Layered Firewalls Implementation

Similar Messages

• What are the several layers to implement Business Add-Ins?

  Hi,
  What are the several layers to implement Business Add-Ins?
  BTE enhancement take place only on  three levels (SAP - partners - customers).

  Hi Vishnu,
  I am just going through the below link for BTE stuff.
  confused at the word 'software layers' in the same..
  Link:
  http://help.sap.com/saphelp_nw04s/helpdata/en/eb/3e7ceb940e11d295df0000e82de14a/content.htm

• Layers in Lightroom

  I'm a professional photographer and am wondering why selective edting with a brush is only available with exposure,  brightness, contrast, saturation, clarity, and sharpness corrections? Why can't I selectively edit with all the editing tools? Do you know how much more useful Lightroom would be if I could selectively edit with a recovery brush, fill light brush, black point brush, vibrance brush, color temp brush, tint brush, color channels brush, sharpening brush, etc? If all these extra tools are useful, and they are, wouldn't they be even more usefull if I could apply them only to the parts of my image that need them instead of the whole darn thing? Bibble Pro 5 can do it. Aperture 3 can do it. Heck, Capture One Pro 6 can do it and it can even apply those effects to layers that can been named. Adobe invented layers and masks. Why cant I have them in Lightroom? Imagine non-destructive editing with no boundaries. Don't rely one your Monopoly with Photoshop's abilities to guaranty professional photographers loyalty. There are some nice options out there catered to photographers. Pretty soon we won't even need Photoshop. You will wan't to make sure that we still purchase Adobe by making Lightroom the best of the best.Its about time Lightroom steps it up. Adobe has the capability to make a truly amazing program to meet photographers needs.
  Thank you.
  PS Im not dogging Lightroom. I love lightroom. I'm just making suggestions base on a professional photographers needs.

  function(){return A.apply(null,[this].concat($A(arguments)))}
  Another Photographer wrote:
  I also would like to be able to apply highlight recovery selectively, but know not how to do it.  Any tricks (other than applying negative exposure selectively, which does not work for the reason stated)?
  I do not expect an answer to these questions, but you never know.
  I know exactly what you mean.  I frequently want to recover details and the highlight recovery does the job, but "flattens" the rest of the image, making it a little duller.  One thing you can try is to reduce the overall exposure until the area you want to recover looks okay, and then set a brush with an offsetting positive exposure to paint back in the underexposure.  Unfortunately the local brush exposure algorithm seems to work differently from the overall exposure, so you will have different contrast and you will need a different offset exposure, but it sometimes works.  This is pretty clunky, which just emphasizes the need for localized recovery.  Unfortunately, this really applies to every adjustment you can make in lightroom, hence all the requests for a true layers type implementation.
  Here is an example where I ended up creating two files to send to photoshop from lightroom, one unchanged and one with the recovery for a white highlight on the bluebird's "hip" area.  I blended them in photoshop.  The file with the recovery made the rest of the bluebird significantly duller.  I could improve it with increased saturation but I could not reproduce the original colour in the rest of the bluebird.
  http://roryhill.zenfolio.com/img/v23/p953321593.jpg

• Multiple Video Layers in Color

  Apologies as I am new to Color, and this is a real noob question, but I haven't been able to find an answer yet.
  I have an FCP project that has overlapping video layers (that implements the crop tool). However, when I send it over to Color, it only shows the topmost layer with no cropping present. Does this mean that Color will not recognize this feature?
  If so, any work arounds?

  Hello,
  I'll start by saying your mileage may vary here.
  Generally speaking, Final Cut Pro "Motion" settings get converted to "Geometry" settings in Color.
  That said, I haven't done a crop in V2 overlaying on V1, and sent to Color. Just haven't had to do that.
  Real easy way to check if your specific settings work.
  1. Create a very short sequence in FCP that does what you're trying to do. Just do the two clips, one on V1, and the cropped one on V2.
  2. Send to Color
  3. Look at the Geometry tab for both clips. Did the settings make it over on the V2 track? They should have.
  4. Either way, go ahead and render the clips, and then send back to Final Cut Pro. Even if you don't see all of the settings, they're definitely in the XML that Color received from Final Cut Pro, and Color should send them back to FCP on the return trip.
  5. What should happen is that once you're back in FCP, your original motion settings will have made it through the round trip, and you'll get pretty much what you expected.
  Then again, you may find that all of your video is upside down and purple, and all of your audio has somehow been converted to Spanish. Welcome to Color 1.0.x.
  -Matt

• Need advice on what kind of report, queries to tune database slow issues

  Currently we have AWR reports. Our system is 11.1.07 version on AIX/Linux.
  Sometimes application will say it is slow running some queries.
  We have firewalls implemented so we cannot use toad, or other tools to access through our workstation.
  Any good manual suggestions to pinpoint what exact wrong in the system?
  Any good suggestions?
  Thanks in advance.

