Some time back I had written about moving the document and settings folder in Windows to a bigger location (for want of size or backup of some data in there, in the event of machine crash). That was a manual process, by there is good news, there is a tool which can move almost all system folders to where you want – getting still better, it is FREE!
{Go Grab}
Found out today that Cisco has a configuration guide for VPN between PIX firewall to a Juniper Netscreen Firewall
There are different market players when it comes to Threat Management / Log Management /Compliance Management;
It ranges from netForensics, Cisco’s CS-MARS, LogLogic, netIQ, ArcSight and so on…
STRM is Juniper’s entry to the log management market offering solutions which along with log management provides some Network Behavior Analysis as well with the event correlation. Its been beaten to death as to which solutions is better but I still feel every log management solution has a relation to the type of network we’re looking at (I’m sure I won’t be alone in this one)! Simple – How would be HIPAA looked at in a R&D center – What use is there for CPU cycles invested?
Put aside the vendor competition, STRM basically would support any device which can send Syslog events to it and correlate it – ranging from Juniper’s SSL VPN / Firewalls to Windows Machines. It has also got the flow going (Netflow / JFlow etc…)
Juniper’s NSM Attack update is something which will go over to Juniper’s security server and download the latest available IDP signature sets. There are situations where the NSM server do not have Internet connection, thus having to use a proxy solution.
You can use Squid Proxy for handling this; Setup Information would be as below;
1. Install Squid (I used Windows binary of Squid) on a machine with Internet Access.
2. Edit the conf file for Squid and add as below
Squid Config Information:
With no password proxying, all you need is this;
http_port 3128 (or any port)
http_access allow all
3. If you want to have basic authentication (NCSA), change the conf file to this;
With username/password proxying, you need this; => For NCSA type of authentication
http_port 3128 (again any port)
auth_param basic program C:\\squid\\libexec\\ncsa_auth.exe c:\\squidpassword.txt (2 slashes since it is on Windows)
acl NSMQA proxy_auth REQUIRED
http_access allow NSMQA
4. Configure proxy server ip and port in NSM preferences
5. Start Squid and that is it. Have fun
Well I do have corporate solution for AntiVirus on my work laptop, however I got hit by a worm (regsvr.exe – typical Google lookup) while my AntiVirus software sat happily there! Eventually I got it on my cell phone as well 
Removing that was no-brainer anyway’s; but my time! Not gonna spend time explaining how to remove this (just Google for regsvr.exe and you have ton’s of solutions).
Second; a guy approaches while I was happily watching TV, telling me that he can get me GAS (took a name of a well known GAS agency) with out having Ration Card (something that Indian’s would understand 
). I went to that store to see there is no guy by that name in the shop! Luckily I didn’t give any money to him as booking charges or so.
Then I receive this hoax letter – International property disposition offering me a 2008 Land Rover or equivalent cash (about 1.8 Million Rupees) and all I have to send is 1000 Rupees in cash – couldn’t stop laughing. Then I thought may be there are guys who’re hit with this and so I did a Google search on ‘International Property Disposition + hoax’, Voila! First post, there are guys who had actually send that money twice and still waiting for the gift???? Whatz wrong with these people man? I do not understand, you just get 1.8 Million for just 1000 Rupees – then you can as well start printing money on your own…
That reminds me of an incident, one of my friend sold his DVD player – the buyer came while he wasn’t there and gave money, got change only to find later in the evening that the money given was a high quality photo copy!
Great Place to live – IT hub of India (Bangalore) – Come to get cheated…. (Last year at this time I got robbed). Yeah – they’re all onto me!
While using Juniper Firewall devices, there are 2 ways of creating an IPSEC VPN, route based and policy based. There has been a lot of discussions around this area as to what is the difference. However there is one important way of differentiating these 2 types of VPN.
Think about the other networking Giant, Cisco. Cisco’s PIX/ASA firewalls do VPN and they do only Policy Based VPN (Access-lists for interesting traffic). So the differentiating factor while we create VPN between these 2 devices would be;
Route Based VPN:
1. If everything behind both Juniper Firewall and PIX/ASA needs to be connected via VPN, then route based VPN would work.
2. If only one subnet needs to be allowed to connect via VPN, then again route based VPN would work.
However, say if you want to only use 2 subnet behind Juniper Firewall then it would not be easy with a single tunnel interface. So it is basically suggested to go for Policy Based VPN where you can define the source networks that needs to be secured.
Juniper has a tool that’d convert the IOS configuration to JunOS, released some time this year and looks nice. This is especially in the light of vast configuration examples of Cisco and can be converted into JunOS based devices as well.
http://www.juniper.net/customers/support/
Checkout at the above URL. Of course only available for customers with active support contract.