffic on this school’s network.

This wasn’t yet a full-scale DDoS attack, but the warning signs were clear. The attacker happened to be hitting port 22, probing for login vulnerability on all the servers inside the school. From the frequency of the incoming requests, it was obviously a bot. Combining the frequency of hits with the fact that it was an uninvited outside IP address, it stood out like a sore thumb in our DDoS monitor (easily flagged). Once identified, the IT administrator at the school was then able to block the IP, averting any further shenanigans from this hacker.

In everyday life, we’re able to identify warning signs and act accordingly for our own protection. For example, if a person showed up at your front door wearing a ski mask with an AK-47, you would likely not let them in, right? The threat would be obvious. The point is it should not be expensive or impractical for the average layman to also easily spot a security risk on a network. You just need a tool that exposes them.

You Also Might Like

Firewall Recipe for DDoS Attack Prevention and Mitigation

Posted in DDoS. 1 Comment »

Network Provider Outages and DDoS Attacks Dwarf Local Hardware Failure Problems


My Internet Service went down yesterday and I had to revert to my backup provider.

Network Outages due to upstream provider failure are endless…

Comcast Outage for North Denver Fiber cut

Comcast hit with massive Internet outage

Forum discussion about wide spread Internet outage Des Moines Iowa

Spokane Washington 10,000 customers without Internet service

Wide spread Internet outage London , Virgin Media

And even if your provider is not to blame, there are endless hackers out there instigating DDoS attacks , some with an ax to grind others just for random entertainment.

DDoS attack brings down Web Drive Client New Zealand

DDoS attack brings down dutch government

DDoS attack interrupts tournament.

Although this sampling of news stories is not very scientific, I could literally spend a month clipping these articles. There are new ones every day, and that is just the major ones that get reported. If I informally poll our customers, almost every single one of them has seen a DDoS attack of  some kind in the past year, and all have had some sort of upstream Internet outages within the last couple of years.

Now if I ask how many have had critical Network Equipment go down due to hardware failure, that list shrinks to maybe 1 or 2 percent of our customers. Basically, what this tells me is you have a 100 percent chance of a Network outage for some period of time every year due to a problem upstream with your provider. You have  a 2 percent chance due to a hardware failure with your local core Router/Firewall/Bandwidth/Switches.

To put that another way, for every 50 outages caused by external events at your provider beyond your control, you have 1 event due to internal hardware failure.

The solution is to have multiple distinct Internet Providers on hand at all times, so if one goes down you can switch over to the other. As I said there is nothing wrong with the idea of sourcing redundant local equipment, but statistically it is much more important to get a second Internet provider sourced before investing in redundant equipment.

Here is another article highlighting the prevalence network outages.

Note: Although DDoS attacks are provider Independent, your chances of stopping or mitigating the attack are enhanced by having multiple providers.

Other causes of failures:
Yes, wireless topologies are notoriously unstable, and so are applications running on Web Servers, both of which can cause service outages to local users. These types outages are usually not on the same order as catastrophic hardware failure problems or upstream failures. Outages with wireless equipment and service are usually related to these products getting into a bad state, and are not associated with a complete loss of communication to the outside world. You’ll still need to re-boot these systems to get them back into a good state.

Related Articles: 

The Top Five Causes of Disruption of Internet Service

Five Tips for Defending Against a DDoS Attack

 

 

Firewall Recipe for DDoS Attack Prevention and Mitigation


Although you cannot “technically” stop a DDoS attack, there are ways to detect and automatically mitigate the debilitating effects on your public facing servers. Below, we shed some light on how to accomplish this without spending hundreds of thousands of dollars on a full service security solution that may be overkill for this situation.

Most of the damage done by a targeted DDoS attack is the result of the overhead incurred on your servers from large volume of  fake inquiries into your network. Often with these attacks, it is not the volume of raw bandwidth  that is the issue, but the reduced the slow response time due to the overhead on your servers. For a detailed discussion of how a DDoS attack is initiated please visit http://computer.howstuffworks.com/zombie-computer3.htm zombie-computer-3d

We assume in our recipe below, that you have some sort of firewall device on your edge that can actually count hits into your network from an outside IP, and also that you can program this device to take blocking action automatically.

Note: We provide this type of service with our NetGladiator line. As of our 8.2 software update, we also provide this in our NetEqualizer line of products.

Step 1
Calculate your base-line incoming activity. This should be a running average of unique hits per minute or perhaps per second. The important thing is that you have an idea of what is normal. Remember we are only concerned with Un-initiated hits into your network, meaning outside clients that contact you without being contacted first.

Step 2
Once you have your base hit rate of incoming queries, then set a flag to take action ( step 3 below), should this hit rate exceed more than 1.5 standard deviations above your base line.  In other words if your hit rate jumps by statistically large amount compared to your base line for no apparent reason i.e .you did not mail out a newsletter.

Step 3
You are at step 3 because you have noticed a much larger than average hit rate of un-initiated requested into your web site. Now you need to look for a hit count by external IP. We assume that the average human will only generate at most a hit every 10 seconds or so, maybe higher. And also on average they will like not generate more than 5 or 6 hits over a period of a few minutes.  Where as a hijacked client attacking your site as part of a DDOS attack is likely to hit you at a much higher rate.  Identify these incoming IP’s and go to Step 4.

Step 4
Block these IP’s on your firewall for a period of 24 hours. You don’t want to block them permanently because it is likely they are just hijacked clients ,and also if they are coming from behind a Nat’d community ( like a University) you will be blocking a larger number of users who had nothing to do with the attack.

If you follow these steps you should have a nice pro-active watch-dog on your firewall to mitigate the effects of any DDoS attack.

For further consulting on DDoS or other security related issues feel free to contact us at admin@apconnections.net.

Related Articles:

Defend your Web Server against DDoS Attacks – techrecipes.com

How DDoS Attacks Work, and Why They’re Hard to Stop

How to Launch a 65 gbps DDoS Attack – and How to Stop It

NetEqualizer News: October 2017


We hope you enjoy this month’s NetEqualizer Newsletter. Highlights include a preview of our Reporting Only NetEqualizer, our customers’ favorite 8.5 features, and some tech tips!

 

October 2017

 

Reporting Only NetEqualizer
Greetings! Enjoy another issue of NetEqualizer News.
As fall settles in here in Colorado, we are enjoying the cool evening weather and watching the leaves turn. It is truly a beautiful time of year to live in the Rocky Mountains! In this month’s newsletter, we announce our new offering – a Reporting Only NetEqualizer, for those of you who would like to use our technology to view network traffic and troubleshoot network issues. Read more below to see how this new offering might work in your environment. We are turning our attention to planning for 2018, now that we have completed our 8.5 Release. As always, we welcome your input into the release planning process. This month you can share your ideas with us! In this month’s newsletter we also offer you 8.5 Customer Favorite Features, and NetEqualizer Tech Tips, along with our ever-popular Best of Blog article.

We will be updating the User Guide to 8.5 shortly, look to hear more in an upcoming newsletter.

We continue to work with you to solve some of your most pressing network problems – so if you have one that you would like to discuss with us, please call or email me anytime at 303.997.1300 x103 or art@apconnections.net.

 

And remember we are now on Twitter. You can follow us @NetEqualizer.

– Art Reisman (CTO)

In this Issue:

:: Reporting Only NetEqualizer

:: 8.5 Customer Favorites

:: Have a Say – Ideas for the Next Release

:: NetEqualizer Tech Tips

:: Best of Blog: The New Bandwidth Paradigm

Reporting Only NetEqualizer

With Attractive Pricing!

For about half the cost of our full featured NetEqualizer, you can now purchase a NetEqualizer with a Reporting License only. Our Reporting Only option enables you to view your network usage data in real-time (as of this second), as well as view historical usage to see your network usage trends. Reporting can help you to troubleshoot your network, from identifying DDoS and virus activity, to assessing for possible unwanted P2P traffic.

You might consider a Reporting Only NetEqualizer for a site where you would like better visibility into your network, and also think you may need to shape at some point. It could also help you to assess a network segment from a traffic flow perspective.

And the great thing is, we always protect your investment in our technology. If at a later time you do decide you want to use our state-of-the-art shaping technology, you have not lost your initial investment in the NetEqualizer. You can always upgrade and only pay the price difference.

What features come in Release 1 (R.v1) of the Reporting Only NetEqualizer?

Graphics Tools
• Reporting by IP, real time and historical usage
• Reporting by Subnet, VLAN real time and historical usage
• Reporting by Domain Name (Yahoo, Facebook etc) – Real time and historical
• Real-time spreadsheet style snapshot of all existing connections

Below is a sample report by domain name screen.

Troubleshooting Tools
• Top Uploaders & Downloaders
• Abusive behavior due to Viruses
• DDoS detection
• P2P detection
• Alerts and Alarms for Quota Overages
• Peak Bandwidth Alerting

More features to come in our next release. Please put in your request now!

Reporting Only prices include first year support.
NE3000-R 500Mbps price $3000
NE3000-R 1Gbps price $4000
NE4000-R 5Gbps price $6000

Note that Reporting Only NetEqualizers can be license-upgraded in the field to enable full shaping features at any time. In this configuration, we are offering bundled hardware warranty (NHW) and software upgrades & support (NSS) for only $500 per year.

8.5 Customer Favorites

Based on feedback from customers, here are the most-liked features of 8.5. Make sure to check these out if you have not already done so.

Pool-Specific Shaping Parameters

We have found that customers really like the ability to control their pool parameters for shaping. At first we were afraid that perhaps this feature might be too deep, especially for a new customer, but so far when we explain it, people really like it. Historically, you could only control the Ratio and Hogmin parameters for the entire NetEqualizer. But now, you can control them at a pool level – giving you even more control over your shaping.

Auto-scaling Graphs

Our graphs can be set so that the scale of each conforms to the data on the screen (auto-scaling), or they can reflect any data that is stored in history (fixed scaling). We learned recently how one of our customers loves auto-scaling, as his data can vary significantly over time. As he uses the Top Uploader & Top Downloaders on a daily basis, he needs the graphs to only reflect the current day in their scaling. We learned this one the hard way – it was offered in 8.4 but not in initial 8.5. Read below in our NetEqualizer Tech Tips section to see how to set up Auto-Scaling in your environment.

Have a Say

Ideas for the Next Release…

What would you like to see in our Next Release? Please let us know! To get you thinking, we’ve thrown out a few ideas here:
VM release for remote locations where logistics complicate hardware delivery?
• 20 Gigabit Shaping?
• Cloud Storage for Reports?
• Customizable Report Exports?
• Enhance Automated Alerts?
• Equalizing Self-Tuning?

NetEqualizer Tech Tips

Every few newsletters, we like to give readers and customers tips on how to best use the NetEqualizer. This month, we highlight the following NetEqualizer Technical Tips:

Implementing HTTPS

Did you know that we support HTTPS? If you have version 8.4 or better then the https access is already installed. You may need to open your https port on your firewall but you should be able to go to https://YourNetEqIP/ and it should work. It only has a self signed certificate so you may need to make an exception for it in your browser.

8.5 Fix: Auto-scaling your graph timeline

If you are one of the users who prefers to have your graphs auto-scale to what is displayed, this tip is for you! Simply follow these instructions and you’ll be all set.

  1. Navigate to the Maintenance -> Troubleshooting Tools -> Edit Any Text File page
  2. In the field “Full path to file:” type: /var/www/newgui/RTR/top-downloaders.php And hit submit.
  3. The top-downloaders.php file will now appear. Find the following string in that file: max: <?php echo niceMaxAxis($maxx); ?>
  4. DELETE that line completely. Click Save.
  5. Navigate back to Maintenance -> Troubleshooting Tools -> Edit Any Text File page
  6. In the field “Full path to file:” type: /var/www/newgui/RTR/top-uploaders.php
  7. And hit submit.
  8. The top-unloaders.php file will now appear. Find the following string in that file: max: <?php echo niceMaxAxis($maxx); ?>
  9. DELETE that line completely. Click Save.
  10. Your graphs should now scale to what’s displayed.

Best Of Blog

The New Bandwidth Paradigm

By Art Reisman
For years the prevailing belief was that consumers would always outstrip bandwidth supply.  From our recent conversations with several land line operators, their experience suggests that in the near-term, that paradigm may not be true.
How could this be?
The answer is fairly simple.  Since streaming HD video became all the rage some 10+ years ago, there has not been any real pressure from any new bandwidth-intensive applications.   All the while, ISPs have been increasing their capacity.  The net result is that many wired providers have finally outstripped demand.

Photo of the Month
Summer Concerts Come to an End

Hanging on to summer memories, Firefall closes out the summer concert series held most Fridays in the summer in Louisville, Colorado.

APconnections, home of the NetEqualizer | (303) 997-1300 | Email | Website 

NetEqualizer Reporting Only License now Available for Purchase


For about half the cost of the full-featured NetEqualizer, you can now purchase a NetEqualizer with a Reporting Only License.  Our Reporting Only option enables you to view your network usage data in real-time (as of this second), as well as to view historical usage to see your network usage trends.

Screen Shot 2017-10-19 at 3.59.43 PM

Live Screen Shot Showing Overall Bandwidth In Real Time

 Reporting can help you to troubleshoot your network, from identifying DDoS and virus activity, to assessing for possible unwanted P2P traffic.

You might consider a Reporting Only NetEqualizer for a site where you would like better visibility into your network, and also think you may need to shape at some point.  It could also help you to assess a network segment from a traffic flow perspective.