  846422 wrote:
  Any good suggestions?
  Try to forget for a moment the nice GUI tools and read instead what experts do when trying to answer "Why my database is slow ?" in http://www.nocoug.org/Journal/NoCOUG_Journal_201105.pdf.
  In your case I would try to work with end users to identify application scenarios that are slow and use SQL trace/TKPROF on related database sessions. For this you only need command line interface (CLI) access to run SQL statements and access to machine hosting database server: that should be possible with the jump server otherwise you cannot do anything and you would better ask someone that has CLI access to database and database server machine.
  If you have license to use AWR, you can also use ADDM report which runs an automatic analysis of AWR report and give some advices:
  SQL> @?/rdbms/admin/addmrptEdited by: P. Forstmann on 22 juil. 2011 20:15
  Edited by: P. Forstmann on 22 juil. 2011 20:40

• How to implement virtual firewalls in this scenario?

  One question for this scenarios
  THere are two Physical Firewalls 5510 with 4 interfaces.
  Firewall01
  Interface 1 connected to ISP01 (outside)
  Interface 2 connected to Inside network (LAN)
  Interface 2 and 4 connected to two some intranet partners.Firewall 02
  Interface 1 connected to ISP02 (outside)
  Interface 2 connected to Inside network (LAN)So my question is:
  Could i implement 2 Virtual FIrewalls on only one of the physical firewall, and implement services of virtual firewalls the same as the physical one?
  So could i designate a physical interface, to more than one virtual firewall?If possible, i could implement Active/Pasive on two physical ones, and have all the configuration as in actual schema.
  Let me know, regards!

  You can configure multiple virtual firewalls in one physical ASA, it is called multiple context firewalls in ASA.
  You can configure Active/Standby failover in 2 ASAs, and with multiple context mode, it is called Active/Active failover. It means that you can have for example Context A and B active on ASA-1 and Context C active on ASA-2, and Context A and B standby on ASA-2, and Context C standby on ASA-1.
  Here is some sample configuration for your reference:
  http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080834058.shtml
  http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808d2b63.shtml
  Hope that helps.

• 2 layers of firewall Implementation Design

  Dears i'll be going for this design below :-
  Internet-----Firewall1-----Firewall2----Core switches----Distrubtion switchs----End users
  Firewall1: outer interface to internet , Internal interface to firewall2 , DMZ interface to DNS , EMail server , Bluecoat (Guest users) , Websense (Wired users internet access)
  Firewall2 : Outer interface to firewall1 , DMZ interface to Server Farm , internal interface for core switchs.
  Now inorder for both users Wired/Wireless to have their internet traffic directed to bluecoat and then from bluecoat to internet, routing should be enabled between 2 firewalls so is it ok ? or shall i configure all users to have a default gateway to firewall1 and then have firewall1 configured to route traffic to both websense and bluecoat ???? also while traffic is coming back from firewall1 heading to firewall2 i should open some ports on Firewall2 because by default it wont be allowing any traffic since it will be going from low level interface to higher level???.

  routing should be enabled between 2 firewalls so is it ok ?
  Surely it's ok and it should be done. You may use dynamic routing or just static routes. Final goal is to provide full IP reachability between your clients and WebFiltering services.
  or shall i configure all users to have a default gateway to firewall1
  You can't configure firewall 1 inside IP as default gateway for your clients, cause default gateway IP hould be in the same LAN segmetn (broadcast domain).
  also while traffic is coming back from firewall1 heading to firewall2 i  should open some ports on Firewall2 because by default it wont be  allowing any traffic since it will be going from low level interface to  higher level???.
  If we're talking about general webtraffic, then you don't have to configure any ACL's on the outside interface of the FW2, cause web traffic will be inspected by default (at least as TCP). That means, when client connects to, say, cisco.com, returning traffic will be allowed by default, cause there'll be an entry in the state table.

