Question : Problem: Using Cisco 3560\3750 SFP port for Tape Library

I am going to be setting up a tape library. I am told with the library that I'm getting that there are two ways to set it up,

[svrs to be backed up]----->thru the lan---->[backup svr]--->SCSI--->[tape library]

or

[fiber nic]------>[fiber bridge]------>[tape library]

My question is, can I use a cisco switch (3560\3750) and plug the tape library in one of the spf ports on it?

I want to buy the switch to act as the 'fiber bridge' and since it's a gb switch and all the servers have gb nics, i just want them to have a gb connection to the tape library which itself is connected by fiber.

Also, in buying the switch, it says the SFP ports are empty, do I need to purchase a specific gbic or fiber module to plug into the spf port? And i'm assuming this module will depend what type of fiber connection is coming off the tape library, would that be correct? like SC to LC or someting another

Answer : Problem: Using Cisco 3560\3750 SFP port for Tape Library

commonly, there are two ways the guy could use:

1. external -> internal:
remote computer -> internet -> DSL router <-> internal server/workstations
(public IP) (internal IP)

in this scenario, the guy could allow himself to access your network and relevant internal hosts by opening specific port(s) on your DSL router. e.g. he can enable TCP port forwarding at 3389 port to one of your internal XP computers, then access this XP and other computers from the XP, just as a local user.

to prevent this: check your DSL routers configurations, make sure there is no ANY such incoming access allowed. additionally, you may also disable all the remote access functions, such as remote assistance/remote desktop connection/VNC, of your server and each workstation, if you dont need them for remote management.

2. internal -> external:
remote computer -> internet <- DSL router <-> internal server/workstations
|
gateway

in this scenario, the guy could install a special agent program (malware: spyware/trojan/keylogger/worm...) on at least one of your internal computers, then gather your private or business information, and even access your computers remotely. a gateway server might be used as a bridge to connect the remote malicious computer and your internal computer. even your DSL router is well configured here, this could still happen because it is an outgoing access, not incoming access.

to prevent this: 1) check the installed software to determine if there are some programs unknown to you. 2) install and run anti-spyware software to determine if there are some known malware have been installed, you may keep the anti-spyware running to monitor strange outgoing access. microsoft anti-spyware is not bad, you may feel free to try it.

frankly speaking, in this scenario, if the guy is a skilled professional and he has installed a not well-known malicious program on your internal computer(s), it is really difficult to check, for a common user.

please notice the arrows and their directions in my diagram above.

hope it helps,
bbao

Random Solutions

Problem: Cisco 2811 VPN

Problem: VA rating for power supplies

Problem: cache too small

Problem: Keyboard error on bootup

Problem: Expanding RAID 1 + 0 on a HP Proliant ML350 G4

Problem: sony vaio vgn-sz300 laptop has no internet port or phone jack

Problem: Black screen - IBM ThikCentre

Problem: Cannot use Control Panel while connected via RDP

Problem: Blackberry Cannot Connect to Server

Problem: VTP Question on Cisco Routers