And the great thing is, we always protect your investment in our technology.  If at a later time you do decide you want to use our state-of-the-art shaping technology, you have not lost your initial investment in the NetEqualizer.  You can always upgrade and only pay the price difference.

What features come in Release 1 (R.v1) of the Reporting Only NetEqualizer?

  • Reporting by IP , real time and historical usage
  • Reporting by Subnet , VLAN  real time and historical usage
  • Reporting by Domain Name ( Yahoo, Facebook etc) Real time and historical
  • Real-time spreadsheet style snapshot of all existing connections

Troubleshooting Tools

  • Top Uploaders & Downloaders
  • Abusive behavior due to Viruses
  • DDoS detection
  • P2P detection
  • Alerts and Alarms for Quota Overages
  • Peak Bandwidth Alerting

More features to come in our next release, please put in your request now!

Reporting Only prices include first year support.  Prices listed below are good through 3/31/2018.  After March 2018, contact us for current pricing.

NE3000-R 500Mbps price   $3000
NE3000-R 1Gbps price      $4000
NE4000-R 5Gbps price       $6000

Note that Reporting Only NetEqualizers can be license-upgraded in the field to enable full   shaping capabilities.

NetEqualizer News: November 2016


We hope you enjoy this month’s NetEqualizer Newsletter. Highlights include a 8.5 Release feature preview, customer testimonials, and more!

 

  November 2016

 

8.5 Release Planning is Underway!
Greetings! Enjoy another issue of NetEqualizer News.

As we start into the holiday season here in the U.S., I am thankful for many things. First, I want to THANK YOU, our customers, for making this all worthwhile.

fancy thank-you

In my conversations with customers & prospects, I hear over & over how much our behavior-based shaping (aka equalizing) saves you time, money, and headaches. Thank you for validating all our efforts here at APconnections!

I am also thankful that the Presidential Election is over in the U.S., as I am tired of seeing political TV advertisements, which seem to be on every 10 minutes.

We continue to work with you to solve some of your most pressing network problems – so if you have one that you would like to discuss with us, please call or email me anytime at 303.997.1300 x103 or art@apconnections.net.

And remember we are now on Twitter. You can follow us @NetEqualizer.

– Art Reisman (CTO)

In this Issue:

:: 8.5 Release Features Preview

:: We Want Your Suggestions for the 8.5 Release!

:: Is Anyone Out There Still Suffering From DDoS Attacks?

:: Featured Customer Testimonials

:: Best of Blog: Using NetEqualizer to Ensure Clean, Clear QoS for VOIP Calls

8.5 Release Features Preview

We are staring to plan our 8.5 Release!

We have started putting together initial plans for our late spring software update – 8.5 Release. We have some exciting features in mind! Here is a preview of several features that will be included:

Cloud Reporting

Have you ever wanted to access reporting data for longer than 4 weeks? The reason for the current NetEqualizer limit is that we can only store so much data on the device itself.unnamed-2

Our new Cloud Reporting offering will allow you to store historical NetEqualizer data for an extended period of time. You’ll be able to seamlessly pull this data from the Cloud and display the results on your NetEqualizer, or use it for other reporting and archiving purposes.

Read-only Login Account (customer feature request)

The NetEqualizer has always used basic HTTP authentication for it’s one account, but that is about to change! The next release will have a more standard login page with two roles – the current administrator role as well as a NEW read-only account role. The read-only account will let non-technical staff log in and view reports as well as a few other features.fsdf

NetEqualizer Logout (customer feature request)

We will support web application sessions with both log in & log out. Today we offer login but in 8.5 users will also be able to securely log their session out once they are finished using the GUI.

We are very excited about enhancing our recent 8.4 Release user interface with these changes. Stay tuned to the newsletter for updates on 8.5 features, release dates, and more!

We Want Your Suggestions for the 8.5 Release!

 We want your help! Last call for suggestions for our 8.5 Release.

Now is your last chance for 8.5 Release feature requests!

Many of our best features come from customer requests. For example, for all of you that wanted to have a read-only account for NetEqualizer administration, you’ll be happy to know that we have included it in our upcoming 8.5 Release. Our NetEqualizer Logout is also based on a customer suggestion.

For those suggested features that don’t make the cut, it is not because we did not like them (we like all the suggestions), but we have to filter on features that apply to a large set of our customers. We also keep track of all feature requests, so if yours does not make it into 8.5, it may be scheduled in a future release.

We only know what features you are interested in if you speak up! We have no way of knowing if a feature is popular or not unless we hear from you. So please, think deep and tell us what features would make the NetEqualizer tool more valuable to you!

Here are some questions you can ask yourself or your IT team to come up with ideas:

  1. What feature could I use to help us troubleshoot network problems, perhaps something you need to see in our reports?
  2. What feature would further help optimize our bandwidth resource, perhaps your wireless network has unique challenges?
  3. What security concerns do you have? Anything in the DDoS arena?
  4. What feature could be added to make setup and maintenance more efficient?

unnamed-3

Is Anyone Out There Still Suffering from DDoS Attacks?

What have your experiences been?

Perhaps the Russians have given up on hacking? We are not sure, but we certainly have seen a big drop off in DDoS help requests to our support team – so much so that we have put our DDoS firewall enhancement plans on hold.

We were working on a feature request to block foreign IP’s by connection count as one of our DDoS triggers. It would work something like this:

A NetEqualizer customer sets a white list for public IP’s to let through (not blocked). Any other public IP hitting the network with more than X active connections would trigger an alert or possibly a block based on your preference.

We need to know if such a feature, or another DDoS approach would be better, based on your experience.

Let us know what you have been seeing as far as DDoS attacks on your network!

unnamed-4

Featured Testimonials

What our customers are saying…

We take great pride in ensuring our customers are happy with their NetEqualizer! You can find all of our customer testimonials on our website under the “Customers” menu.

Here are just a few testimonials that we’ve received in 2016:

Reed Collegeunnamed-6

“We’ve had NetEqualizers on campus at Reed for several years and continue to be very happy with the product. We have a very small staff and don’t have time to “tune” a device like a Packetshaper. Instead the NetEqualizer is protocol agnostic in the way it shapes traffic for most users but also allows us to quickly prioritize some traffic if necessary.

Over the years the NetEqualizer has saved us countless hours of staff time. We did lose some visibility into what is happening on our border network but our IDS/IPS replaced that functionality. NetEqualizer is an excellent product.”Gary Schlickeiser – Director of Technology Infrastructure Services

Thanks Gary for your kind words!

Edmonton Regional Airport Authorityunnamed-7

“We presently use two NE3000 units for Internet traffic control and monitoring in a redundant setup. At present we have a maximum of 600 Mbps Internet throughput, with over 300 IP addresses in use in some 120+ address Pools.