• How to implement layers?

  I know I am supposed to use CSS but my application has numerous pictures and text boxes of unequal size that are positioned by hand.  CSS is just too clumsy for me.
  Can I still use Dreamweaver with layers?  Is there alternative software.  I do not know HTML.
  Thank you for your help
  Frank
  An Occasional Web designer

  I agree with everything Murray said.  APDivs or so called Layers are a train wreck when used by inexperienced web designers.  All that "ease of use" comes at a high price.  Here's why:
  http://www.apptools.com/examples/pagelayout101.php
  If you want to produce something that looks professional with good cross browser rendering, stay away from Layers. 
  Use one of the pre-built CSS layouts that comes with DW. 
       File > New > Blank page > HTML > Layout...
  To align elements use CSS margins, padding & floats.
       http://www.w3schools.com/css/css_boxmodel.asp
       http://www.w3schools.com/css/css_float.asp
  Nancy O.

• Error message "could not complete the video frames to layers command because dynamiclink is not avai

  So I decided to try my hand at making gifs and so I attempted to upload a video by going to file -> import -> video frames to layers. Before even letting my pick my video it comes up with an error message saying "could not complete the video frames to layers command because dynamiclink is not availible." I then tried file -> open -> and then selected the video and no matter what file type or size I chose I ended up with the same error message.
  I looked this problem up and attempted some of the solutions but to no avail. I tried clearing my preferences and restarting photoshop many times in addition to restarting my computer. I also checked to make sure it wasn't being blocked by any firewalls and it wasn't. My opperating system is Windows 7 and I'm using photoshop cs6. I've looked everywhere for an answer to this problem so if anyone is able to help me solve this problem I'd be much obliged.

  You see my C:\ drive is quite small as it's a SSD, so I made Adobe install programs on my E:\ drive too, however this was the main cause for Adobe not to function.
  After adjusting the settings to install everything back to my C:\ drive, it fixed my issue above and allowed me to run the 64bit version.

• The Excel-Mania - Best Ways of Implementing Excel-Like ADF

  Hello people, good afternoon!
  I would like to share with you a doubt i have implementing complex, matrix-like forms in ADF. More often than i'd like to hear, users ask for input forms that closely resemble Microsoft Excel, where the dimensions are layered both vertically and horizontally, and the intersection between them must contain an input or output component, allowing themselves to rapidly input the data they need or to create a web version of Oracle Reports' Matrix Report. Some cases are:
  1) The user wishes to associate the employees (located in table EMPLOYEES) to the projects (located in table PROJECTS) in a screen that lays out the employees as columns and the projects as rows in a table. The intersection between them must contain a checkbox, which will insert a third record when selected, on a table called EMP_PROJ, which associates the employees to the projects.
  2) The user wishes to input a timecard in a time control system. This system must have a screen that shows the days in the week as columns, and the projects the employee is working on as rows. On the intersection, we must provide an input text where he will enter the hours he worked on that specific project on that day.
  3) The user wishes to see a screen that shows the Open Auctions they have in a Purchasing system as rows in a table, crossed with the suppliers that have bidded on these (as the columns). The intersection must contain the price each supplier bidded on each Auction.
  As you can see, i run across this requirement A LOT =). And, as much as i have polished my "Web-Like-Applications-Are-Not-Like-This" and "You-Are-Not-Working-With-Excel" speeches, our beloved users never learn ;)
  Nevertheless, i have been looking for a consistent way to implement this behavior, and i have found some options along the way. I would like to know your impressions on this matter, and if you have any "Best-Practices" that you imagine for this case.
  CASE 1: Creating a Dynamic, On-The-Fly View Object by using ADF BC APIs and using af:table component to do the trick on the page
  PROS: Less work in the View layer, Preservation of the Table CSS Layout (very nice blue header and light brown cells)
  CONS: A LOT of work on the BC layer, creates an awful lot of View Objects, and generates tons of java code on the Application Modules.
  CASE 2: Creating the model as usual and working with repeating layouts on ADF Faces (for example, enclosing an af:cellFormat on an af:forEach to repeat each column)
  PROS: Simplifies the BC layer, making it much cleaner and maintainable.
  CONS: Loses a lot of the declarative wonders of ADF Faces and also the CSS Layouts, since we are using cellFormat, rowLayout and tableLayout instead of table tag we have to manually apply the styles to the columns and rows.
  Of course, both implementations take an awful lot of time. Any other implementation styles are quite welcome (ADF Wizards, step in!)
  Anyone wants to discuss better ways of doing it?
  Best Regards,
  Thiago Souza

