You want to know what I do at Nokia? Support platforms like these guys. Firewalls, intrusion detection, VPNs. Yup, that's what I do.

Today, our little corner of Nokia officially announces the availability of the Nokia IP2450 geared specifically at the IDS marketThe Nokia IP2450 has been available as a firewall platform for the past several months. Not a new platform, therefore, but new for the IDS market.

This 2U badboy will push 4 gigabits of data in a passive or inline mode and is expandable to 24 copper or fiber gigabit Ethernet ports. This means the box can sit inline on 11 different segments or monitor 23 segments passively. And yes, you can mix and match inline and passive mode ports.

The IDS on these boxes is provided by Sourcefire, which are the folks behind the popular open-source snort IDS tool. It runs on Nokia's Linux-based IPSO-LX OS. And, of course, it's backed by Nokia's worldwide technical support organization, of which I am a part of.

Don't ask me what these badboy's cost. I work in support, not sales. ;) Seriously, if you're interested, Contact Nokia or a Nokia partner for more details.

When I was 11, which puts me in 6th grade, our school had a couple of Apple ][e's in the library. There wasn't any network connectivity to speak of, but I knew then I had a future in them.

However, this just blows my mind. A sixth-grader in Millbrook, Alabama becomes the network administrator for a small, private school. He puts in a firewall, upgrades PCs to run Windows 2000, and generally tries to make the computing life better for the students and faculty of his school. And he has to justify certain expendetures in front of the school board. Talk about a hardcore lesson in the school of the IT business.

Both my kids have been in front of computers ever since they had enough of an attention span. I don't know that they will have any exceptional aptitude at this, but if they ever want to practice their IT skills, I've got the equipment here at home they can practice on. ;)

The scary thing is, this will likely be the most useful part of Jon Penn's education he will receive. Certainly was for me in college when I was one of a couple of students helping to maintain the main engineering computing lab. Hopefully, he will continue to hone his IT skills and become certified. I bet he'll make a mint at it, too.

Image from Network World

A friend of mine just sent me the following, which may be of interest to some of you:

The Academy ( officially launches its web site today providing instructional videos for the information security community. For the first time ever, the average user to the most seasoned industry expert will be able to watch instructional videos on how to install popular products, address common configuration issues, and troubleshoot difficult problems. The Academy is a user driven community and videos are created at the request of its members. Vendors can also leverage the site to showcase the features and capabilities of their products. The Academy is an ideal place to find and share knowledge with others practicing or interested in the information security field.

Back when I was knee-deep in Check Point, it would have been nice to make videos of the stuff I was troubleshooting and make them available, much like I did with FAQs and the like. These guys have done just that with Check Point and a number of other security products. You have to register to see the videos, but there's a lot there!

Well that and I generally just don't care for the sound quality of Bluetooth headsets:

If you're not using it, keep your bluetooth off. Simple as that.

When I was at the car dealer yesterday giving my car some service love, I hung out at the dealership while the repair was taking place. My dealer is pretty good--they give you a coupon (or two) for a free latte while you wait for your car to be serviced. They offer WiFi throughout their waiting area. They also have a "lounge" where you can either use one of the computers they have or use your own.

Despite the dealer having WiFi, I didn't use it. Why? Their system requires reauthenticating every two hours, which gets old when I know I am going to be there for at least twice that long. Instead, I decided to use my Sprint EVDO dongle.

Unfortunately, I spent a long time fighting with the Sprint Connection Manager software (version 1.10.0023.0) instead of working. When I tried to use it to connect, then started up my VPN to connect to the office, my EVDO connection would unceremoniously disconnect. I don't remember my Verizon card ever doing this.

I eventually figured out how to get this combination working. The hint is in the graphic here. Sprint's software--and presumably Verizon's software--are simply front ends for the standard Windows dial-up networking. Sprint's software also has this NDIS mode in it--make sure it's set to RAS before you do this trick.

In Check Point Secure Client (which us old-timers still call SecuRemote), I told it to use a Dial-up connection, which shows up in the Connection window. In my case, I ticked the Use Dial-up option and used the connection called CDMA. There was another one called 3G Connection that I didn't try. After this, Secure Client properly brought up the EVDO connection and started my VPN. The connection didn't drop once and worked reliably for the rest of the time I was at the dealer.

I left the Sprint Connection Manager software running, but I don't believe it was necessary. It continued to show me signal strength and the like, but I did not see any details about how much data I was sending and receiving. That's ok, just as long as my EVDO worked.