The NetEqualizer is a very useful tool for us for monitoring and setting speeds for our many users. Most of the feeds come straight off our Campus network, which is spread over a seven kilometer distance from one end of the airdrome to the other. We also feed a number of circuits to customers using ADSL equipment in the older areas where fiber is not yet available. Everything runs though the “live” NE3000!

Controllability and monitoring is key for our customers, as they pay for the speed they are asking for. With the RTR Dashboard, we continually monitor overall usage peaks to make sure we provide enough bandwidth but, more importantly, to our individual customers. Many customers are not sure of how much bandwidth they need, so using the Neteq we can simply change their speed and watch the individual IP and/or Pool usage to monitor. This becomes especially useful now as many customers, including ourselves, use IP telephony to remote sites; so we need to maintain critical bandwidth availability for this purpose. That way when they or we have conference calls for example, no one is getting choppy conversations. All easily monitored and adjusted with the Dashboard and Traffic Management features.

We also have used the Neteq firewall feature to stop certain attack threats and customer infected pcs or servers from spewing email or other reported outbound attacks, not a fun thing but it happens.

Overall a very critical tool for our success in providing internet to users and it has worked very well for the past 8 or more years!”Willy Damgaard – Network and Telecom Analyst

Thanks Willy! We are happy to help.

Cooperative Light & Powerunnamed-8

“Our company is an electric utility and we have a subsidiary WISP with about 1,000 unlicensed fixed wireless customers. We purchased our first NetEqualizer about a year ago to replace our fair access policy server from another company. The server we replaced allowed burst then sustained bandwidth so we weren’t sure if “equalizing” would work, but it works extremely well as advertised.

The NetEqualizer is stable and actually requires very little maintenance after initial configuration. In our case, we wanted to limit the upper end of what a customer could use (max burst). We were able to set that parameter in our wireless CPE’s. Then we set the equalizing pools for the size of our APs. The NetEqualizer can do a burst then sustained then burst at equal intervals, but to our surprise we actually didn’t need to use it.

We also purchased the DDoS Firewall and that is working nicely as well for quick identification of attacks. Perhaps the most important thing to note is the support is excellent. From sales to engineering the team is very responsive and knowledgeable. We were so impressed that we actually purchased a second NetEqualizer to handle the rest of our network. This company is A+.”Kevin Olson – Communication Manager

Thanks Kevin!

It is wonderful to hear such glowing feedback from one of our newer customers! If you would like to share your feedback on the NetEqualizer, to be highlighted in a future NetEqualizer News, click here to send us an email.

unnamed-5

Best Of Blog

Using NetEqualizer to Ensure Clean, Clear QoS for VoIP Calls

By Art Reisman
 
Last week I talked to several ISP’s (Note: these were blind calls, not from our customers) that were having issues with end customers calling and complaining that their web browsing and VOIP calls were suffering. The funny thing is that the congestion was not the fault of the ISP, but the fault of the local connection being saturated with video. For example, if the ISP delivers a 10 meg circuit, and the customer starts two Netflix sessions, they would clog their own circuit.
Those conversations reminded me of an article I wrote back in 2010 that explains how the NetEqualizer can alleviate this type of congestion for VoIP. Here it is…

Photo of the Month
img_2686
Hiking Near Caribou Ranch
It’s been unseasonably warm in Colorado this fall. We’ve been taking advantage of this by hiking in the mountains amidst the changing leaf colors. 
APconnections, home of the NetEqualizer | (303) 997-1300 | Email | Website 

NetEqualizer News: August 2016


We hope you enjoy this month’s NetEqualizer Newsletter. Highlights include Release 8.4 feedback, a preview of our new Quick Start Guide, an update on our 20 Gbps unit, and DDoS news.

 

August 2016

 

Release 8.4 feedback, and more!
Greetings! Enjoy another issue of NetEqualizer News.

art photo for NL

As the end of summer nears, here at APconnections we are basking in the glow of our latest 8.4 software release. Since our last newsletter, which announced that our 8.4 Release was generally available, we have been fully focused on deploying it. Our updated 8.4 GUI has been well-received, as you can read about in this month’s newsletter.

Also this month, we officially release our latest Quick Start Guide, updated for 8.4. Stay tuned for more to come on 8.4 documentation in next month’s newsletter.

Never one to rest on our laurels, we are now focused on the future – and this month you can read about our push for 20Gbps shapers. We also are enhancing our DDoS Firewall offering, to continue to bring you state-of-the-art protection.

We continue to work with you to solve some of your most pressing network problems – so if you have one that you would like to discuss with us, please call or email me anytime at 303.997.1300 x103 or art@apconnections.net.

And remember we are now on Twitter. You can follow us @NetEqualizer.

– Art Reisman (CTO)

In this Issue:

:: Release 8.4 Feedback

:: Release 8.4 Quick Start Guide

:: Is a 20Gbps NetEqualizer in Your Future?

:: More DDoS News

:: Best of Blog: Bandwidth Shaping Shake Up

Release 8.4 Feedback

Release 8.4 has been a hit!

Release 8.4 has been well received! We have had a good number of compliments so far on the new interface. Here is a sampling…


Thanks for chiming in early on holiday Sunday. We do know we can count on you guys! The new interface looks fantastic. Easy access to often used information. It’s clean, neat and modern. Well done!

Your instructions were great! The upgrade is complete… very smooth!

Still haven’t taken the time to thank you for the wonderful GUI upgrade – BIG IMPROVEMENT, THANK YOU!

The new release offers a complete overhaul of the previous user interface and enhances all of our setup and reporting screens. Here are just a few of the improvements we’ve made:

1) Bulk editing of your configuration. You can now make any number of changes to the configuration with one save!

mpxGG3D

2) New dashboard interface. The Release 8.4 dashboard offers a new real-time report, information about your NetEqualizer and running processes, as well as quick links to setup, reporting, and maintenance screens. 

78942211-3c78-4d37-9836-05ecb982e1f7

3) Perform quick edits without restarting Equalizing. If you just need to make a minor change, you can do so without impacting your busy network!

8.4 perform_quick_edits

Contact us today to update your NetEqualizer to Release 8.4! We also love hearing feedback from those of you who have been using Release 8.4!

As with all software releases, the 8.4 Release will be free to all customers with valid NetEqualizer Software and Support (NSS).

Release 8.4 Quick Start Guide

 Our new Quick Start Guide is here!

We are excited to announce that our Quick Start Guide has been updated to incorporate our recent 8.4 Release! Screenshot at Aug 22 14-27-51

This short guide contains 4 key sections to help you to set up & configure your NetEqualizer:

Step #1) Cabling the NetEqualizer into your Network
Step #2) Configuring the NetEqualizer
Step #3) Setting up Equalizing
Step #4) Validating & Backing up your Configuration

We also include three appendices, to further help with your setup:

Appendix #1) Viewing your Traffic
Appendix #2) Troubleshooting your Setup
Appendix #3) Syncing NetEqualizer to a Time Server

While used mainly to set up new equipment, this is a good reference if you want to revisit your settings. In addition, if you have not started using Real-Time Reporting (RTR), use Appendix #1 to get started.

We also recommend that you take a look at this to set your date/time and time zone (see Step #2), as well as to sync your NetEqualizer to a Time Server (see Appendix #3).

Stay tuned to our newsletter for updates on all of our 8.4 documentation releases!

Is a 20Gbps NetEqualizer in Your Future?

More Breaking News!

One of the advantages of the NetEqualizer and our underlying technology is that we do our shaping based on heuristics that can be collected quickly without requiring massive amounts of CPU resources. Traditional packet shaping technology that relies on heavy packet inspection cannot keep up with speeds over 5 Gbps without a complex set of parallel processors, which tend to drive product costs out of practical reach.

Hot on the heals of our Release 8.4, we are turning our attention toward a new class of bandwidth shaping solutions capable of handling 20 Gbps of throughput – while keeping the price tag well below anything else on the market. We will have more details in the coming months as we continue our in-house testing. Look for a formal announcement this fall, and feel free to contact us for more details before then!

airportMore DDoS News

Exciting enhancements to our DDoS Product!

More news on the DDOS front. We will be making some enhancements to our DDOS firewall this fall! Specifically, we will be adding a new feature to block/warn on external IP’s based on their total number of incoming connections. Currently our DDOS warning system triggers on the rate of data coming in from unknown external entities, however we do not have a total concurrent connection count alert specific to outside IP addresses. Stay tuned for more details in the coming weeks, and please email us your ideas for additional DDoS protection as you encounter any suspected issues on your network.
Best Of Blog

Bandwidth Shaping Shake Up

By Art Reisman
 
If you went to sleep in 2005 and woke up 10 years later you would likely be surprised by some dramatic changes in technology.
Smart cars that drive themselves are almost a reality
The desktop PC is no longer a consumer product
Wind farms now line the highways of rural America
Layer 7 shaping technology is now clinging to life, crashing the financials of several companies that bet the house on it
What happened to layer 7?

Photo of the Month
 

SANYO DIGITAL CAMERA

Remember those great roadside attractions?
This cheesy roadside attraction near Oakley Kansas off I-70 has come to end. I drove by it this summer and noticed the signage was down. The elderly operator had mentioned a few years ago that “times were not what they used to be” in the heyday of the 70’s. People were just not stopping anymore. Not only did it feature the world’s largest prairie dog as depicted in the photo, they also had a five-legged cow, a rattle snake pit, and a variety of North American animals in small cages. Although I felt bad for the animals and did not like to see them cooped up like that, I’ll miss the nostalgic charm of an era gone by.
APconnections, home of the NetEqualizer | (303) 997-1300 | Email | Website 

NetEqualizer News: June 2016


We hope you enjoy this month’s NetEqualizer Newsletter.  Highlights include our Release 8.4, an update on the ASCUE conference, a note about a possible 20Gbps NetEqualizer, and also a testimonial from one of our airport customers.

June 2016

Release 8.4 is here!
Greetings! Enjoy another issue of NetEqualizer News.

art photo for NL

Wow! It has been hot here in Denver the past few weeks. We went from May snow, to temperatures over 100 in just over 30 days. I prefer the snow, as I am not much of a hot weather person.

Speaking of heat, the pressure has been on us to get our 8.4 Release out this month. Breaking news – just in, the test team has just sent me a note that we are are ready for delivery on 8.4!

If you have feedback, ideas, or questions for me, please email me anytime at art@apconnections.net.

And remember we are now on Twitter. You can follow us @NetEqualizer.

– Art Reisman (CTO)

In this Issue:

:: NetEqualizer Release 8.4 Is Here!

:: ASCUE Update

:: Is a 20Gbps NetEqualizer in Our Future?

:: NetEqualizer at the Airport

:: Best of Blog: Virtual Internet Presence in the Netherlands Thwarts TV Blackout

NetEqualizer Release 8.4 Is Here!

8.4 is now Generally Available

We are excited to announce that Release 8.4 is now Generally Available! You can read all the details on Software Update 8.4 in our 8.4 Release Notes. And for those of you that have not heard already, here are the key updates to look forward to in 8.4:

#1) Graphical User Interface (GUI) Redesign

8.4 introduces a complete GUI redesign, finishing the GUI transition that we started with our 7.1 Real-Time Reporting (RTR) offering. Our new GUI is easier to navigate and more intuitive. Our logical groupings, such as Setup and RTR, make it easier than ever to find what you need. We now also enable you to select the units that you want to see for your entire GUI via Preferences. And now the GUI includes error checking to look for common data validation errors such as properly formed IP addresses and valid positive integers where required.  Additionally, we have expanded our warning and error messaging, to help ensure that your configuration is valid.

#2) The Updated NetEqualizer Dashboard 

The new NetEqualizer Dashboard gives you a quick view into the state of your NetEqualizer and your network, while providing access to all the key features of your NetEqualizer. From here you access our four core areas:
  • Setup – Use this to configure your NetEqualizer
  • RTR – Use this to monitor network connections and report traffic history
  • DDoS – Use this to view possible DDoS attacks
  • Maintenance – Use to view documentation and troubleshoot your NetEqualizer.

You can also utilize shortcuts to four Common Tasks (Start/Stop Equalizing, Show Configuration, View Active Connections, and Run Diagnostics). On our new Dashboard, all icons are clickable, so that you can drill into each area to view more details and edit as needed. We also think that you will enjoy seeing your current network traffic right on the dashboard via our new ticker tape type live monitor.

#3) Batch Configuration!

You now will have the ability to add, delete, and most importantly, modify, all of your Traffic Limits in a spreadsheet-type format from the GUI using Manage Traffic Limits.  This capability is a great feature to have in place when you are initially setting up your NetEqualizer, and also allows you to modify rules as your network changes. Manage Traffic Limits includes defining Hard Limits, Pools and VLAN Limits (Shared Limits), Masked Hosts, and User Quotas.

We also offer batch configuration for your P2P Limits (via Connection Limits) and Priority Traffic.
During batch configuration, we highlight all field changes to help you identify unsaved changes, and also include data validation error checking against your fields.
Please note: Batch Configuration changes require a full Equalizing Restart in order for your changes to take effect.  

#4) Perform Quick Edits

While batch mode can help you to initially configure your NetEqualizer and also support network changes, we also wanted to maintain your ability to make quick changes on the fly without bringing down your NetEqualizer process. Perform Quick Edits enables you to do just that. We have kept the ability for you to delete and add Individual Rules across all areas (Hard Limits, By Pool, By VLAN, Masked Hosts, User Quotas, P2P Traffic, and Priority Traffic), without needing to stop and restart Equalizing.

Please note: Perform Quick Edits do NOT require a full Equalizing Restart, as changes take effect upon saving.  For this reason, Perform Quick Edits does not include rule modifications – for that you use Manage Traffic Limits, Limit P2P Traffic, and Manage Priority Traffic.

