IDS in multitenant environments

Similar Messages

• Syncing App IDs across servers -- Best Practice?

  This is prompted by a comment chrisstephens made in the thread at non-existent applications in non-existent workspaces reserving app id's
  Our developers are convinced that the application id's between our dev + staging
  + production environments need to be synchronized.Our team also keeps our dev, test, and prod server app IDs synchronized -- for instance, the Widget Reporting App is always app # 38 on all three servers. For us, it's not something we see as REQUIRED, but it is convenient, and a general sanity check. If the numbers didn't sync, it seems it would be all too easy to get values mixed up and accidentally field an app to the wrong place (possibly overwriting some other application).
  What is the community's opinions on this? Would you consider this an Apex Best Practice? Just a habit for some groups? Or overly rigid thinking?
  (I personally fall in the Best Practice group.)

  One good reason to keep them the same is so that there are no differences between what is tested in one environment and what is deployed in another. Case in point, just last week someone demonstrated that an application's authentication scheme failed when the application ID was changed from xxx to xxxxxxxxx (a longer string of digits). Of course this was due to a previously unknown bug, but that's what testing should reveal.
  Another good reason is to make it possible to export application components (pages, etc.) from one database (say, dev) and install them into an application in another database (say, prod). This is not possible if the application IDs are different.
  Scott

• Cisco CSM - Has anyone deployed it in their environment for IDS/IPS devices

  We are an MSP and are evaluating Cisco CSM to manage about 50 IDS/IPS devices. Each of these devices has their own customer signature policy.
  Does anyone use it in their production environments? Do you find it useful?
  Regarding policy management for devices that already have a signature policy, I know you can discover the policy, what we want to do is take the current discovered policy, modify it if we need to and then re-deploy it to the device. I'm finding that this is all read only once the policy is discovered.
  Is there a way to modify the signature, for example, adding a logging parameter and then re-deploy?
  Just curious if others had similar experiences with CSM.
  Thanks!

  haxworthy,
  I currently use CSM to manager a variety of IPS devices (IOS IPS, 42xx Sensors, 65xx-series blades). The policies vary on some devices. CSM works wonderfully. CSM discoveries the various policies on the device on an individual basis. Policies can then be edited on a per-sensor basis or on a group level. Has worked wonderful in our environment. A nice upgrade from the old IPSMC. Let me know if you have any other questions.
  -Mike
  http://cs-mars.blogspot.com

• Just FYI, new Windows Server 2012 R2 RRAS Multitenant Gateway Deployment Guide

  New! Windows Server 2012 R2 RRAS Multitenant Gateway Deployment Guide
  This new guide is available on the Web at
  http://technet.microsoft.com/en-us/library/dn641937.aspx. It is also available for download in Word format at TechNet Gallery at
  http://gallery.technet.microsoft.com/Windows-Server-2012-R2-37eb8e17
  If you work for a Cloud Service Provider (CSP) or an organization that's planning on deploying cloud technologies, you might be interested in the new Windows Server 2012 R2 RRAS Multitenant Gateway Deployment Guide.
  You may already know that in Windows Server® 2012 R2, the Remote Access server role includes the Routing and Remote Access Service (RRAS) role service. (It also includes DirectAccess and Web Application Proxy, however those role services will not be discussed
  in this article.)
  The new deployment guide demonstrates how to use Windows PowerShell to deploy RRAS as a virtual machine (VM)-based multitenant software gateway and Border Gateway Protocol (BGP) router that allows CSPs and Enterprises to enable datacenter and cloud network
  traffic routing between virtual and physical networks, including the Internet.
  You can use the gateway with VM networks by using either Hyper-V Network Virtualization or Virtual Local Area Networks (VLANs) - but using Network Virtualization is recommended due to VLAN limitations such as difficult management and a limited number of
  available VLAN IDs.
  If you're using System Center Virtual Machine Manager (SC VMM), you can use SC VMM to deploy Windows Server Gateway; however even if you are using SC VMM, you can manage the gateway with the same Windows PowerShell commands that are used for the RRAS Multitenant
  Gateway. (Some Windows Server Gateway features are configurable only with Windows PowerShell.)
  For information on deploying Windows Server Gateway with SCVMM, see the Test Lab Guide: Windows Server 2012 R2 Hyper-V Network Virtualization with System Center 2012 R2 VMM, at
  http://www.microsoft.com/download/details.aspx?id=39284
  With the RRAS Multitenant Gateway, you can create site-to-site VPN connections between your tenants' physical locations and your cloud datacenter. You can also provide tenants with point-to-site VPN connections that allow tenant Administrators to access
  and manage their VM resources from anywhere. The RRAS Multitenant Gateway also allows you to configure Network Address Translation (NAT), so that tenant VMs can access the Internet, and you can deploy dynamic routing by configuring the gateway and tenant gateways
  with BGP.
  Thanks -
  James McIllece

  Hi,
  It is very useful , thanks for your sharing .
  Best Regards
  Elton Ji
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• IDS and future RUNDATE

  Hi,
  We are working on a project that will be deployed in production on May 29, 2011. In the Documaker library, we have many resources with the same effective date. In our setup, the RUNDATE is part of the extract file, so we are able currently to test these new resources with Documaker server. As part of our tests, we also archive the transactions and all of that is running fine.
  Using Workstation, I can acces the archive and, by changing the date in the RUNDATE field, on the "Formset Retrieve" screen, I can retrieve transactions with a future run date. All the ressources with an effective date of 2011-05-29 are also retrieved, displayed and printed properly.
  The issue we now have is with IDS. Whenever we try to generate a PDF from one of these future transactions, we get nothing back.
  Using DsiCoTB, I can see that IDS does not read the transaction's RUNDATE; it uses the system date as the RUNDATE, so all the resources that will only become available on or after 2011-05-29 (no previous versions available) cause errors when trying to create the PDF.
  I have tried, in DsiCoTB, to add the exact RUNDATE as part of my request, but that also failed.
  How can I pass along the RUNDATE to IDS so that it can retrieve these "future" transactions like workstation does?
  Thanks,
  Gaétan
  Edited by: GaetanB on 2010-11-22 12:06
  With the help of OCS and Scott Griesser, we have a solution. It might be helpful for any company running test cycles like we do.
  Before deploying changes in Production, we go through different stages: Integration, System Test, Acceptance and Model Office. For each stage, we run full cycles of testing, including creating, modifying and cancelling policies, and printing the related documents. Each test cycle uses what we call a simulation date. During cycle 1, we will create a policy. Then, during cycle 2, where the simulation date is usually 10 days after the simulation date for cycle 1, we will modify or cancel some policies. The simulation date is also the date passed along to Documaker as the RUNDATE.
  What we will do is to modify the web application calling IDS to include the simulation date as the value for the variable ARCEFFECTIVEDATE. When we get to the production environment, the simulation date is always replaced with the current system date, so our web application remains unchanged between the test environments and Production.
  This is standard method we use with all of our applications, so we are fine with this setup.
  Edited by: GaetanB on 2010-11-23 15:20

  IDS checks traffic flows and alerts on anomalies or triggers of signatures. IPS does the same thing but it can also prevent attacks by accessing your devices and making ACL/firewall changes to block the offender. IPS is the next generation of IDS.

• Can there be multiple apple ids on one account?

  I want to share my iTunes account with my daughter so that she can download and update apps on her iphone, but I don't like that she needs to use my apple id and password, which could give her access to my email. She doesn't realize this yet, but it's only a matter of time. Is there any way to give her her own apple id, connected to my account?

  Never mind; I believe I found my answer - in a nutshell, everyone needs their own apple accounts and ids.
  Now, is there any way to delete a previously asked question such as this?

• Should I have different Apple IDs for different family members or one?

