Teodor Dodita
on
•
25 mins
Always On VPN (AOVPN) provides a seamless always-on connection that boosts security and the user experience.
Is getting an A+ rating with the Qualys scanner starting to feel a bit like chasing a mythical unicorn? Every time you get close to catching and keeping the beast — it run's away and they change the rules again!
So here we go again... Another vulnerability has been found in OpenSSL. However, this is very hard to exploit and requires the hacker to have control of your wireless hotspot or network.
By default, the source IP address of the packet reaching the web servers is the IP address of the load balancer and not the IP address of the client.
To ensure complete protection all SSL certificates that have been used with a vulnerable version of OpenSSL should be regenerated using a new private key.
Exchange 2013 is Microsoft's latest enterprise level messaging and collaboration server. It has been designed for simplicity of scale, hardware utilization, and failure isolation.
In Exchange 2010, system functionality is split into five server roles (Mailbox, Client Access (CAS), Unified Messaging, Hub Transport (HT) and Edge Transport). Mandatory roles are Mailbox, Client Access and Hub Transport.
There are a lot of SSL offload throughput statistics available for appliances across the internet but rarely do they detail the way they were tested
The ideal way to monitor the health of the real servers is to to have a dedicated monitoring system in place such as Nagios. However this isn’t always an option, so for some they require the loadbalancer to send an alert.
In general when you are load balancing a cluster you can evenly spread the connections through the cluster. However, with some applications, you might get very high load from just a few users doing heavy work, which can compromise performance.
I must confess, at certain times it has looked like open warfare would break out between the support team and development team at Loadbalancer.org over the last few months.
As of haproxy-1.6-dev1 it is now possible to send email alerts directly from HAProxy thanks to the excellent work done for us by Simon Horman.
Transparent mode with HAProxy allows you to see the IP Address of the clients computer while still having a high availability service using HAProxy.
This Blog is for anyone wanting to load balance the Exchange 2010 CAS role using only open source software.
Does it seem like some appliance vendors go out of their way to make hardware recovery and licencing as difficult as possible?
The BEAST attack is a practical attack based on a protocol vulnerability and mainly affects the client side.
Microsoft Print Server provides a great way to share printers throughout your organisation, but when the print server falls over, the phone quickly starts to ring.
This script was designed primarily to be tied into Ldirectord but feel free to adapt it to your needs, and if you do make changes dont be a stranger post your adaptations below!
There’s been a lot of debate here in the office about how best to capture both your Loadbalancer’s IP and the Source IP of the user in your access_log in Apache 2.4. This is the tried and tested method we've come up with.
Although it's not technically a standard, the X-Forwarded-For (XFF) header is incredibly useful if you have any kind of proxy in front of your web servers.
A couple of customers asked if our appliances would do G-Zip compression. In the past we hadn't given it much thought until someone offered us a card to test it!
I’m excited and slightly scared by our latest product! Excited because I've become slightly addicted to launching multiple instances in different parts of the world and load balancing the traffic seamlessly. Scared because this could change our whole business model.
The vast majority of layer 4 load balancers use LVS in two-arm NAT mode.
Here at Loadbalancer.org we have recently started the certification process of our product with Microsoft Office Communications Server (OCS).
When you have users depending on Windows Terminal Services for their main desktop, it's a good idea to have more than one Terminal Server. RDP, however, is not an easy protocol to load balance.
I've previously blogged about how to get TPROXY and HAProxy working nicely together, but what if you want to terminate SSL traffic on the load balancer to use HAProxy to insert cookies in the standard HTTP stream to the backend servers?