8.4 perform_quick_edits

#5) Usability Enhancements

In addition to all the other great features in 8.4, we have added or enhanced the following:

  • You can now set the Date and Time, as well as the Time Zone, via the NetEqualizer GUI.
  • Run Diagnostics now offers the ability to save the generated data as a .txt file, that you can download and email to Support.
  • We have removed the information-only penalty threshold from the NetEqualizer Log, as it was confusing.
  • We have changed the Default Penalty Unit to 1, which works better with video traffic.
  • We have added DNS name resolution to all tabular reports in RTR via DHCP.
  • We have added Password Verification to the GUI.

Contact us today to update your NetEqualizer to Release 8.4!
As with all software releases, the 8.4 Release will be free to all customers with valid NetEqualizer Software and Support (NSS).

ASCUE Update

 Shaping Bandwidth – Learning to Love Netflix on Campus

As we mentioned in last month’s newsletter, one of our long-time customers, Hollis Townsend, Director of Technology Support and Operations at Young Harris College, spoke about his experience with the NetEqualizer in his talk at ASCUE.  Hollis’ presentation was titled “Shaping Bandwidth – Learning to Love Netflix on Campus”.

In case you missed Hollis’ presentation at the ASCUE Conference (June 12th-16th, 2016), I have enclosed some of the best excerpts here. Hollis presentation is a great case study into how the NetEqualizer can be used to affordably solve network congestion issues in campus environments. 

When Young Harris was looking to replace their Packeteer in 2007,
their wish list for their new solution was the following:

  •  Needed to be inexpensive to buy
  •  Inexpensive to maintain
  •  Web interface
  •  Easy to Maintain or Self Maintaining
  •  Expandable

After reviewing the market, in July 2007, Young Harris purchased a NetEqualizer to solve their network congestion issues and to replace their Packeteer. They have since upgraded their NetEQ as their network has grown over the years, and currently run an NE3000 with a 1Gbps license.  Here are their results:

They have significantly reduced costs.
  • They have spent significantly less than what they did on Packeteer.
  • They took advantage of our Lifetime Buyer Protection Policy of 50% trade-in credit towards new hardware, when they upgraded.
They find the NetEqualizer self-maintaining.
  • Virtually no time spent running the machine
  • About a 1 hour set up from the box to the rack and fully operational
  • Can view reports when desired
  • Literally months will go by with out anyone checking on it  
Students don’t complain and video can run. They had zero File Sharing notices in 2015 & 2016.
  • Students do not complain about bandwidth, just wireless coverage
  • System looks at flows, when bandwidth is over 80 percent, it starts shaping only the heavy users
  • Email, web surfing, gaming never gets shaped at all
  • Netflix, and most streaming services will adapt to low bandwidth on the fly
  • Most never see that they have been shaped, as once the peak is past bandwidth is returned to normal
  • Encrypted payloads don’t matter as it looks at the stream, not the content
  • File sharing is eliminated / reduced as it also is set to not allow a user to exceed multiple streams (over 45) from any single source.

Thank you Hollis for sharing your experiences with the NetEqualizer! 

ASCUE fitbit_winnerWe are also happy to announce that the door prize winner of the Fitbit fitness watch was Jacqueline Stephen of Mercer University in Georgia. You can see a picture of our happy winner here.

ASCUE is the Association Supporting Computer Users in Education and they have been around since 1968. Members hail from all over North America. ASCUE’s mission is to provide opportunities for resource-sharing, networking, and collaboration within an environment that fosters creativity and innovation in the use of technology within higher education.

Is a 20Gbps NetEqualizer in Our Future?

More Breaking News!

Hot on the heels of our newly-released 8.4 Software Update, we have begun testing a couple of new hardware configurations for our NetEqualizer systems. In our next generation systems, we hope to achieve a commercial version capable of shaping 50,000 subscribers at speeds at or above 20 gigabits.

Look for an update in next month’s NetEqualizer News!

airportNetEqualizer at the Airport

Airport Congestion – No Problem for the NetEqualizer!

eiaThe next time you are waiting in the terminal trying to send a few last minute e-mails over the public WiFi, please don’t blame us.
If your connection is dragging, you are probably dealing with an installation where congestion control was an afterthought.

Airports with NetEqualizers at their head tend to be very responsive. Here is what Edmonton Regional Airport Authority, one of our customers, had to say…

Their NetEqualizer Configuration

“We presently use two NE3000 units for internet traffic control and monitoring in a redundant setup. At present we have a maximum of 600Mbps internet throughput with over 300 IP addresses in use in some 120+ address Pools.

(NetEqualizer is)… A very useful tool for us for monitoring and setting speeds for the many users. Most of the feeds come straight off our Campus network, which is spread over a seven kilometer distance from one end of the airdrome to the other. We also feed a number of circuits to customers using ADSL equipment in the older areas were fiber is not yet available.

Everything runs though the “live” NE3000!”

How the NetEqualizer has helped EIA 

Controllability and monitoring is key for our customers as they pay for the speed they are asking for. With the RTR Dashboard we continually monitor overall usage peeks to make sure we provide enough bandwidth but more importantly with individual customers. Many customers are not sure of how much bandwidth they need so using the Neteq we can simply change their speed and watch the individual IP and/or Pool usage to monitor.

This becomes especially useful now as many customer including ourselves use IP telephony to remote sites, so we need to maintain critical bandwidth availability for this purpose. That way when they or we have conference calls for example, no one is getting choppy conversations. All easily monitored and adjusted with the Dashboard and Traffic Management features.

We also have used the Neteq firewall feature to stop certain attack threats and customer infected PCs or servers from spewing email or other reported outbound attacks, not a fun thing but it happens.”

“Overall a very critical tool for our success in providing internet to users and it has worked very well for the past 8 or more years!”

Willy Damgaard 
Network and Telecom Analyst 
Edmonton Regional Airport Authority, IT Department
 
Thanks for the kind review, Willy!  
Best Of Blog

Virtual Internet Presence in The Netherlands, Thwarts TV Blackout

By Anonymous Guest
 
A few months ago I got rid of my Cable TV.  Other than a few sports networks, I never watched the other 507 channels.  Once free from that expensive local bundle, I  subscribed directly to MLB.tv for 1 year for about $100 a year, less than one months cable bill. It turned out there was one small hitch in my plan. Whenever I tried to watch my local Rockies , it is blacked out on the MLB.tv service in deference to their contractual obligations with their other distributor. ( my old cable company).  It seems the MLB.tv is smart enough to know where you are watching from based on your IP address…

Photo of the Month
 
lebronLeBron James
This photo is a copy of an acrylic painted by one of our staff members, and hangs in the office here in Colorado. Although it is LeBron James with his Miami Heat colors and number, it is a nice reminder of what hard work and perseverance can accomplish.
APconnections, home of the NetEqualizer | (303) 997-1300 | Email | Website 

NetEqualizer News: May 2016


We hope you enjoy this month’s NetEqualizer Newsletter.  Highlights include updates on upcoming Release 8.4, Seven Network Troubleshooting Tips, a reminder about the upcoming ASCUE conference, and also our complimentary Tech Refresh offering.

