Uploaded by arakesh403

troubleshooting

advertisement
CHECKPOINT - PRACTICE FIVE INTERESTING TASKS !!!!
=============
Task 1
How not to block Facebook, but block Facebook Gaming apps
=============
Task 2
How to limit video streaming on per user basis
=============
Task 3
How to limit video streaming for all the users overall
=============
Task 4
How to block particular set of websites for some particular day
=============
Task 5
How to set custom notification msg, if user is accessing restricted websites
=============
:--
Sol:--
1 you can choose custom categories which only blocks facebook games
2. Qos can be applied per user or Group check point needs to be integrated with ad in order to do name to ip
mapping
3, Qos can be applied for streaming category
4, time based rule can be created
5, while creating policy it will have options allow, monitor, warn, block, warn means user needs to
acknowledge before proceeding to the website
DNS Notes
A domain level name server may contain a list of DNS servers where a name record is kept. It then
informs the resolver of the IP address(es) or location of these DNS servers. The resolver then attempts to
query the ADNS servers. It attempts to resolve against the first server (ns1.x.x.x.x), if query fails then it
attempts the to query the second (ns2.x.x.x.x) and so forth.
A DNS server may contain multiple addresses for a domain name. When requests are made to the DNS
server from the resolver, the server shuffles the multiple IP addresses associated with the domain name
then selects one to return to the client.
A name record is constant in a DNS server. For example, if a web server hosting domain
www.mywebserver.com which a name record points to is no longer available the name record will
continue to point to that server. A GTM device is useful in monitoring servers in a redundant setup and
returning an IP address associated with a server which is reachable.
Anyway, if you setup F5 VIP the default TCP protocol profile has two following relevant settings:
Idle Timeout: 300 seconds
Keep Alive Interval: 1800 seconds
The definition of these as per F5 help:
Keep Alive Interval: Specifies, when enabled, how frequently the system sends data over an idle
TCP connection, to determine whether the connection is still valid. The default is 1800 seconds.
Idle Timeout: Specifies the length of time that a connection is idle (has no traffic) before the
connection is eligible for deletion. The default is 300 seconds.
Download
Random flashcards
State Flags

50 Cards Education

Countries of Europe

44 Cards Education

Art History

20 Cards StudyJedi

Sign language alphabet

26 Cards StudyJedi

Create flashcards