Category Archives: Data Center

How to avoid FortiGate entering conserve mode

threat_landscape“The system has entered conserve mode”

“Fortigate has reached connection limit for n seconds”

That is status field from the “Alert message control”  on System Dashboard. that status indicates the critical level from FortiGate device if it has entered conserve mode.

This problem happens when shared memory goes over 80%, to exit this conserve mode you have to wait (or kill some of the processes) until the memory goes under 70%. A FortiGate goes into the conserve mode state as a self protection measure when a memory shortage appears on the system. When entering conserve mode the FortiGate activates protection measures in order to recover memory space. When enough memory is recovered, the system is leaving/exiting the conserve mode state and releases the protection measures.

Antivirus fail-open is a safeguard feature that determines the behavior of the FortiGate AntiVirus system, when it becomes overloaded with high traffic.

to mitigate this you have more type of options: Continue reading

Advertisements

Pros & Cons on FortiOS 5.0

fortios5

This is just appraisal based on my experience not an officially mention by Fortinet, Fortinet has improve their OS with many feature besides some of their features that were reduced on FortiOS 5.0

PROS:
1. New console-interface with more contents and feature. And also more IPS signature and Antivirus database updates.

fg12 Continue reading

OmniSwitch 10K – Multi-Chassis Link Aggregation (MC-LAG)

Multi-Chassis Link Aggregation (MC-LAG)

Key points:
• MC-LAG provides active/active dual homed connectivity to standards based L2 edge devices. There is no support for standby ports.
• Internal automatic configuration will disable spanning tree functionality on MC-LAG aggregate ports.
• MC-LAG peers are seen as one aggregated group to dual homed edge device(s).
• MAC addresses learned on an MC-LAG aggregate in one of the multi-chassis peers are also learned on the other switch on the same MC-LAG aggregate.
• A loop or duplicate packet prevention mechanism is implemented so that non-unicast frames received on the Virtual Fabric Link are not flooded out any local MC-LAG ports
• MC-LAG aggregates can be configured using either static or dynamic link aggregation. The key point when configuring the aggregates is that from the edge switch’s point of view, it looks like the edge is connected to a single chassis.
• Brought to you by Alcatel-Lucent 😀

Continue reading

Active Directory Recycle Bin

Accidental deletion of Active Directory Objects is common for users of AD DS and Active Directory Lightweight Directory Services (AD LDS). Windows Server 2008 R2 provides a new feature for restoration of deleted objects, This feature called Active Directory Recycle Bin. Specific just to Windows Server 2008, now enables administrators to restore deleted objects with full functionality through a Tombstone within 180 days lifetime period and without restoring Active Directory data from backups, restarting AD DS, or rebooting domain controllers. That was interesting for me, just like raising corpses from graves, but this is an Object of Active Directory which has deleted not a zombies 😀

1. Enable Active Directory Recycle Bin Feature, disabled by default

– Raise Domain and Forest Function Level to Windows Server 2008 R2. Open Active Directory Domain and Trust with Administrator credentials.

– Click Raise DomainFunctionLevel to Windows Server 2008 R2.
– Do the same thing on Forest, Click Raise ForestFunctionLevel to Windows Server 2008 R2.

– Verify on the other domain controller already replicated if you have Active Directory Domain Controller Replication Services

Continue reading

MySQL Master-Master Replication on CentOS

In this post i want to describe step installation of MySQL Master-Master Replication.

in this case for example:

Master 1 IP Address : 192.168.1.100
Master 2 IP Address: 192.168.2.200
Database to replicate: db1, db2, and db3

1. We need to install MySQL and dependencies on both server (master1 and master2)

#yum install mysql mysql-server

set mysql password because default password is null

#mysqladmin -u root password new_mysql_password

2. Create a user with replication privileges on both server:
Continue reading

How to Install RSyslog+MySQL with LogAnalyzer on CentOS

Gathering information message is important on Data Center, in some situations you’ll want to store all entries of logfiles on another server. If a server crashes or gets hacked it will be able to trace through  logfiles from your machine. this is can be accomplished by using centralized log server that receive messages from another hosts.  A syslog facility can receive messages from Unix/Linux hosts but also network devices and windows hosts.

In this post, I want to explain step installation of Rsyslog, and Centralized log using MySQL Database. And using LogAnalyzer web interface, for graphical view and administrative.

Step Installation:

1. First we need to install the following packages:

# yum install rsyslog rsyslog-mysql mysql-server php-mysql php-gd httpd mod_ssl

2. Configure rsyslog, mysqld, and httpd to run on startup:

#  chkconfig --add rsyslog
#  chkconfig --add mysqld
#  chkconfig --add httpd
#  chkconfig rsyslog on
#  chkconfig httpd on
#  chkconfig mysqld on
#  service rsyslog start
#  service mysqld start
#  service httpd start

3.  Configure RSyslog with MySQL Database Connection

Assuming for example:
user: root
password: sql password
host: localhost
db to create: Rsyslogdb
RSyslog-mysql database installation path: /usr/share/doc/rsyslog-mysql-2.0.0/createDB.sql

Continue reading

%d bloggers like this: