Picture from here

RSS, I love RSS.   RSS makes crossposting easy.   It also allows me to read all of my news in Google Reader instead of jumping to 50 different sites that I used to visit once a day.  RSS allows users to subscribe to your site and read them where they want to, this may be good or bad based on your advertising style.  If you are like me and don’t really make a dime on your blog, then it doesn’t really matter.

Image from here

I use feedburner as a choke point for every web service that has an RSS feed (and I’m a member).   This allows me a couple things, the first is I can easily remember all the web services I sign up for.  The second thing is I have feeds that I can automatically plugin to lifestreaming services that don’t support the sites I use natively.

Through RSS I cross post my blog to Tumblr, Profilactic, Friendfeed, Suprglu, and any other life service I come across (just search for Creeva as the username).   Now At this point I’ve made feedburner to do all the heavy lifting and bandwidth intensive work for feed readers.  I even use my feed (a filtered version) to post notifications to Twitter when I have a new story published using the Twitterfeed service.

The other key thing to remember with RSS is when we get to the widget space.   Some sites don’t have an option for crossposting, they are completely locked.   You can however (in some cases) place a widget in your profile on these sites.  More times then not you can manage to place an RSS widget.  An RSS widget shows your current RSS feed items and allows you to place them on these profiles that otherwise have locked data.

With wordpress there is a plugin called feedwordpress that aggregates feeds and publishes them as items on your blog.   They keep trying to make this plugin better, but I can tell you it doesn’t seem ready for prime time yet.  I’ve tried every trick imaginable and I always end up receiving duplicate entries in my main blog.   Because of that I don’t use feedwordpress anymore, I may try in the future.  This would lead to the ultimate life caching solution, by allowing my blog to pull in all the data I generate everywhere else, and then crosspost it to all my friends across the web.  Unfortunately it’s a pipedream at this moment.

Now click the logo to subscribe to Creeva’s World 2.0:

Image from here

In the next part of our crossposting god series we are going to cover services that allow you to publish by e-mail.

Previous Entries in The Crossposting God Series:

The Crossposting God Series Part 1 – The Introduction

The Crossposting God Series Part 2 – Vox

The Crossposting God Series Part 3 – Live Journal and Derivative Sites

The Crossposting God Series Part 4 – Entry, Distribution, and End Points

The Crossposting God Series Part 5 – Myspace

To get an n810 or not is the question.   A few days ago I wrote a couple blog posts from my wife’s new n810.   I have some reservations about the keyboard for “power writing”, but that can be handled by a seperate bluetooth keyboard.   I think that’s not an issue.

Would I use it instead of a laptop – kind of.    Right now through work I have a Mac Book Air for my mobile device.   It’s great, it’s light, it does most of what i need it to do (what it can’t do would require linux or windows so it’s forgiven).    The one thing I run into with the air is the same thing I run into with my normal laptop, accessibility.   For normal computer use they are highly accessible, but if I do make it to HOPE this year or other travel venues it would be MUCH better to not bring a full laptop (if I do take an 810 to HOPE I’ll be accessing the internet through an encrypted Hamachi VPN tunnel to home and using a proxy there to access the Internet – no clear text information is going to be slipping by me – I can deal with the speed hit that will cause).

It’s much easier to have a bluetooth keyboard and an N810 to haul around to these places more so then a full laptop.   WIth a full laptop I need to worry about power (n810 has better battery life), privacy due to larger screen size,  finding a place to sit versus standing and using the n810.    These things are all things that go through my head while debating this purchase.

So yes the N810 would make me more mobile, and be more convenient.   I know for me (extreme power user) it won’t replace a computer or laptop, but for some people (like my sister) I could see this as a 100% computer replacement.   Too much geekery for me it seems.   So then we open up the question, could I live for a week with just the N810?

The N810 isn’t really designed for offline use.    If it has an internet connection that’s great.  I would be able to do most my blogposting and status updates via email so when I hit wifi I could sync up and go.   In alot ways I think this is enough.   To check this I need to menally compare it to my my Palm TX.

I’m not sure that the N810 will fully replace my Palm TX (then again no one said I couldn’t keep it).  WIth my palm TX I use it as an email platform, a web access device, a centralized syncing device, and an ebook reader.   Anything else I use it for is mostly games so that’s not really an issue – IM has always been painful on it do to .

Since the N810 does not have heavy document handling and I don’t think the resolution is quite right for ebook reading (the two thing I think I would keep my TX for)  it does have better web page filtering (my blog almost breaks the TX).   I would also be able to do IM since I wouldn’t be forced to stay on the IM screen like I do on the TX.   Email should be equal or better on the N810 versus the TX, Web Browsing would be better, and IM would be better.   The occasional full need to document editing and e-book reading would mean the TX could sit on the bottom of my bag (and a bluetooth keyboard would work with it – two devices one keyboard).

So theoretically I could replace my laptop about 90-95% with the two devices.   With having a much smaller footproint and ease of use in carrying these devices with me.   Having the N810 would mean that I no longer have to carry an iPod around since it would handle my podcast playing – bonus to the fact that it will auto scrobble to last.fm something that I have never gone working to a level I liked with an iPod and linux.

Movies however I’ll probably still use my palm TX – I can play full divx movies on it without having to re-encode them.   Bonus to me.    This will also have the side effect of saving me battery life on the N810 if the TX is with me.   I don’t watch movies too often on the go though.

Through hackery I would be able to sync my calender on google with my N810 – something that never worked right on the TX.   I would be able to compose music on the N810 (yes it can compose music).   Someone is also working on an instrument tuner – which is something I was going to buy this summer – so I’ll save 30.00 there.     I was going to buy an iPod, but with the 10 GB I can max out on the N810 and the fact that I only really use an ipod for podcasts would mostly make that that a non issue  – so a savings of 150.00 – so far I’ve saved myself 180.00 on stuff I would probably buy this summer.

There is an NES emulator (that works better on then on the TX) and a GBA emulator – this should save me from carrying around my GBA (which I ironically use more then my DS).   I also play RPG’s so the slight frame drop won’t really effect me.    I can use skype which really isn’t to much of an issue for me since I mostly would call my wife and we have free phone calles between us.   With utterz I can use my phone to “call in” blog posts.

I would be able to start geo caching with the N810 built in GPS, I’ve watned a gps for a long time, not for driving directions since I can look at a map easily and I’m able to figure out where I am.   My wife is sometimes jealous of my innate directional sense.   Usually I get way to lost sometimes by actually reading a map, wrongly at that.   I could get a cheap GPS for 90.00 – but that would take my total electronic purchases to 270.00.   We are approaching the N810 price.   (We actually match it if you figure out it would handle my gaming needs – but I already own those devices)

I like the N810′s keyboard versus the N800′s touch screen which my wife tried out first, but it still a small small keyboard and I have bigger fingers then her.   I can enter information quickly enough for a mobile device I can whip out real quick – and 500% faster then I can do on my phones keypad.     If I utilize bookmarks and saved password this should help limit my typing.   The less need I have on this the better.    Once again if I’m going to write a long blog post like this one is becoming i would have to have a bluetooth keyboard.

My tmobile internet connection is very slow on my cellphone, but being able to stop by any mcdonalds or burger king for quick internet access kind of alleviates that concern.   Granted wifi coverage isn’t ubiquitous but it’s common enough that I think I would be fine.

I’m probably going to decide tonight to get one.   Working through this post has helped alot.   I think I started with the fact that this would replace my palm TX, and going through that thought process I don’t think it would.   I think it will however handle the fact if I’m gone for a week or two away from a computer (though I can fathom two weeks away from a regular computer) that I could be just fine in a solely mobile solution without a laptop.    Using the host mode hack on the N810 coupled with the card reader program on the Palm TX means I’ll be able to utilize the Palm TX as a removable storage space on the N810 if I need it with normal SD cards instead of needing a thumb drive that would drain the N810′s power quicker.    This would allow me to throw another 8 GB and make the card switch out very easy for me.

I’ll keep everyone updated on what I decide.

One thing I’ve been working on for awhile is and Internet Deadman’s Switch.  With all of my crossposting and media re-usage activities in the grand scheme this should be fairly trivial.   I am sure however that some things will slip me up.   We’ll start in this section of identifying the goals I wish to acomplish and work through some of the stages in part two.

What do I mean by Deadman’s Switch?

A deadman’s switch is something that is triggered normally to keep you alive.   A quick example is the pressure plate on a riding lawn mower.   The pressure plate must have weight on it or the lawn more will not start and if the weight is removed the lawn mower will shut off.  So essentially one action cause another action to occur when certain variables are met.   My trigger would be my death.  If I didn’t verify if I was alive after a certain period of time to a program/website/etc.  the a serious of scripts and actions would trigger leaving behind all the information I wish to impart on those behind me.

Why do I want a Deadman’s Switch?

This idea started in my head about 7-8 years.   There used to be a website that had you check in once a month and if you didn’t log in it will send off emails to the ones you care about (or the ones you don’t).   This gives you the final word and allows you to send of those things that might be important.   I can leave my wife information about all my accounts and password, any relevant information that she may need and won’t be able to gather up, parting words to friends and families.   I would also thanks to my current setup be able to post to all my social networks and make an announcement of my death.   This I find intriguing and I’ll at least go through all the steps of implementing this (whether I actually use it and maintain it will remain to be seen).

What would I send?

I’ve broken down what I would want to send into four sections:

• My wife – I can deliver my final message, copies of important documents, access to all of my accounts and any other relevant information she needs
• My family – I would send each family member a personal message from the beyond – I also would send them a follow up to do with my wife in case something happened to her at the same time, that way there would still be someone i could trust that would have access to the information they may need to clean up my estate.
• Friends – I would send each of my “high level” friends an individual message – if somehow my whole family is taken out in one full attack – I don’t think I’m passing any of my personal information off to them.
• Public Internet at Large – this is broken into a few more sections, but essentially I’ll be leaving a video, audio postings, status updates to my social networks (“I’m dead thanks for all the fish”)), and a few final blog postings.

The trick to all of this is of course is reliant on a few things.   The first and foremost being that I can send email after I’m dead.   It also can not be reliant on my home PC (if a housefire hits or a tornado takes me out I don’t want my home to be the weakest link).   Finally whatever script I use must be able to pull from an FTP site (for the audio and video).    Once those can be accompished I’m fairly sure I can get everything else done.

When would I send it?

This is the other conundrum isn’t it?  How do you net tell everyone you have passed on while you are still alive (that could be embarrassing).    You need to pick a time period that seems suitable to you (every 12 hours is not suitable).  I’m thinking either every two weeks or every month I would have to login and verify that yes I am still alive and kicking.  The only problem this would really cause is if I’m kidnapped or held hostage.   The chances of those being so minimal that it is unlikely so I won’t really take those into account.   So to be safe I’ll set it for somewhere between 14 and 31 days.

Another thing I would like to do is configure it to be staggered.  That way I’ll be able to send a message to my wife warning her about the upcoming announcement of what is going to occur before it actually does.  Then to family, then to friends, and finally to the Internet as a whole.   This would keep it from being one big whirlwind hitting everyone at once like a ton of bricks.   I don’t want someone completely freaked out when they see a new youtube movie of my me uploaded.    So a staggered release would be the best scenario (if it’s possible).

How am I going to do this?

You’ll just have to wait for part 2.

Ping.fm allows me to sync my status from the following services:

• Bebo
• Blogger
• Facebook
• Hi5
• Jaiku
• Linkedin
• Myspace
• Pownce
• Tumblr
• Twitter

Keeping all the statuses in sync across all my services is a life saver.   If you would like to sign up use the beta code “pingfriends” and get in on the beta action.

Google is all about consolidation of data, there whole mantra is behind it.  They have released oodles and oodles of services that I utilize (yes I’m a google whore – there I said it), but only minimal correlation between the tools other then a common login.   Many of their tools generate reports or data that could be transformed into reports.  Some of their services it’s almost brain dead that they haven’t integrated the services.   Let’s go through the services and how I would design “Google Reports”.

The most obvious Google “products” I would lump together would be Google Analytics, Google Webmaster Tools, Google Adsense, and Google Adwords.  All four of these products are usually used together – so why can’t we get reporting for all three on one page?  All of these products can give a webmaster an overview on where his site(s) are going and what he can work on.   There is absolutely no reason to go through four different interfaces to get this information.   Yes I can set up email reports from some of them – but a singlular report and page to view them at a quick glance would be great.   If I click on something to drill down on it could then take me to to the specific related products page.  While we are the subject of Google Analytics – a listing of recent page views ala the way statcounter does it would be great.   To be honest that’s the only reason I still use my statcounter account.

Those were the four products that prompted me thinking about this in total from the beginning.   Now let’s move on to the other products, video for example.   Google Video and Youtube both fit different niches in the google video structure.   Youtube allows you to upload video more quickly but has time and size limits, Google Video however allows downloads and unlimited sized and no time limits when you use their external (non browser based) uploader.  Now Google Video’s reporting very frequently fails to work – loosing view and download counts so this needs to be addressed.   But a report that would include subscribers, views, and downloads would be fantastic.

Feedburner should be tied into analytics also for the amount of information it gives you and stats, while I’m on a mini rant here when are we going to be able to inject adsense into our feedburner items?

Now let’s break into the quickies:

Google Base – ok I still don’t understand this product so I have no idea.

Blogger and Page Creator would tie in easily with Analytics – so there is no reason not to make this automated.

Browser Sync – The number of synchronizations and all machine that you ahve synchronized against.

Calender – Ok trickier but the number of appointments from a given day/month/week

Docs – Number of edits, number of documents, space they take up, and how many of your colloboration documents have had edits.

Gmail – Number of emails received, sent, spam caught, most frequent contacts, amount of free disk space.

Groups – could tie into Analytics if your the group owner but beyond that – number of members and messages – how many new messages if your just a reader.

Igoogle – um no clues

Reader – number of stories read

Picasaweb – how many times each photo was viewed, who has linked to it, and any subscribers

Finally webhistory – the amount of searches performed, and a concise list of sites embedded in the reports.

I would want to see report being able to be generated automatically on a daily, weekly, monthly, and yearly basis.   The ability to customize reports by date or time period would also be great.   The ability to atomically email them to you at a preset time would be fantastic.

The last feature I would add is an open API so we could plugin new reports and send them to google to collect and have other programs able to fetch and manipulate the data on a client side.  I know I’m asking pie in the sky at this point.

Google literally has all this data on us and more.  They are preaching data portability and openness so why don’t they consolidate and show us more of the data they are holding.  I’m not asking for all of the secret sauce just what’s relevant to me.  Combing the original few things before I went into quickie mode though would be utterly fantastic and an excellent starting place.

Original From Journey To Get Paid: Google’s Next Service Should Be – Google Reporting.

–
Posted By Creeva Murkado to Journey To Get Paid at 4/11/2008 12:19:00 PM

Kiosk Options

When discussing kiosk system we need to discuss the scope, security issues, and functionality requirements that we must maintain to achieve a successful deployment.   There are many types of kiosk systems that we can implement within the Company network.   The solutions we are going to describe in this document are based on product literature that we have received after scope is finalized actual product testing will be done so we can verify that all the features work as described and will function within the deployed environment.

For the sake of categorization the following options were identified as possible for use within a kiosk environment.   This list is not meant to be all encompassing but rather a list of desired features that we feel can be accomplished from the products we are looking at.

·    Internal Websites – company Designated
·    External Websites – Completely open from a kiosk standpoint
·    SSL VPN – For access to the internal network
·    Citrix – for terminal server capabilities
·    Printing – locally attached print
·    Sound – for hearing active embedded media
·    USB Mounting – for USB memory sticks
·    Run Apps Locally (Read Only) – from either the memory stick or kiosk directly
·    Run Apps Locally (Read / Write) – from either the memory stick or kiosk directly
·    Write to USB Memory Stick – from kiosk
·    Access to User Documents
·    No Login – completely is designed to start being used without login
·    Boiler Plate Website – standard start page
·    Full application list
·    Internal – Authentication
·    External – No Authentication
·    Browser Plug-ins – for enhanced compatibility
·    Restricted To Certain Web Sites – Company Designated

Kiosk mode systems come in a variety of shapes, sizes, and functions.   To help narrow the design gap for our needs we have devised eight categories in which we can work around design structures for:

·    Full web only access kiosk on the company guest network
·    Limited web access on the company guest network with a locked down browser
·    Full web only access kiosk on the internal network
·    Limited web access on the internal network with a locked down browser
·    Limited seat with security controls on the company guest network
·    Limited seat with security controls on the internal network
·    Full seat with security controls on the company guest network
·    Full seat open use office solution – internal network
·    Full seat with security Controls open use office on the internal network

Each solution has its own benefits and concerns for deployment.  We will be going over these one by one to analyze and work with company to implement the correct and desired solution.  The analysis will include which functions identified above can be implemented, target placement, target users, benefits and disadvantages of each solutions, and possible security concerns.

Full web only access kiosk on the company guest network:

Description: This would be a fully open web kiosk with an address bar located at the top with the web browser being the only application available to the end user.  All functions must be done within the browser.

Possible targeted functions:

·    Internal Websites – via SSL VPN
·    External Websites –
·    SSL VPN
·    Citrix – via SSL VPN
·    Printing – locally attached print
·    Sound – for hearing active embedded media
·    Access to My Docs – Via SSL VPN
·    No Login – completely is designed to start being used without login
·    Boiler Plate Website – standard start page
·    External – No Authentication
·    Browser Plug-ins – for enhanced compatibility

Target placement:

·    Public areas where guests are most likely

Target users:

·    Visitors
·    Visiting Contractors
·    Local Contractors
·    Company Employees

Benefits:

·    Allows users access to information at placement points
·    User will not have access to the local computer beyond the web browser

Disadvantages:

·    All functions must be performed must be performed within a browser
·    Won’t be able to perform other application tasks

Security concerns:

·    If a user leaves an authenticated session up there will be a time delay before the profile resets, risking possible exposure of private data or company data if the SSL VPN was used.
·    Unsigned Active-X controls could cause issues and it would be recommended denying unsigned Active-X controls.

Limited web access on the company guest network with a locked down browser:

Description: This solution can be configured with or without an address bar allowing the option to restrict this to certain web sites.   Active X would be disabled.

Possible targeted functions:

·    External Websites
·    Printing
·    Sound
·    No Login
·    Boiler Plate Website External – No Authentication
·    Restricted To Certain Web Sites

Target placement:

·    Public areas where guests are most likely

Target users:

·    Visitors
·    Visiting Contractors
·    Local Contractors
·    Company Employees

Benefits:

·    Tighter Security Controls
·    Limited Risk Exposure
·    Option of controlling where the users can go via the browser

Disadvantages:

·    SSL VPN will not work if active-x controls are disabled
·    All functions must be performed must be performed within a browser
·    Won’t be able to perform other application tasks
·    With no SSL-VPN – no access to internal company data

Security concerns:

·    If a user leaves an authenticated session up there will be a time delay before the profile resets, risking possible exposure of private data.

Full web only access kiosk on the internal network:

Description: While not recommended this is being offered as an option for choice.  It has the same features as the Full web only access kiosk on the company guest network, but would require user authentication due to the network access it has.

Possible targeted functions:

·    Internal Websites
·    External Websites
·    Citrix
·    Printing
·    Sound
·    Access to My Docs
·    Boiler Plate Website
·    Internal
·    Browser Plug-ins

Target placement:

·    Public sites within company buildings that are not commonly visited by the large amounts of visitors at once.  This would be to limit the amount of time that authenticated data is available if a user walks away from the kiosk.
·    Would not be recommended at location that the general public has access to

Target users:

·    Local Contractors
·    Company Employees

Benefits:

·    Company employees would be able to access their Webmail from anywhere these are placed
·    Company employees would be able to access a terminal server session from anywhere these are placed

Disadvantages:

·    All functions must be performed must be performed within a browser
·    Won’t be able to perform other application tasks

Security concerns:

·    Possible information leakage due to open Webmail or terminal server session.
·    Unsigned Active-X controls could cause issues and it would be recommended denying unsigned Active-X controls.

Limited web access on the internal network with a locked down browser:

Description: While not recommended this is being offered as an option for choice.  It has the same features as the limited access kiosk on the company guest network, but would require user authentication due to the network access it has.

Possible targeted functions:

·    External Websites
·    Printing
·    Sound
·    No Login
·    Boiler Plate Website External – No Authentication
·    Restricted To Certain Web Sites

Target placement:

·    Public sites within company buildings that are not commonly visited by the large amounts of visitors at once.  This would be to limit the amount of time that authenticated data is available if a user walks away from the kiosk.
·    Would not be recommended at location that the general public has access to

Target users:

·    Local Contractors
·    Company Employees

Benefits:

·    Company employees would be able to access their Webmail from anywhere these are placed
·    Company employees would be able to access a terminal server session from anywhere these are placed
·    Tighter Security Controls
·    Limited Risk Exposure
·    Option of controlling where the users can go via the browser

Disadvantages:

·    All functions must be performed must be performed within a browser
·    Won’t be able to perform other application tasks
·    Some sites won’t work due to Active-X being disabled

Security concerns:

·    Possible information leakage due to open Webmail or terminal server session.

Limited seat with security controls on the company guest network:

Description: This would be a scenario where we would have an open standard windows desktop for the user to access.  It would allow only certain applications to run but will give the user access to a portable memory stick for use.

Possible targeted functions:

·    Internal Websites – via SSL VPN
·    External Websites
·    SSL VPN
·    Citrix – via SSL VPN
·    Printing
·    Sound
·    Access to My Docs – Via SSL VPN
·    No Login
·    Boiler Plate Website
·    External
·    Browser Plug-ins
·    USB Mounting
·    Write to USB Memory Stick
·    No Login
·    Boiler Plate Website
·    Browser Plug-ins
·    Restricted To Certain Web Sites – company Designated

Target placement:

·    Public open use office space

Target users:

·    Visiting Contractors
·    Local Contractors
·    Company Employees

Benefits:

·    Allows users access to information at placement points
·    Access to certain designated applications
·    Controlled environment

Disadvantages:

·    Won’t be able to perform non designated application tasks

Security concerns:

·    Possible information leakage due to open Webmail or SSL VPN session.
·    Unsigned Active-X controls could cause issues and it would be recommended denying unsigned Active-X controls.
·    Possible application vulnerabilities could compromise the unit

Limited seat with security controls on the internal network:

Description: Same as the limited seat on the company guest network but designed for internal GRC employees.   Smart card access would be recommended and roaming profiles blocked.

Possible targeted functions:

·    Internal Websites
·    External Websites
·    Citrix
·    Printing
·    Sound
·    Access to My Docs
·    Boiler Plate Website
·    Browser Plug-ins
·    USB Mounting
·    Write to USB Memory Stick
·    Boiler Plate Website
·    Internal – Authentication
·    Browser Plug-ins
·    Restricted To Certain Web Sites – company Designated

Target placement:

·    Public open use office space

Target users:

·    Local Contractors
·    Company Employees

Benefits:

·    Allows users access to information at placement points
·    Access to certain designated applications
·    Controlled environment

Disadvantages:

·    Won’t be able to perform non designated application tasks
·    Large threat to data being exposed

Security concerns:

·    Unsigned Active-X controls could cause issues and it would be recommended denying unsigned Active-X controls.
·    Possible information leakage due to be on the open internal network
·    Large data exposure footprint
·    Possible application vulnerabilities could compromise the unit

Full seat with security controls on the company guest network:

Description: This option would give users to the same standard applications as their normal desktop.   The hard drive would not be written to for data storage.  Roaming profiles would be blocked.  These seat would also have full security controls applied to it.

Possible targeted functions:

·    Internal Websites
·    External Websites
·    SSL VPN
·    Citrix
·    Printing
·    Sound
·    USB Mounting
·    Run Apps Locally (Read Only)
·    Run Apps Locally (Read / Write)
·    Write to USB Memory Stick
·    Access to My Docs
·    No Login – completely is designed to start being used without login
·    Boiler Plate Website
·    Full Application Suite
·    External – No Authentication
·    Browser Plug-ins
·    Restricted To Certain Web Sites – company Designated

Target placement:

·    Public open use office space

Target users:

·    Local Contractors
·    company Employees

Benefits:

·    Users are able to function as they would at their desks
·    Allows users access to information at placement points

Disadvantages:

·    No login requirements
·    Possible data exposure

Security concerns:

·    Unsigned Active-X controls could cause issues and it would be recommended denying unsigned Active-X controls.
·    Possible information leakage due to open Webmail or SSL VPN session.

Full seat open use office solution on the internal network:

Description: Standard full seat for user to use on the internal network located at open access points for any user to access.  Security settinga would be applied and user profile data removed upon log out.   It is recommended to require smart card access to these units.

Possible targeted functions:

·    Internal Websites
·    External Websites
·    Citrix
·    Printing
·    Sound
·    USB Mounting
·    Run Apps Locally (Read Only)
·    Run Apps Locally (Read / Write)
·    Write to USB Memory Stick
·    Access to My Docs
·    Boiler Plate Website
·    Full Application Suite
·    Internal Authentication
·    Browser Plug-ins

Target placement:

·    Public open use office space

Target users:

·    Local Contractors
·    Company Employees

Benefits:

·    Users are able to function as they would at their desks
·    Allows users access to information at placement points

Disadvantages:

·    Requires smart card
·    No access to local profiles

Security concerns:

·    Possible information leakage due to open sessions.

Neither I nor my wife have ever really run full-time anti-virus scanning on our home PC’s. We scan them every once in a great while when we think something is amiss – but 9 times out of 10 it’s usually spyware. (Disclaimer – my work machine runs Norton Anti-Virus corporate edition which I recommend if your going to buy an AV solution)

The reasons that we never really ran it is a few, but mostly that we follow good internet practices.

1. We do not randomly open file attachments – usually we know when someone we trust is sending us something and it wouldn’t have the title “check this out” our contacts will usually put something more personal in the text that wasn’t as generic as 99% of email viruses.

2. We download from trusted sources

3. Out computers ever never been directly exposed to the internet so no incoming worms here.

But it’s always better to be safe then sorry. Recently because she thought she had a mystery virus my wife has fought with Clam AV to find it on her PC. Nothing shows up but it takes a lot of CPU and seems to take 12-13 hours to scan her machine. Because of the CPU hit her machine is mostly useless to her for this time frame.

How can we correct that?

We are going to design a centralized AV scanning box

Ever find that the equipment manuals are terrible or you just can not find a yes or no answer on how something functions?

That is my problem.

Buried in a closet downstairs is a wireless router that is not being used. In my new network design – I want to use it, but I need it to have NAT disabled so I can go between both segments with their real IP addresses. So I need it to act as a true wireless router and the manual says nothing about this type of function.

The router is a MN-700 Wireless b/g router by Microsoft. When I lived in Oregon it served the purpose for a couple of years but got replaced when I moved back to Ohio. With my new network design though I’m going to have at least 2 wireless zones (2 more planned in the future when I have cash) . So I’m stuck on that question until I have time later to hook it all up and configure it. But the manual should have this information.

But what else am I going to do with it beyond complain about the lack of text in the manual?

Well let’s look at the rest of the purpose of this machine (other machines mentioned we will go into detail in a later examining equipment.

The MN-700 will ideally be put into a configuration such as the following off the firewall

Wired Clients MN-700 Firewall
|
Wireless Clients |
Wireless Bridge

I will be using WPA encryption on the Clients and the wireless bridge as this wireless network is going to be behind my main firewall (which has 4 interfaces) I want natting disabled since I’ll be coming through the firewall to the wired clients at the very least – and would like to be able to reach all the computers.

Why do I need to reach all the computers?

Remember the mantra to follow is central management and ease of use – while my network setup when we get through this whole series may not be the easiest to understand nor to configure. When we get to the end users they should not be able to see any impact on their normal usage and it should make everything easy and transparent. Hopefully it will also make everything more functional where the users are interacting with services they didn’t know existed on the network.

Being able to reach all the computers means that I can VNC (covered in a later article) across the network to any machine from any other machine I’m on (as long as I know the password.) This fulfills centralized management and since most my servers run headless (without a monitor attached) it allows me to administrate them without have the electric bill compounded by the electricity that a monitor would use.

I also have at least one computer on that segment where VNC communication is imperative and there is a file share on that same computer. The reason for this will be covered in a later article when I get to that computer.

What other functions will this router offer?

This router on top of his WPA encryption will be filtering client by mac address and not all the clients will have a static IP address. So the router will also be the DHCP that services this network segment ( for the record there will be 2 other DHCP servers on the network and no I don’t want to go DHCP repeater services so I can have a central one). The DHCP pool is going to be wide enough for 20 addresses in case I get other remote device that need access via the secured wireless segment.

The router will allow for external management so from my central desktop or laptop I can adjust or make any configuration changes necessary in a future adjustment.

I’m sure this covers my working with this wireless router – I’ll have a follow-up later on the MN-700 which will include screenshots of the user interface.

This is why I am starting this blog. I am going through an overhaul of my home network. Still not done rewiring the house with CAT5 so I’ll be doing some interesting wireless tricks. I believe in centralized management, and we are going to try to make everything as transparent to the users on the network as possible. These tips and tricks can be translated to networks of larger and smaller sizes.

Hopefully I will have something interesting to offer.