May 2016
Release 8.4 will debut in June! 
Greetings! Enjoy another issue of NetEqualizer News.

art photo for NLSpring has sprung in Colorado (finally!).  We are being treated to sunny days, mixed with cool winds and rain.  On the nice days, I like to birdwatch.  If you ever want to read a great story about birders, check out “The Big Year“.  The book is great; unfortunately the movie was a box office bomb!

2016 feels like a Big Year for the NetEqualizer!  We think you will agree that our 8.4 Release is a game changer.  We have added many batch configuration screens, which streamline the whole set-up process. 8.4 is expected to be Generally Available (GA) in June. Read below to learn more.

This month our favorite blog article gives you Seven Network Troubleshooting Tips, useful to those that do not troubleshoot on a daily basis!

Don’t forget that there is still time to register for ASCUE! We will be represented at the ASCUE Conference June 12-16th. Join Young Harris College at their talk featuring the NetEqualizer.
 
And finally, if you have not already taken advantage of our FREE Tech Refresh, what are you waiting for?  Contact us today to schedule your session.
If you have feedback, ideas, or questions for me, please email me anytime at art@apconnections.net.

And remember we are now on Twitter. You can follow us @NetEqualizer.

– Art Reisman (CTO)

In this Issue:

:: NetEqualizer Release 8.4 Debuts in June!

:: Renew your NetEqualizer Knowledge with a Tech Refresh

:: Learn about the NetEqualizer at ASCUE June 12-16

:: Best of Blog: Seven Must Know Network Troubleshooting Tips

NetEqualizer Release 8.4 Debuts in June!

A Few of My Favorite Things about Release 8.4….

Comments by Art Reisman
Last month we detailed some of the new features coming out in our 8.4 Release. To be honest, at the time of the last newsletter, I had not actually kicked the tires on it. These past few weeks I have been using it extensively, and have been really quite impressed. Here are some of my notes on what I love about 8.4.

#1) The Updated NetEqualizer Dashboard 

The Dashboard, with a ticker tape type live monitor, finally provides a clean professional look that the NetEqualizer deserves. From here you access four core areas: 1) Setup, 2) RTR, 3) DDoS, and 4) Maintenance. One change that you will love to see – your key is now listed in Mbps or Gbps. Below you can see under “Authorized to Pass” the key is for 10Gbps. The new curb appeal certainly has had a positive effect on recent customers that have previewed 8.4.

#2) Batch Configuration!

You now will have the ability to edit and modify all of your rules in a spreadsheet-type format from the GUI.  In my opinion, this was long overdue, so I am excited that we have finally been able to incorporate this feature into our GUI.

Previously, this was only possible by directly editing our configuration file.  While certainly efficient, it used to be a risky proposition, as there was no checking for malformed rules. With the GUI front end, error checking is now in place to look for common data validation errors such as properly formed IP addresses and valid positive integers where required.  There are also warning messages to help alert you as needed.  And as you can see below, you can name your Pools to something meaningful on your network (here they are called Test Pool 1, Test 2, and Test 3).


#3) Easily Set Time and Time Zone

The new GUI also has an easy way to set the time and pick a timezone – no more logging in to the NetEqualizer terminal! (enough said)

#4) See Everything in the Units you Choose

You can now choose your units for almost the entire interface!  No longer will you have to convert your trunk up and trunk down when setting those up for Equalizing.  You will now see them in the configuration units that you choose (Mbps, Kbps, Bps).  And you can select different units for graphs and configuration, if you prefer.   

 

Check back next month to get your copy of Release 8.4! 

As with all software releases, the 8.4 Release will be free to all customers with valid NetEqualizer Software and Support (NSS).

Renew your NetEqualizer Knowledge with a Tech Refresh

If you have not already scheduled a Tech Refresh, consider it!

Our FREE* Tech Refresh sessions (*with valid NSS) are conducted via webex, so you do not even have to leave your office to renew your NetEqualizer knowledge!Please take advantage of this offering, especially if you have new staff, are upgrading to a new release, or would like to learn more about our new features.  We receive glowing feedback on these sessions – they are only 30 minutes to one (1) hour and are worth the time!

These sessions can ensure that you and your team get the most out of your NetEqualizer!

Here are just a few of the benefits:
  • Learn about new releases – We are constantly evolving and enhancing our product. Tech Refreshes can help quickly get you up-to-speed on what is new!
  • Learn about features you are not using (yet) – Maybe you would like to use DDoS or RTR but need to better understand how they work. You can use this time to get acquainted with all the NetEqualizer has to offer.
  • Quickly educate a new employee – Our Tech Refreshes make training a new staff member on NetEqualizer a breeze!
  • Ask questions and review your configuration – Use this time to make sure that your unit is optimally configured, and ask any NetEqualizer questions that you have been curious about.
Schedule your Tech Refresh today by clicking the link below!
Tech Refreshes are free to all customers with valid NetEqualizer Software and Support (NSS).  We also offer full-day Onsite Training for you and your team, contact us for availability and pricing.
Tech Refresh button
Learn about the NetEqualizer at ASCUE  June 12-16

Join Young Harris College at ASCUE! 

Learn how they use the NetEqualizer to solve network congestion

 
It is almost here!  If you work in higher education, join your colleagues at ASCUE this spring, June 12-16th in Myrtle Beach, South Carolina.  And if you have ever wanted to learn more about how the NetEqualizer is used in higher education to resolve network congestion, you can hear all about it at ASCUE!

One of our long-time customers, Hollis Townsend, Director of Technology Support and Operations at Young Harris College, will be talking about his experience with the NetEqualizer in his talk at ASCUE.  Hollis’ presentation is titled “Shaping Bandwidth – Learning to Love Netflix on Campus“.

Young Harris has been using NetEqualizer to solve their network congestion issues since July, 2007. They have upgraded their NetEQ as their network has grown over the years, and currently run an NE3000 with a 1Gbps license.
We are also happy to announce that APconnections, home of the NetEqualizer, will be a Silver Sponsor at the ASCUE Conference. We will be giving away a great door prize – a Fitbit fitness watch!
It is not too late to register.  Visit the ASCUE website for details!
 

ASCUE is the Association Supporting Computer Users in Education and they have been around since 1968. Members hail from all over North America. ASCUE’s mission is to provide opportunities for resource-sharing, networking, and collaboration within an environment that fosters creativity and innovation in the use of technology within higher education.