  Well, you could do the following:
  1) Create a stored procedure that assembles the data into a rowset with rows and fields like the format you want.
  2) Create stored procedures that handle insert, update, and delete.
  3) Create an entity object definition with all transient attributes. Make the attributes match the elements of one row.
  4) Override doDML() in the entity object class to call your procedures (the doc explains how to do this). You might also need to do a bit of research and figure out if you need to override some other method so you can report rows with transient attribute changes only as needing posting. (getPostState(), maybe?)
  5) Create a view object definition with entity-derived attributes based on your EO attributes.
  6) Override the appropriate methods to call your data assembly procedure rather than execute a query (this is also in the doc).
  Still kind of kludgy, but it keeps your business components pretty clean, especially if you use framework classes to do most of the work for you. (I have a partial example of how to do that here.) Of course, it keeps your business components clean by moving the real work to the DB, but some people find that more maintainable that a kazillion business components.
  Hope this helps,
  Avrom

• Linked Smart Object Layers

  This may be a very simple question (or not):
  As shown here, I have a Photoshop project that has many layers in it. All of the layers have pretty much the same pictures in it, but with minor differences. I'm trying to find a way to change the color of ALL of the layers without having to go into each individual one.
  I want all the layers to have the exact same color different than what is shown.
  Any help?

  One option (and a pretty cumbersome one) would be to set up a Smart Object for every color and subsequently mask or clipping mask that.
  But JJMack’s advice is valid – depending on the severeness of the correction it may be difficult (or impossible without masking) to implement naturally.

• ASA Failover when Firewalls are at different sites - help

  I am implementing a solution for a customer whereby they have two Cisco ASA 5520X firewalls. They wish for the firewalls to be in an Active-Standby state.
  This not only means that if one firewall dies, the other will take over. It also means that any configuration changes made on the primary are copied to the backup.
  The only catch is, both firewalls are at different sites. There is no layer 2 WAN link running between the sites. They are seperated by both the internet cloud on one side and their internal company MPLS cloud on the other.
  The diagram, that I have taken from my GNS3 simulation and modified slightly, shows the setup. All of the IP addresses (and AS numbers) are made up. Any reflection on real world IPs is unintentional and just a coincidence.
  The diagram is probably too overcrowded with IP information than is needed in this question - but the basic idea is the following:
  1. Under normal conditions traffic will flow to the internet from the remote MPLS site and leave via the firewall (PAT) at site1 - however note the public range of 23.23.23.0/24 is configured at both Site-1 and Site-2 - so at the moment the internet cloud is prefering Site-1 to reach that range.
  2. If the internet link fron INT-PRI at Site-1 fails, remote MPLS traffic destined for the internet will be forwarded out to the internet at Site-2.
  3. If the two MPLS links to Site-1 fail, INT-PRI will stop advertising the public range to the internet PE routers and traffic from the remote MPLS router destined for the internet will go out via Site-2.
  I have the tracking and dynamic routing failover setup between the sites all configured and worked out (I can provide the details of how INT-PRI tracks a sponge address in the MPLS cloud to determine whether or not it advertises the public range to the internet etc etc if you want, but on this question I want to focus on the firewalls).
  Currently the customer has resigned to having to do manual copying between the firewalls every time a change is made (i.e. there is no dynamic failover configured and the Site-2 firewall is just a clone that is kept up to date by their change management team).
  Is there a smart way to set up an Active-Standby configuration between these distant sites? Or at the very least dynamically copy the configuraiton to the backup everytime a change is made? My first though would be some kind of EEM or TCL script but I'm not that experienced with either. Alternatively, if there is smart was to get the two firewalls talking over Layer 2 it might be a better way forward.
  Thanks in advance. Apologies for this question being too wordy.

  You could used Ethernet over MPLS (EoMPLS) or Virtual Private Lan Services (VPLS), though if I remember correctly this is limited to certain platforms and IOS versions.
  Here is a design guide you could have a read through on the options
  http://www.cisco.com/c/en/us/products/collateral/data-center-virtualization/data-center-interconnect/white_paper_c11_493718.html#wp9000079
  EoMPLS configuration guide:
  http://www.cisco.com/c/en/us/td/docs/wireless/asr_901/Configuration/Guide/config_guide/eompls.html
  VPLS configuration guide:
  http://www.cisco.com/c/en/us/td/docs/optical/cpt/r9_5/configuration/guide/cpt95_configuration/cpt95_configuration_chapter_011000.html
  Please remember to rate and select a correct answer

• Is it possible to implement a truncation of text (a "more/less") function for paragraphs in PDFs?

  I work at a center for public service and we're trying to make our service handbook more user friendly. However, we're not experts when it comes to using Adobe Acrobat X Pro.
  Instead of having to scroll through the many pages of the handbook, we would like to implement a "more/less" function or a truncation of text. Are we able to do this for a PDF?
  It looks something similar to this: http://henrik.nyh.se/examples/truncator/[1]
  At this point however, we're not sure if it's even possible to implement this function into a PDF. Is it possible or are we just wasting our time trying to find a way to do it?
  Thanks for any advice you can give!

  Not really an option for PDFs. You can have stuff on layers that appears or disappears, but unlike web pages the page layout is fixed: everything stays where it is on a page. For more/less to work nicely you need a format where stuff can move down/up to make room or close gaps.

• Is there a way (script option, exporter option) to export a .psd/.psb file with nested layersets to another layered .psd file with a flat layer structure for greater compatibility? (i.e. CS6/CC/CC '14 to CS4 or older?)

  Just looking for a solution short of having to go in and manually delve through hundreds of layers and reorganize the .psd.  There's a lot of vector elements, layer effects and blending modes as well.  It'd be nice to see Adobe include an exporter for older Photoshop versions that can take a newer file and regenerate it making whatever necessary changes to maintain compatibility across older Photoshop versions and even for cross-compatibility.  I know that's not necessarily in their best interests for additional sales, but it is in the end-user's best interests when they collaborate with others across various file and application formats.

  The first problem here is Layer Styles, if I understand what you are trying to do correctly. You can have arbitrarily nested Layer Sets/Groups (each with its own Layer Style) that contain Layers with their own Layer Styles. This means that for a nested layer, you would have to take it's Layer Style and merge it with the containing Group(s) layer styles in the correct order. Then you have to do the same thing with Layer/Vector Masks and whatever else is involved. It's a non-trivial piece of work. It's not intractable, however.
  There is also the problem that some parts of the Layer Styles are binary blobs that make merging at the JS level impossible.
  If someone has implemented this, I would love to see the implementation.
  What you actually need may be a lot less complicated than the general case. If so, you may be able to find someone to help you out.
  I wish you luck.

• Implementing MARS - One piece at a time or All at once?

  I am in the process of implementing a mars right now with about three sites and 30 pieces of network equipment.
  Is it better to configure and load all the devices at once or load one at a time to watch and learn each devices characteristics? And to complicate things more, when planning to do an advanced setup, do you start with the base level configuration and grow to advanced or go right to advanced. I ask this because I am finding that one could get overwhelmed with excessive information. Should you just add choke points or every device you can?
  Thanks,
  Ben

  Ben the amount of events generated by one ASA/FWSM alone is so over-whelming that you need to phase things very gradually to make the deployment successful (If the devices are already sending events to MARS). Otherwise you can add all of them together in MARS (using a seed file etc.) but gradually open the water tap on each device as you may say (by enabling syslogs etc. towards the MARS box). However there is no one rule for this. For example, If your IPS sensor's are already tuned then adding them in MARS will cause no problems at all. But if they are not, it would be better to do some 'device specific' tuning before adding them into the MARS box. Try to focus on the Firewalls/IPS in the first phase.
  http://www.cisco.com/en/US/docs/security/security_management/cs-mars/5.3/user/guide/local_controller/taskflow.html
  The above is the Cisco start point, but it seems to be silent on this topic.
  Regards
  Farrukh