  We are four members in a family, sharing the same iMac computer but each having a separate device (such as an iPod, iPad and iPhone). I'm wondering if it would be best to have separate Apple IDs for each family member to manage things like iMessage, iTunes purchases and so on. I'd appreciate any advice you can provide. Cheers!

  The ideal would be to have different Apple IDs for each member. This will allow them to set up their accounts as they like and be able to use iCloud without worrying about the possibility that other members can see their personal data. However, if you want to purchase an app for all the members, you will have to purchase it for each account

• One person on one computer adding multiple electronic IDs or signatures to one document

  I recently created a simple form in Adobe LiveCycle Designer 8.  It has several places for signatures.  I sent along with the form the Adobe user guide instructions for creating electronic IDs and signatures.  However, in several instances, our executives have given their administrative assistants permission to sign for them.  The assistants are also required to add their own signatures.  Apparently, when they click on any signature field, their bosses' signatures come up.  Can someone tell me how one person can create multiple electronic signatures and be able to select from among them in order to fill out one of these forms?

  When a user is signing a form, the digital certificates that are installed (in Acrobat) on the computer being used to sign the PDF will be available to be used to create the signature.  If only the "bosses" certificate is on the machine, this will be the only on available.  Make sure all certificate that could be used to sign are installed on the machine being used to sign.
  This screen shot is from the security settings in Acrobat, it shows multiple certifcates are installed.
  And here is the signature dialog with the option to use one of the installed certificates on the machine...
  Hope this helps.
  Steve

• How can I use 2 Apple IDs in Itunes? I have 2 IOS Devices. They each have there own AppleID. What is the proper way to sync both of them to Itunes?

  How can I use 2 Apple IDs in Itunes? I have 2 IOS Devices. They each have there own AppleID. What is the proper way to sync both of them to Itunes? I wanted my teenager's AppleID to be different from mine so that she couldn't charge stuff to my AppleID, therefore I created me another one. Now when I go to Sync either device, it tells me that this IOS device can only be synced with one AppleID. Then I get a message to erase it, not going to do that, lol. If I logout as one ID and login as the other, will it still retain all synced information on the PC from the first IOS device? If I can just log in out of the AppleID, then I have no problem doing that as long as the synced apps, music, etc stays there for both. I am not trying to copy from one to the other, just want to make sure I have a backup for the UhOh times. If logging in and out on the same PC of multiple AppleIDs is acceptible then I need to be able to authorize the PC for both devices. Thanks for the help. I am new to the iOS world.

  "Method Three
  Create a separate iTunes library for each device. Note:It is important that you make a new iTunes Library file. Do not justmake a copy of your existing iTunes Library file. If iTunes is open,quit it.
  This one may work. I searched and searched on the website for something like this, I guess I just didn't search correctly, lol. I will give this a try later. My daughter is not be back for a few weekends, therefore I will have to try the Method 3 when she comes back for the weekend again. "
  I forgot to mention that she has a PC at her house that she also syncs to. Would this cause a problem. I am already getting that pop up saying that the iPod is synced to another library (even though she is signed in with her Apple ID to iTunes) and gives the pop up to Cancel, Erase & Sync, or Transfer Purchases. My question arose because she clicked on "Erase & Sync" by mistake when she plugged the iPod to her PC the first time. When the iPod was purchased and setup, it was synced to my PC first. When she went home, she hooked it up to her PC and then she erased it by accident. I was able to restore all the missing stuff yesterday using my PC. However, even after doing that it still told me the next time I hooked it up last night that the iPod was currently synced with a different library. Hopefully, you can help me understand all this. She wants to sync her iPod and also backup her iPod at both places. Both PCs have been authorised. Thanks

• My family has multiple iOS devices, all with 1 Apple ID. With iCloud coming, should I create separate Apple IDs for each member of my family?

  Hello,
  Between my family, we have 2 iPhones, multiple computers, iPads, and an Apple TV ALL tied in to the same Apple ID (the one I created when I got my first device). With iCloud coming, I wanted to know if I need to create separate Apple IDs for each family member (for emails, contacts, calendars, etc.). For instance, I would like to share certain contacts and a calendar with only my wife, all media between all family members, and have home sharing so that I can play/stream content on my Apple TV. Will there be a way to have multiple and distinct me.com accounts and yet share the same Apple ID?
  Apologies for being verbose — just wanted to give ample info/background.
  Thanks,
  Jay.

  I happened to stop at the Apple store yesterday for a separate issue and had a discussion about iCloud. Seems like this is how iCloud works (also, there's another thread on this forum that explains it well).
  Each member of the family can have their own iCloud ID, which will be used for Mail, Calendar, Contacts, Apps, Bookmarks, Media, Photos, etc. and having this content synced automatically with a Mac (computer). The iCloud IDs work in tandem with the associated Apple ID — so while you cannot have multiple Apple IDs, you can certainly have multiple iCloud IDs tagged with a certain Apple ID.
  While all this makes sense from the iOS device standpoint, I'm unclear on how things will sync with a Mac computer, especially if the family uses a single iMac with multiple login IDs for various members. For instance, I currently have an iMac and iTunes content resides in my Public folder, which my wife can still access when she logs in with her login ID. I'm guessing that I'll be able to set up her iCloud ID using her login, set up my iCloud ID using my login, while both our iMac logins will retain the same Apple ID. This would take care of syncing Photos, Contacts, Calendars, etc.
  Another (not sure if unique) problem I face is our Address Book — right now, we have one GIANT address book with different groups set up. Certain groups sync to her iPhone, while others to mine. Some contacts are common between both of us. I'm hoping that if she/I updates a common contact, then the change will be reflected in both our groups of contacts. I hope this makes sense — for instance, I update a contact named Joe, and he's on my group of contacts in my iPhone. Hope iCloud updates the master contact card for Joe on the iMac, which would then automatically trigger the update on my wife's group of contacts—that Joe also belongs to— leading to an update on her iOS device as well.
  Apologies for the lengthy response..

• I have two apple ids somehow, probably from two mobile and two computers - how do I merge them into one account so they all work with iCloud?

  Somewhere, somehow, between two mobile and two macs, I ended up with two apple ids. I figured that this was the root of my problem to syncing. So, I am syncing Mail, Contacts, etc through the one account that I bought storage on this year in iCloud. I want to merge the two accounts, since many of my apps were purchased with my other id. Apparently, Keynote will not merge files since the app was bought with the second id, not the id I am using for icloud.
  What to do??? I read, in the forums, that I am definitely not alone. I always had the id I used for the Apple Store to buy iTunes items, and then apps. The other id, that I am using for iCloud was based on my iDisk id, and apparently I set up as a separate account. The much failed iDisk account appears to be the one that I wish I never got involved with. Should I feel the same way about iCloud. If I cannot merge the two APPLE accounts from the same person (ME!!!), then many dropbox really is the answer for my file sharing needs.
  Please help me decide.

  To begin with, I would like to try to explain Apple's confusing nomenclature in regard to iCloud.
  Apple have called the whole cloud thing iCloud, there are a number of features under the iCloud umbrella, some of which require their own login. iTunes is one of these, another is what Apple have unfortunately also called iCloud too.
  You can use the same Apple ID (account) to login to both iCloud and iTunes, but you don't need to and often users will login to each service using a different ID.
  The part that you need to remember is that the services available when you log into iCloud are completely different and unrelated to those when you log in to iTunes. Your iCloud login enables mail, contacts, calendars, find my phone, Back to My Mac, Documents & Data sharing and photostream, it does not affect any of your iTunes services.
  To avoid confusion when discussing your problem, when I mention iCloud, I am referring to the services under the iCloud login, Whereas I will refer to the whole cloud thing as The Cloud.
  To go back to your question; you cannot merge accounts, but perhaps using one account for iCloud and the other for iTunes will resolve the majority of the reasons you needed to merge to begin with.

• I have 2 apple ids for iTunes...is there anyway I can combine them into one I'd without loosing all my music?

  I have an older iPod and new iPhone 5s. I have two separate accounts for each. Can I take my iPod account/Id and make into my iPhone id and transfer my music over?...without loosing my music!?

  If you mean Apple IDs, they can't be merged at all.
  If you mean iTunes libraries, import the content and playlists from one to the other.
  You can have content from multiple Apple IDs in one library.
  (104094)

• I have iTune accounts under two separate Apple IDs.  Can I merge them into one account under one ID?

  I have iTune accounts under two separate Apple IDs.  Can I merge them into one account under one ID?  I have purchased music and video in both.

  No, it is not possible to merge accounts.  Choose one as the primary account and keep a local backup of all purchases so you don't get into the mess where you encounter a 90 day freeze on re-downloading past purchases from multiple accounts.

• HT5621 I have 2 email addresses ( 1 mac. and 1 blueyonder.) with separate Apple IDs for each ( again 1 mac and 1 blueyonder). This has consistently given me problems with passwords and I would now like to combine them into one account to help overcome thi

  I have 2 email addresses (1 mac.and 1 blueyonder.) each with separate identities and passwords. I am forever getting asked to verify identity and/or passwords and having these refused and me then having to set up new ones. Can I combine my email addresses to a single Apple Identity and Password? If yes then How?
  Any help much appreciated as this is driving me crazy!

  Depending on what you're asking...
  There is no means to merge Apple IDs.  You can change the mail address assocaited with your Apple ID, so you might switch to using and purchasing from one email address, and using the second as a backup.  (There's no means to merge the purchases, and related baggage.)
  While I'm guessing this was about Apple IDs, for completeness...  Combining the mail messages involving multiple email addresses is separate from the Apple ID; that is usually done with some combination of notifying the senders or with the forwarding of messages from one mail server to the preferred server.  Or running multiple mail accounts in parallel, depending on what you are up to.

• Can I authorize 2 apple IDs on one computer?

  I'm new to the communities so please bear with me if I post this inappropriately.
  My husband and I both have iphones.  My two children have itouchs.  My husband has an ipad.  We also have numerous ipods.
  We have two computers in the house.  When my husband first bought an ipod, we had a PC.  All of his devices have always been synced on the PC using his apple id.  When I got my iphone, I synced on our MAC using my apple id.  When the kids got itouches, they synced on the MAC using their apple id.
  We discovered that anything the kids and I purchased on itunes on the MAC is available to all of us.
  We would now like to use home sharing.  To do this, both computers must be authorized to one apple id.  If the PC is deauthorized for my husband's apple id, I understand he will lose his purchases on the PC (or at least they won't be available until he authorizes it again).
  I understand that an apple id may be authorized on up to 5 computers.  But what about multiple apple id on one computer???
  My questions are basically this...
  Can we authorize 2 or more apple id on one computer? 
  Can I authorize my apple id on the PC and have my husband's apple id remain authorized on the PC?
  Can my husband's apple id be authorized on the MAC and my apple id remain authorized? 
  Can the kids apple id be authorized on each of the PC and the MAC?
  Can we have 4 different apple id authorized on a computer at once?
  Will authorizing my apple id on the PC de-authorize my husband's apple id?
  How's that for asking the same question in lots of different ways?  I have seen a lot about a computer using the same id multiple times but nothing about whether I can authorize many different ids on one computer at once.
  Thanks for the help.

  Each person in your home can have their own Apple ID provided it is tied the their own separate email address.
  iTunes permits up to five authorized computers connected to a single Apple ID: iTunes Store- About authorization and deauthorization.
  For this all to work well, however, each user in your household should have a separate user account on the computer they commonly use.