Best Of Blog

Seven Must Know Network Troubleshooting Tips

By Art Reisman – CTO
 
Editor’s Note: This article contains some great tips to troubleshoot your network. While our network administrators already know this, others may not.  We hope this helps you the next time you are staring at a “loading…” message, and wondering what is going on!  
To get started you’ll need to get a hold of two key software tools: 1) Ping Tool and 2) a Network Scan Tool, both which I describe in more detail below.  And for advanced analysis (experts only), I will then show you how you can use a bandwidth shaper/sniffer if needed.

Ping Tool

Ping is a great tool to determine what your network responsiveness is (in milliseconds), identified by trying to get a response from a typical website. If you do not already know how to use Ping on your device there are hundreds of references to Ping and how to use it.  Simply google “how to use ping ” on your favorite device or computer to learn how to use it.
For example, I found these instructions for my MAC; and there are similar instructions for Windows, iPhone, Linux, Android, etc.
  1. Open Network Utility (located inside Applications > Utilities).
  2. Click Ping.
  3. Fill out the “Enter the network that you want to ping” field. You can enter the IP address or a web URL. For example, enter http://www.bbc.co.uk/iplayer to test the ping with that website.
  4. Click Ping.

Network Scan Tool

There are a variety of network SCAN tools/apps available for just about any consumer device or computer.  The decent ones will cost a few dollars, but I have never regretted purchasing one.  I use mine often for very common home and business network issues as I will detail in the tips below. Be sure and use the term “network scan tool” when searching, so you do not get confusing results about unrelated document scanning tools.
Once you get your scan tool installed, test it out by selecting Network Scan. Here is the output from my MAC scan tool.  I will be referencing this output later in the article.

Photo Of The Month

Cross That River

I had no idea that there were still Ferry Crossings along the Mississippi River. I took this photo in April, 2016 while traveling through the area.  Those trees in the background are in Kentucky, and I am standing in Missouri.

NetEqualizer News: January 2016


January 2016

Greetings!

Enjoy another issue of NetEqualizer News! This month, we introduce our new virtual NetEqualizer offering, highlight our Tech Refreshes, preview a cool new 8.4 Release feature, and discuss our DDoS Firewall option. As always, feel free to pass this along to others who might be interested in NetEqualizer News.

A message from Art…
Art Reisman, CTO – APconnections

Happy New Year! I hope your 2016 is off to a good start. Here at APconnections, we are starting 2016 off with a wonderful announcement:
0fad184f-5ea1-44c3-ad71-1093fd99f808

We are going Virtual! This month, we discuss how we are embracing Network Function Virtualization (NFV). Read below to learn more about this exciting offering!

twitterAnd remember we are now on Twitter! You can now follow us @NetEqualizer.

We love it when we hear back from you – so if you have a story you would like to share with us of how we have helped you, let us know. Email me directly at art@apconnections.net. I would love to hear from you!

In 2016, We Are Going Virtual!

As most of you know, Network Function Virtualization (NFV) has become a viable choice for many networking components. We now believe it is time to consider VM for bandwidth shaping, and are excited to announce that we will offer a NetEqualizer solution (NetEqualizer-VM) that runs on a virtual machine in 2016!

Our first offering, planned for early Q2 2016, will be targeted and tested for 100 Megabit links with 1,000 or fewer customers.

Note: There will always be reliability risks of sharing a hardware platform with other applications, hence we are starting with a relatively small footprint.

Also, in some areas of the world shipping our NetEqualizer hardware is complicated by complex trade policies, and tariffs. Thus, a Virtual offer will shorten the delivery time and reduce the mechanical overhead of hardware shipment.

Right now we are still working out all the details on NetEqualizer-VM pricing and what VMs will be supported.

If you are interested in learning more or participating in the Beta when available, please contact us!

contact_us_box-1


Start The New Year With A Tech Refresh!

Our NetEqualizer Tech Refreshes are a great way to start off the new year! These short, 30 minute WebEx sessions can provide great value to you and your team and help you get the most out of your NetEqualizer. Here are just a few of the benefits:

1) Learn about new releases – we are constantly evolving and enhancing our product. Tech Refreshes can help quickly get you up-to-speed on what is new!

2) Quickly educate a new employee – our Tech Refreshes make training a new staff member on NetEqualizer a breeze!

3) Ask questions and review your configuration – use this time to make sure that your unit is optimally configured, and ask any questions you’ve been curious about with your NetEqualizer!

Schedule your Tech Refresh today by clicking the link below.

Tech Refreshes are free to all customers with valid NetEqualizer Software and Support (NSS).

We also offer onsite training for you and your team in full day seminars – contact us for availability and pricing.

contact_us_box-1


8.4 Release Coming Soon!
User Interface Enhancements

In last month’s newsletter, we talked about changes coming to the regular NetEqualizer GUI. Over the next couple of months, we’ll highlight some of those changes here.

One of the changes we are most excited about is the ability to edit the configuration on the fly. See a screenshot of the Configure Hard Limits Interface below:

This makes even complex configuration changes and setup quick and easy! You’ll now be able to add, edit, and remove hard limits, pools, pool members, priority hosts, and more all from one place.

75f25c30-74b9-486a-9ed8-3dd85c649edd

As you can see, we are also changing the look and feel to match that of RTR. Check back next month for updates on more exciting changes!

Our time frame for General Acceptance of this release is March/April of 2016.

As with all software releases, the 8.4 Release will be free to all customers with valid NetEqualizer Software and Support (NSS).

contact_us_box-1


NetEqualizer DDoS Firewall In Action873a321d-b492-4f3f-9766-1b79c2231cc7

Just a reminder that our DDoS Firewall Option (DFW) is now installed at several locations, and is making a difference by heading off incoming DDoS attacks, even as you read this!

If you suspect you are being hit with sporadic or persistent DDoS attacks, the DDoS firewall option may be well worth the $3500 installation and consulting fee.

You can read more about DDoS on our blog here.

If you have any questions or would simply like to learn more, contact us!

contact_us_box-1


Best Of The Blog

Ten Ways To Make Your Life As An Internet Provider Easier

By Art Reisman – CTO – APconnections

From ISPs and WISPs to networks in libraries, businesses, and universities, Internet use is on the rise. Yet, as the demand for Internet access continues to grow around the world, so do both the opportunities and challenges for service providers.

Just as quickly as your user-base grows, the obstacles facing providers begin to emerge.

From competition to unhappy customers, the venture that once seemed certain to succeed can quickly test the will of even the most battle-hardened and tech-savvy business owners and network administrators. However, for all types of Internet providers, there are ways to make the process smoother…

Photo Of The Month
IMG_2445
What is this mountain range?
Tell us and you could win a $25 gift card!
This picture was taken by a staff member during a recent trip. The first four (4) people to email sales@apconnections.net with the name of this mountain range will win a $25 gift card!
The answer for last month is: The Iowa State Court House in Des Moines, IA
%d bloggers like this: