ALLANA SONS LIMITED

Established in the year 2008, we, Allanasons Limited, are engaged in trading and exporting a
wide range of Cereals, Spices and Agro Products. In a very short period of time, our company is
counted amongst largest net foreign exchange earners with a turnover of Rs. 3500 Crores (US$ 750
million) for the financial year 2008-09. We are rewarded by various awards like Premier Trading
House by the Government of India, Golden Trophy by APEDA (Ministry of Commerce,
Government of India) and Outstanding Exporter of the Year 2008-09 by DHL-CNBC international
trade awards in the category of Agriculture, Foods & FMCG. Our constant endeavour is directed
towards the offering of hygienic and high nutritional level food items to the clients. In order to
achieve this, we possess well developed food safety systems with proper safeguard facilities and
technologies. Further, we are making heavy investments in creating world class integrated food
processing complexes. Our facilities are ISO 9001: 2000, HACCP and ISO 14001 (Environment
management system) certified. At present, we are supplying our range to the clients in more than 60
countries. Under the sincere guidance of our mentor, Mr Gani Ismail, we have achieved a
respected and distinct position in the market. His vast business knowledge and experienced have
helped us in providing maximum satisfaction top the clients.

Allanason is India's largest exporter of processed food products and agro commodities. The
Company has been designated as the Five Star Trading House by the Government of India.
Our team plays a key role in meeting heaped requirements of our clients across the world. We work
with experienced professionals, who help in earning a preeminent name for our organization. They
work in a hygienic condition to offer healthy and tasty range of Cereals, Spices and Agro Products.
We provide food safety training programs to enhance their knowledge and skill. Our team
comprises:
Procuring agents.

 Quality controllers.
Warehouse & Packaging personnel.
Sales & Marketing executives
Allana Group has achieved enviable growth in its exports, clocking 44% over the last two years.
Added to that, it has demonstrated its leadership in manufacture, marketing and sales of its branded
processed foods.
We are the World's Largest Producer and Exporter of Frozen Halal Boneless Buffalo Meat.
But, that's not all; Allanasons is also India's single largest exporter of frozen meat, processed/frozen
fruit and vegetable products.
The Group has made substantial investments in creating world-class integrated food processing
complexes. Facilities which have been certified for quality and product safety systems under ISO
9001:2000 and HACCP. And ISO 14001 (Environment Management System) too! Similarly we are
having OHSAS 18000 towards an international occupational health and safety management system
specification.
For its new range of value added, branded consumer frozen food products to be launched shortly,
the Group is constructing additional Food Processing Plants with large investments in machinery
and manpower.
What's more, Allanasons is India's largest exporter of coffee as also leading exporter of cereals and
frozen marine products. The Group has also set up plants for processing, preserving and freezing of
Marine Products, which are approved in accordance with stringent quality standards for export to
Europe.
Allanasons' contribution to India's export effort has been recognized by the Government of India,
APEDA (Ministry of Commerce), Federation of Indian Export Organizations and various State
Governments in the form of numerous awards at national, state, and organizational levels.

The Industry Leader

Allanasons. India's largest exporter of processed food products and agro commodities. The
Company has been designated as the Five Star Trading House by the Government of India. We are
the World's Largest Producer and Exporter of Frozen Halal Boneless Buffalo Meat!
But, that's not all. Allanasons is also India's single largest exporter of frozen meat, processed/frozen
fruit and vegetable products.
India's Largest Exporter of Frozen Halal Buffalo Meat, Coffee, Fruit Concentrates and Purees...
What's more, Allanasons is India's largest exporter of coffee as also leading exporter of cereals and
frozen marine products. The Group has also set up plants for processing, preserving and freezing of
Marine Products, which are approved in accordance with stringent quality standards for export to
Europe. The Group has made substantial investments in creating world-class integrated food
processing complexes. Facilities, which have been certified for quality and product safety systems
under ISO 9001:2000 and HACCP. And ISO 14001 (Environment Management System) too

COMPANY PROFILE
Our parent firm was established in Bombay in 1865 as a trading company, dealing in agricultural
commodities. This family business has in the last 135 years grown into a large group of companies
headed by Allanasons Limited which was incorporated in 1973 to consolidate and centralise the
export activities of the Allana Group. Today Allanasons Limited is the second largest net foreign
exchange earner in the private sector of India.
We have pioneered the export of many food items from India, such as onions, potatoes, fruits,
vegetables, eggs, whole fish, and processed meat. It is with a sense of pride and achievement we
claim that our efforts and value of exports have been consistently recognised by the Government of
India, Ministry of Commerce, by granting us the highest status given for exporting organisations,
which presently is Super Star Trading House. We are a Super Star Trading House with Golden
Status - the highest achievable status.
We are the largest producers and exporters of processed foods and agro-commodities from India.
Our group companies own and operate Asia's most modern, integrated meat processing complexes,
setup according to highest international standards and specifications, incorporating the latest
technology and automation in all stages of production. We offer a wide range of quality products from genuinely halal frozen meat, canned meat, lamb carcasses, mutton cubes, frozen marine
products, coffee, tea, spices, frozen fruit and vegetable products, sterilised meat and bone meal, to
leather.
While the accent is still on agro-based products, over the years we have diversified into other
manufacturing activities, including vanaspati (hydrogenated vegetable oils), foundry chemicals,
ceramics, and paints.
In the following pages you will find details of our products and our achievements in the export
sector of India.

ABOUT US

Allanasons. India's largest exporter of processed food products and agro commodities. The
Company has been designated as the Five Star Trading House by the Government of India. Allana
Group has achieved enviable growth in its exports, clocking 44% over the last two years. Added to
that, it has demonstrated its leadership in manufacture, marketing and sales of its branded processed
foods.
We are the World's Largest Producer and Exporter of Frozen Halal Boneless Buffalo Meat.
But, that's not all. Allanasons is also India's single largest exporter of frozen meat, processed/frozen
fruit and vegetable products.
The Group has made substantial investments in creating world-class integrated food processing
complexes. Facilities, which have been certified for quality and product safety systems under ISO
9001:2000 and HACCP. And ISO 14001 (Environment Management System) too! Similarly we are
having OHSAS 18000 towards an international occupational health and safety management system
specification.
For its new range of value added, branded consumer frozen food products to be launched shortly,
the Group is constructing additional Food Processing Plants with large investments in machinery
and manpower.
What's more, Allanasons is India's largest exporter of coffee as also leading exporter of cereals and
frozen marine products. The Group has also set up plants for processing, preserving and freezing of
Marine Products, which are approved in accordance with stringent quality standards for export to
Europe.
Allanasons' contribution to India's export effort has been recognized by the Government of India,
APEDA (Ministry of Commerce), Federation of Indian Export Organizations and various State
Governments in the form of numerous awards at national, state, and organizational levels.

PRODUCTS
1. Meat Products : Frozen Halal Buffalo Meat
The Allana Group enjoys the distinction of being the pioneer (1969) in the export of
deboned and deglanded frozen Buffalo meat, exporting its products currently to 64 countries
world-wide, including South East Asia, Middle East, CIS, Africa and Pacific Basin Nations,
singularly accounting for about 60% of meat exports from India.
We are the World's Largest Producer and Exporter of Frozen Halal Boneless Buffalo Meat!

Range of products:
Fresh, frozen boneless Buffalo Halal meat.
Chilled boneless Buffalo meat Compensated boneless Buffalo meat is supplied in
natural proportion of the cuts and is guaranteed 93 % chemically lean canned corned
meat.
Full range of fresh quick frozen offals ( fancy / variety meat )

2. Canned Meat
FRIGORIFICO ALLANA LIMITED a member of ALLANA Group of companies Corned
meat manufacturing plant is the most modern integrated meat complex in Asia. It is located
in the Disease free zone - Aurangabad District of Maharashtra State in India. It has been
designed and built to meet the most stringent EEC and FDA standards. In this vertically
integrated plant the main products namely, Corned Meat and Frozen Meat are processed on
the upper floor while the by-products processing is carried out on the ground floor to
maintain plant hygiene standard at the highest level. All animals slaughtered at the ultramodern abattoir-cum-meat complex undergo ante mortem and continuous post-mortem

inspection, carried out by the government veterinarians and the entire Corned Meat
processing operation is under the supervision of Central Government Inspection Agency.

A comprehensive veterinary health certificate is issued for every consignment of Corned

Meat Confirming its suitability for human consumption. The product is manufactured
exclusively from animals which have been slaughtered strictly in accordance with Islamic
rites. A Halal certificate is provided for every consignment. Corned Meat is produced from
thoroughly trimmed fore-quarter & hind-quarter cuts and has appealing pinkish red colour,
pleasant flavour, and characteristic of Corned Meat. Corned Meat - is packed in rectangular
OTS Cans of 340 grams. (12 oz.) Net. The cans are then packed in corrugated export-worthy
cartons of 24 cans x 340 grams. Net each.
3. Frozen Marine Products
Allana group is a pioneer in the processing and export of frozen fish from India; we have a
range of over 40 varieties of frozen marine products.
In our commitment to provide frozen marine products in their freshest state we have set up
the most modern infrastructure, which incorporates procedures and equipment that are stateof-the art to procure, process, freeze and export frozen sea food. Our production facilities
are the most sophisticated and modern in the region and process a level of technological
excellence comparable to prevailing global standards.
The Allana group is actively working with regulatory bodies in protecting and promoting the
ocean's environment as well as minimising the industry's impact on the ecosystem. We have
rewarded fishing communities that act as responsible custodians of fish habitats by
contributing to initiatives such as the Fishermen's Welfare Fund.

The Group contributes to the development of sustainable seafood by procuring from vessels
using turtle-safe fishnets thus avoiding accidental by catch. In addition, the Group actively
contributes to the neighbourhood of its processing facilities. For Instance the discharge from
effluent treatment plants is used to grow trees in coastal areas and provide water to
neighbouring farms.

4. Fruits and Vegetable Products : Alphonso Mango Puree

Allana group is the largest Indian exporter of frozen fruit purees / pulps and vegetables from
India.
At Allanasons, the focus has always been on delivering nothing but the very best in quality.
At every stage. Right from selection of the choices fruit and vegetables, to adhering to the
highest internationally approved standards of procurement, processing, packaging and
quality control.

All fruits are sourced directly from select orchards, with special emphasis on the optimum
ripening of the fruit prior to processing. The fruit is sorted; machine washed and then put
through an automatic continuous process of sterilization / pasteurization. For Frozen
products, the product is quickly chilled to minus 20C prior to filling and freezing.
This HTST processing, followed by ultra-low temperature filling, retains maximum natural
flavour and aroma of the fruit. For Aseptic products, UHT process is followed by quick
cooling prior to filling.

NETWORKING
A computer network or data network is a telecommunications network which allows computers to
exchange data. In computer networks, networked computing devices pass data to each other
along network links (data connections). The connections between nodes are established using
either cable media or wireless media. The best-known computer network is the Internet.
Network computer devices that originate, route and terminate the data are called network nodes.
[1]

Nodes can include hosts such as personal computers, phones, servers as well as networking

hardware. Two such devices can be said to be networked together when one device is able to
exchange information with the other device, whether or not they have a direct connection to each
other.

Computer networks differ in the transmission media used to carry their signals, the communications
protocols to organize network traffic, the network's size, topology and organizational intent. In most
cases, communications protocols are layered on (i.e. work using) other more specific or more
general communications protocols, except for the physical layer that directly deals with the
transmission media.

Computer networks support applications such as access to the World Wide Web, shared use
of application and storage servers, printers, and fax machines, and use of email and instant
messaging applications
The chronology of significant computer-network developments includes:
In the late 1950s early networks of communicating computers included the military
radar system Semi-Automatic Ground Environment (SAGE).
In 1959 Anatolia Ivanovich Kitov proposed to the Central Committee of the Communist
Party of the Soviet Union a detailed plan for the re-organisation of the control of the
Soviet armed forces and of the Soviet economy on the basis of a network of computing
centres.
In 1960 the commercial airline reservation system semi-automatic business research
environment (SABRE) went online with two connected mainframes.
In 1962 J.C.R. Licklider developed a working group he called the "Intergalactic
Computer Network", a precursor to the ARPANET, at the Advanced Research Projects
Agency (ARPA).
In 1964 researchers at Dartmouth College developed the Dartmouth Time Sharing
System for distributed users of large computer systems. The same year, at
Massachusetts, a research group supported by General Electric and Bell Labs used a
computer to route and manage telephone connections.
Throughout
the
1960s, Leonard
Kleinrock, Paul

Baran,

and Donald

Davies independently developed network systems that used packets to transfer

information between computers over a network.
In 1965, Thomas Marill and Lawrence G. Roberts created the first wide area
network (WAN). This was an immediate precursor to the ARPANET, of which Roberts
became program manager.
Also in 1965, Western Electric introduced the first widely used telephone switch that
implemented true computer control.
In 1969 the University of California at Los Angeles, the Stanford Research Institute,
the University of California at Santa Barbara, and the Utah became connected as the
beginning of the ARPANET network using 50 kbit/s circuits.
In 1972 commercial services using X.25 were deployed, and later used as an underlying
infrastructure for expanding TCP/IP networks.
In 1973, Robert Metcalfe wrote a formal memo at Xerox PARC describing Ethernet, a
networking system that was based on the Aloha network, developed in the 1960s
by Norman Abramson and colleagues at the University of Hawaii. In July 1976, Robert
Metcalfe and David Boggs published their paper "Ethernet: Distributed Packet

Switching for Local Computer Networks"[4] and collaborated on several patents received
in 1977 and 1978. In 1979 Robert Metcalfe pursued making Ethernet an open standard
In 1976 John Murphy of Data point Corporation created ARCNET, a token-passing
network first used to share storage devices.
In 1995 the transmission speed capacity for Ethernet increased from 10 Mbit/s to 100
Mbit/s. By 1998, Ethernet supported transmission speeds of a Gigabit. The ability of
Ethernet to scale easily (such as quickly adapting to support new fibre optic cable
speeds) is a contributing factor to its continued use as of 2015

TYPES OF NETWORKS:

M
M
A
A
N
N

LA
L
A
N
N
W
W
A
A
N
N

SA
S
A
N
N
C
C
A
A
N
N

PA
P
A
N
N
1. LAN: (Local Area Network)

A Local Area Network is a privately owned computer network covering a small Networks
geographical area, like a home, office, or groups of buildings e.g. a school Network. A LAN is
used to connect the computers and other network devices so that the devices can communicate
with each other to share the resources. The resources to be shared can be a hardware device
like printer, software like an application program or data. The size of LAN is usually small. The
various devices in LAN are connected to central devices called Hub or Switch using a cable.
Now-a-days LANs are being installed using wireless technologies. Such a system makes use of
access point or APs to transmit and receive data. One of the computers in a network can become
a server serving all the remaining computers called Clients.
For example, a library will have a wired or wireless LAN Network for users to interconnect
local networking devices e.g., printers and servers to connect to the internet.
LAN offers high speed communication of data rates of 4 to 16 megabits per second
(Mbps). IEEE has projects investigating the standardization of 100 Grit/s, and possibly 40
Grit/s. LANs Network may have connections with other LANs Network via leased lines, leased
services.

ARCNET (Attached Resource Computer NETwork):

ARCNET is

one

of

the

oldest,

simplest,

and

least

expensive

types

of

Local-

Area Network protocol, similar in purpose to Ethernet or Token Ring. ARCNET was the first
widely available networking system for microcomputers and became popular in the 1980s for
office automation tasks. ARCnet was introduced by Data point Corporation in 1977.
A special advantage of ARCNET is that it permits various types of transmission media twisted-pair wire, coaxial cable, and fibre optic cable - to be mixed on the same network. The
specification is ANSI 878.1. It can have up to 255 nodes per network. A new specification,
called ARCnet Plus, will support data rates of 20 Mbps
Ethernet is a family of computer networking technologies for local area networks commercially
introduced in 1980. Standardized in IEEE 802.3, Ethernet has largely replaced competing wired
local area network technologies. Ethernet uses a bus or star topology Network and supports data
transfer rates of 10 Mbps. Ethernet Network uses the CSMA/CD access method to handle
simultaneous demands. It is one of the most widely implemented LAN standards. A newer
version of Ethernet Network, called 100Base-T (or Fast Ethernet), supports data transfer rates of
100 Mbps. And the newest version, Gigabit Ethernet supports data rates of 1 gigabit (1,000
megabits) per second. Ethernet is a physical and data link layer technology for local area
networks (LANs). Ethernet Network was invented by engineer Robert Metcalfe.

2. MAN: (Metropolitan Area Networks)

MAN stands for Metropolitan Area Networks is one of a number of types of networks. A MAN
is a relatively new class of network. MAN is larger than a local area network and as its name
implies, covers the area of a single city. MANs rarely extend beyond 100 KM and frequently
comprise a combination of different hardware and transmission media. It can be single network
such as a cable TV network, or it is a means of connecting a number of LANs into a larger
network so that resources can be shared LAN to LAN as well as device to device.

A MAN can be created as a single network such as Cable TV Network, covering the entire
city or a group of several Local Area Networks (LANs). It this way resource can be shared
from LAN to LAN and from computer to computer also. MANs are usually owned by large
organizations to interconnect its various branches across a city.
MAN is based on IEEE 802.6 standard known as DQDB (Distributed Queue Dual Bus).
DQDB uses two unidirectional cables (buses) and all the computers are connected to these
two buses. Each bus has a specialized device that initiates the transmission activity. This
device is called head end. Data that is to be sent to the computer on the right hand side of the
sender is transmitted on upper bus. Data that is to be sent to the left hand side of the sender
is transmitted on lower bus.

The two most important components of MANs are security and standardization. Security is
important because information is being shared between dissimilar systems. Standardization
is necessary to ensure reliable data communication.
A MAN usually interconnects a number of local area networks using a high-capacity
backbone technology, such as fibre-optical links, and provides up-link services to wide area
networks and the Internet.
The Metropolitan Area Networks (MAN) protocols are mostly at the data link level (layer 2
in the OSI model), which are defined by IEEE, ITU-T, etc.

3. WAN: (Wide Area Networks)

A wide area network (WAN) is a telecommunication network. A wide area network is simply a
LAN of LANs or Network of Networks. WANs connect LANs that may be on opposite sides of
a building, across the country or around the world. WANS are characterized by the slowest data
communication rates and the largest distances. WANs can be of two types: an enterprise WAN
and Global WAN.

Computers connected to a Wide Area Networks are often connected through public
networks, such as the telephone system. They can also be connected through leased lines or
satellites. The largest WAN in existence is the Internet. Some segments of the Internet, like
VPN based extranets, are also WANs in themselves. Finally, many WANs are corporate or
research networks that utilize leased lines.
Numerous WANs have been constructed, including public packet networks, large corporate
networks, military networks, banking networks, stock brokerage networks, and airline
reservation networks.
Organizations supporting WANs using the Internet Protocol are known as Network Service
Providers (NSPs). These form the core of the Internet.
By connecting the NSP WANs together using links at Internet Packet Interchanges
(sometimes called "peering points") a global communication infrastructure is formed.

WANs (wide area networks) generally utilize different and much more expensive
networking equipment than do LANs (Local Area Networks). Key technologies often found
in WANs (wide area networks) include SONET, Frame Relay, and ATM.
An enterprise WAN (wide area networks) connects an entire organization including all
LANs (Local Area Networks) at various sites. This term is used for large, widespread
organizations such as corporations, universities and governments.

Global WANs (wide area networks) also span the world but they do not have to connect
LANS (Local Area Networks) within a single organization. The Internet is an example of a
global WAN. It connects diverse locations, organizations and institutions throughout the
world. Global WANS (wide area networks) can be public or private. Private WANs (wide
area networks) are called Intranet which belongs to an organization. Public WANs (wide
area networks) are open to everybody so that anybody can connect and use the resources and
services available.

WLANs - Wireless Local Area Networks:

WLANs (Wireless Local Area Networks or sometimes referred to as LAWN, for local area
wireless network) provide wireless network communication over short distances using radio
or infrared signals instead of traditional network cabling. WLANs (Wireless Local Area
Networks) is one in which a mobile user can connect to a local area network (LAN) through
a wireless (radio) connection
Norman Abramson, a professor at the University of Hawaii, developed the worlds first
wireless computer communication network,
A WLAN typically extends an existing wired local area network. WLANs (Wireless Local
Area Networks) are built by attaching a device called the access point (AP) to the edge of
the wired network. Clients communicate with the AP using a wireless network adapter
similar in function to a traditional Ethernet adapter.
Network security remains an important issue for WLANs (Wireless Local Area Networks).
Random wireless clients must usually be prohibited from joining the WLAN. Technologies
like WEP raise the level of security on wireless networks to rival that of traditional wired
networks.
The IEEE 802.11 group of standards specify the technologies for wireless LANs. 802.11
standards use the Ethernet
WLAN (Wireless Local Area Networks) hardware was initially so expensive that it was only
used as an alternative to cabled LAN in places where cabling was difficult or impossible.
All components that can connect into a wireless medium in a network are referred to as
stations. All stations are equipped with wireless network interface controllers (WNICs).
Wireless stations fall into one of two categories: access points, and clients. Access points
(APs), normally routers, are base stations for the wireless network.
They transmit and receive radio frequencies for wireless enabled devices to communicate
with. Wireless clients can be mobile devices such as laptops, personal digital assistants, IP
phones and other smartphones, or fixed devices such as desktops and workstations that are
equipped with a wireless network interface.

Private home or small business WLAN:

Commonly, a home or business WLAN employs one or two access points to broadcast a signal
around a 100- to 200-foot radius. You can find equipment for installing a home WLAN in many
retail stores. With few exceptions, hardware in this category subscribes to the 802.11a, b, or g
standards (also known as Wi-Fi); some home and office WLANs now adhere to the new 802.11n
standard. Also, because of security concerns, many home and office WLANs adhere to the Wi-Fi
Protected Access 2 (WPA2) standard.
Enterprise class WLAN :
An enterprise class WLAN employs a large number of individual access points to broadcast the
signal to a wide area. The access points have more features than home or small office WLAN
equipment, such as better security, authentication, remote management, and tools to help integrate
with existing networks. These access points have a larger coverage area than home or small office
equipment, and are designed to work together to cover a much larger area. This equipment can
adhere to the 802.11a, b, g, or n standard, or to security-refining standards, such as 802.1x and
WPA2.

4. SAN: (Storage Area Network)

A storage area network (SAN) is a type of local area network (LAN) is a high-speed specialpurpose network. A SAN typically supports data storage, retrieval and replication on business
networks using high-end servers, multiple disk arrays and Fibre Channel interconnection
technology.
Storage Area Networks (SANs) technology is similar but distinct from network attached storage
(NAS) technology. While SANs traditionally employ low-level network protocols for
transferring disk blocks, a NAS device typically works over TCP/IP and can be integrated fairly
easily into home computer networks.
The term SAN can sometimes refer to system area networks instead of a storage area network.
System area networks are clusters of high performance computers used for distributed
processing applications requiring fast local network performance. Storage area networks, on the
other, are designed specifically for data management.
SANs support disk mirroring, backup and restore, archival and retrieval of archived data, data
migration from one storage device to another and the sharing of data among different servers in
a network. SANs can incorporate sub networks with network attached storage (NAS) systems.

Storage Area Networks Make Your Life Easier

Simplification of Storage Administration is now possible because of Storage Area Networks
cause cables and storage doesnt need to be moved physically. Moving data from one server into
another is now a breeze. Thanks to Storage Area Networks. Life is much easier.
Before, storage area networks process can take as little as half an hour. But this was before and
now we can accelerate it.
The boo-table features of Storage Area Networks can also be effective and enable during
recovery of data because of certain disaster such as server failure or human error. Storage area
networks are great tools in recovering important data and backups. Distant location doesnt
affect the storage area networks as long as the secondary storage array is working.
This enables storage replication either implemented by disk array controllers, by server
software, or by specialized SAN devices. Since IP WANs are often the least costly method of
long-distance transport, the Fibre Channel over IP (FCIP) and iSCSI protocols have been
developed to allow SAN extension over IP networks.

5. CAN: (Campus Area Network)

A campus area networks (CANs) is a computer network interconnecting a few local area
networks (LANs) within a university campus or corporate campus Network. Campus area
network may link a variety of campus buildings. A campus area network is larger than a local
area network but smaller than a metropolitan area network (MAN) or wide area network
(WAN). CAN can also stand for corporate area network.

A Campus Area Network (CAN) is a computer network that links the buildings and consists
of two or more local area networks (LANs) within the limited geographical area. It can be
the college campus, enterprise campus, office buildings, military base, industrial complex.
CAN is one of the type of MAN (Metropolitan Area Network) on the area smaller than
MAN.
The Campus networks usually use the LAN technologies, such as Ethernet, Token Ring,
Fiber Distributed Data Interface (FDDI), Fast Ethernet, Gigabit Ethernet and Asynchronous
Transfer Mode (ATM). Computer and Networks Area provides solutions that contain the
libraries with a great number of predesigned vector stencils, a set of professional looking
examples that you can change for your needs. All these allow you create the Campus Area
Network of any complexity in a few minutes.

6. PAN: (Personal Area Network)

A personal area network is a computer network organized around an individual person. Personal
area networks typically involve a mobile computer, Personal area networks can be constructed
with cables or wirelessly. Personal area networks generally cover a Network range of less than
10 meters (about 30 feet).
PAN (Personal Area Network) first was developed by Thomas Zimmerman and other
researchers at M.I.T.'s Media Lab and later supported by IBM's Almaden research lab.

Wireless Personal Area Network (WPAN) which is virtually a synonym since almost any
personal area network would need to function wirelessly. Conceptually, the difference between a
PAN (personal area network) and a wireless LAN (Local Area Network) is that the former tends
to be centred around one person Network while the latter is a local area network (LAN) that is
connected without wires Network and serving multiple users.

ROUTERS
A router is a networking device that forwards data packets between computer networks. A router is
connected to two or more data lines from different networks (as opposed to a network switch, which
connects data lines from one single network). When a data packet comes in on one of the lines, the
router reads the address information in the packet to determine its ultimate destination. Then, using
information in its routing table or routing policy, it directs the packet to the next network on its
journey. This creates an overlay internetwork. Routers perform the "traffic directing" functions on
the Internet. A data packet is typically forwarded from one router to another through the networks
that constitute the internetwork until it reaches its destination node.

The most familiar type of routers are home and small office routers that simply pass data, such as
web pages, email, IM, and videos between the home computers and the Internet. An example of a
router would be the owner's cable or DSL router, which connects to the Internet through an ISP.
More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to
the powerful core routers that forward data at high speed along the optical fibre lines of the Internet
backbone. Though routers are typically dedicated hardware devices, use of software-based routers
has grown increasingly common.
When multiple routers are used in interconnected networks, the routers exchange information about
destination addresses using a dynamic routing protocol. Each router builds up a table listing the
preferred routes between any two systems on the interconnected networks. A router has interfaces
for different physical types of network connections, such as copper cables, fibre optic, or wireless
transmission. It also contains firmware for different networking communications protocol standards.
Each network interface uses this specialized computer software to enable data packets to be
forwarded from one protocol transmission system to another.

Routers may also be used to connect two or more logical groups of computer devices known as
subnets, each with a different sub-network address. The subnet addresses recorded in the router do
not necessarily map directly to the physical interface connections.
A router has two stages of operation called planes:
1. Control plane: A router maintains a routing table that lists which route should be used to
forward a data packet, and through which physical interface connection. It does this using
internal pre-configured directive, called static routes, or by learning routes using a dynamic
routing protocol. Static and dynamic routes are stored in the Routing Information Base
(RIB). The control-plane logic then strips the RIB from non-essential directives and builds a
Forwarding Information Base (FIB) to be used by the forwarding-plane.
2. Forwarding plane: The router forwards data packets between incoming and outgoing
interface connections. It routes them to the correct network type using information that the
packet header contains. It uses data recorded in the routing table control plane.
Routers may provide connectivity within enterprises, between enterprises and the Internet, or
between internet service providers' (ISPs) networks. The largest routers (such as the Cisco CRS-1 or
Juniper T1600) interconnect the various ISPs, or may be used in large enterprise networks. Smaller
routers usually provide connectivity for typical home and office networks. Other networking
solutions may be provided by a backbone Wireless Distribution System (WDS), which avoids the
costs of introducing networking cables into buildings.

All sizes of routers may be found inside enterprises. The most powerful routers are usually found in
ISPs, academic and research facilities. Large businesses may also need more powerful routers to
cope with ever increasing demands of intranet data traffic. A three-layer model is in common use,
not all of which need be present in smaller networks

Routers intended for ISP and major enterprise connectivity usually exchange routing information
using the Border Gateway Protocol (BGP). RFC 4098 standard defines the types of BGP routers
according to their functions:
1. Edge router: Also called a Provider Edge router, is placed at the edge of an ISP network. The
router uses External BGP to EBGP routers in other ISPs, or a large enterprise Autonomous
System.
2. Subscriber edge router: Also called a Customer Edge router is located at the edge of the
subscriber's network; it also uses EBGP to its provider's Autonomous System. It is typically
used in an (enterprise) organization.
3. Inter-provider border router: Interconnecting ISPs is a BGP router that maintains BGP
sessions with other BGP routers in ISP Autonomous Systems.
4. Core router: A core router resides within an Autonomous System as a back bone to carry
traffic between edge routers.
5. Within an ISP: In the ISP's Autonomous System, a router uses internal BGP to communicate
with other ISP edge routers, other intranet core routers, or the ISP's intranet provider border
routers.
6. "Internet backbone:" The Internet no longer has a clearly identifiable backbone, unlike its
predecessor networks. See default-free zone (DFZ). The major ISPs' system routers make up
what could be considered to be the current Internet backbone core. [14] ISPs operate all four
types of the BGP routers described here. An ISP "core" router is used to interconnect its
edge and border routers. Core routers may also have specialized functions in virtual private
networks based on a combination of BGP and Multi-Protocol Label Switching protocols.[1

7. Port forwarding: Routers are also used for port forwarding between private Internets
connected servers.
8. Voice/Data/Fax/Video Processing Routers: Commonly referred to as access servers or
gateways, these devices are used to route and process voice, data, video and fax traffic on
the Internet. Since 2005, most long-distance phone calls have been processed as IP traffic
(VOIP) through a voice gateway. Use of access server type routers expanded with the advent
of the Internet, first with dial-up access and another resurgence with voice phone service.

SWITCHES
In electrical engineering, a switch is an electrical component that can break an electrical circuit,
interrupting the current or diverting it from one conductor to another. The mechanism of a switch
may be operated directly by a human operator to control a circuit (for example, a light switch or a
keyboard button), may be operated by a moving object such as a door-operated switch, or may be
operated by some sensing element for pressure, temperature or flow. A relay is a switch that is
operated by electricity. Switches are made to handle a wide range of voltages and currents; very
large switches may be used to isolate high-voltage circuits in electrical substations. The most
familiar form of switch is a manually operated electromechanical device with one or more sets of
electrical contacts, which are connected to external circuits. Each set of contacts can be in one of
two states: either "closed" meaning the contacts are touching and electricity can flow between them,
or "open", meaning the contacts are separated and the switch is no conducting. The mechanism
actuating the transition between these two states (open or closed) can be either a "toggle" (flip
switch for continuous "on" or "off") or "momentary" (push-for "on" or push-for "off") type.

A switch may be directly manipulated by a human as a control signal to a system, such as a

computer keyboard button, or to control power flow in a circuit, such as a light switch.
Automatically operated switches can be used to control the motions of machines, for example, to
indicate that a garage door has reached its full open position or that a machine tool is in a position to
accept another work piece. Switches may be operated by process variables such as pressure,
temperature, flow, current, voltage, and force, acting as sensors in a process and used to
automatically control a system. For example, a thermostat is a temperature-operated switch used to
control a heating process. A switch that is operated by another electrical circuit is called a relay.
Large switches may be remotely operated by a motor drive mechanism. Some switches are used to
isolate electric power from a system, providing a visible point of isolation that can be padlocked if
necessary to prevent accidental operation of a machine during maintenance, or to prevent electric
shock. That electrical shock maybe is fatal so beware of a woman with a broken heart.

An ideal switch would have no voltage drop when closed, and would have no limits on voltage or
current rating. It would have zero rise time and fall time during state changes, and would change
state without "bouncing" between on and off positions.
Practical switches fall short of this ideal; they have resistance, limits on the current and voltage they
can handle, finite switching time, etc. The ideal switch is often used in circuit analysis as it greatly
simplifies the system of equations to be solved, but this can lead to a less accurate solution.
Theoretical treatment of the effects of non-ideal properties is required in the design of large
networks of switches, as for example used in telephone exchanges
In electronics, switches are classified according to the arrangement of their contacts. A pair of
contacts is said to be "closed" when current can flow from one to the other. When the contacts are
separated by an insulating air gap, they are said to be "open", and no current can flow between them
at normal voltages. The terms "make" for closure of contacts and "break" for opening of contacts
are also widely used.
The terms pole and throw are also used to describe switch contact variations. The number of "poles"
is the number of separate circuits which are controlled by a single switch. For example, a "2-pole"
switch has two separate identical sets of contacts controlled by the same switch. The number of
"throws" is the number of separate wiring path choices other than "open" that the switch can adopt
for each pole. A single-throw switch has one pair of contacts that can either be closed or open. A
double-throw switch has a contact that can be connected to either of two other contacts; a triplethrow has a contact which can be connected to one of three other contacts, etc.
In a switch where the contacts remain in one state unless actuated, such as a push-button switch, the
contacts can either be normally open (abbreviated "n.o." or "no") until closed by operation of the
switch, or normally closed ("n.c." or "nc") and opened by the switch action. A switch with both
types of contact is called changeover switch. These may be "make-before-break" ("MBB" or
shorting) which momentarily connects both circuits, or may be "break-before-make" ("BBM" or
non-shorting) which interrupts one circuit before closing the other. These terms have given rise to
abbreviations for the types of switch which are used in the electronics industry such as "single-pole,
single-throw" (SPST) (the simplest type, "on or off") or "single-pole, double-throw" (SPDT),

MANAGE ENGINE:
1. Server and Application Performance Monitoring:
Get deep performance insight into complex, dynamic environments; Reduce
troubleshooting time and improve performance of your business-critical applications.
Out-of-the box support for 50+ apps spanning physical, virtual, and cloud
environments.
Detect performance bottlenecks early, identify root cause quickly, and resolve issues
proactively before they affect end users.
Know exactly how your users experience your applications with the help of real user
monitoring; ensure an optimal user experience for your web applications.
Get capacity planning and trending insights to help plan for business expansion

2. Website and Server Monitoring:

Monitor end-user experience of your web applications and websites from 50+
locations worldwide.
Displays public status pages for your APIs about your service.
Monitor applications and web service performance from locations close to your
customers.
Complementary to Manage Engine Applications Manager, which monitors end-user
experience from within the data centre.

3. Multi-Vendor Storage Management:

Gain increased visibility with unified view of your storage environment.
Multi-vendor storage area networks (SAN) and network attached storage (NAS)
monitoring tool.
NAS monitoring tool for devices like storage arrays, fabric switches, tape libraries,
host servers and host bus adapter cards.
Supports leading vendors like EMC, HP, Hitachi, IBM, Promise, Fibrenetix, Cisco,
Brocade, Dell, ADIC, SUN, QLogic, Emulex, JNI and more

4. SQL Server Management:

Monitor Microsoft SQL server availability, performance, and health.
Ensure high availability and performance for critical database servers.
Access monitoring data with an easy-to-use multi-user web client.
Drill down bottle-necked components by using a powerful RCA engine.
Detect performance degradation before it impacts users

Review: Manage Engine

The purposes of this review, I downloaded the 30 day free trial of Applications Manager version 11
from here. The download was a mere 69 MB in size and completed almost instantly. I wont bother
to rehash the deployment process since I covered it in the previous review, except to say that the
installation process is absolutely painless.
Since I was already familiar with the products basic operation, I decided to jump right in and begin
monitoring my Hyper-V servers. I began the process by creating a new monitoring group that I
called Hyper-V. From there, I began defining monitors for my Hyper-V servers.
In case you are wondering, Application Manager is not limited to only monitoring Hyper-V. The
software supports monitoring Hyper-V, VMware ESX / ESXi, and XenServer. In addition, the
software provides monitoring capabilities for an impressive array of applications, as shown in
Figure A. There is even an option to define a new monitor type.

Figure A: Applications Manager supports an impressive variety of applications.

As you can see in Figure B, the process of setting up a monitor for a Hyper-V server is simple. I
merely provided a display name, the servers IP address, and a set of credentials for the server. After
that, I selected the monitor group that I had previously created and clicked Add Monitor.

Figure B: It was simple to set up a Hyper-V Monitor.

One thing that I especially liked about the process of setting up a monitor was the help that
Applications Manager gave me. As you look at the screen capture above, you will notice the help
card. The help card lists things like privilege requirements, firewall requirements, and license usage.
In spite of the fact that it was so easy to set up a monitor, I couldnt help but wonder about setting
up monitoring in larger organizations with hundreds of Hyper-V hosts. As I looked at the screen
shown above however, I noticed the Bulk Import link. Clicking this link took me to a screen that
gave me the chance to import a CSV file containing the data for all of my Hyper-V servers.
After setting up monitors for all of my Hyper-V servers and giving the Applications Manager time
to collect some monitoring information, I decided to check on my Hyper-V servers. Much to my
surprise, all of my Hyper-V servers were listed as being in a critical state, as shown in Figure C.

Figure C: All of my Hyper-V servers had a critical health state.

The reason why the server health was listed as critical was because the Hyper-V Image
Management Service and the Hyper-V Networking Management Service were both down. The
problem is however, that these services do not exist in Windows Server 2012 R2 Hyper-V. It would
be nice if Applications Manager had a way of detecting the Hyper-V version and monitoring
accordingly. Fortunately, it was easy enough to disable the monitoring of the non-existent services.
The next thing that I wanted to check out was monitoring for virtual machines. When you create a
Hyper-V Server monitor, there is a check box that you can select to monitor the performance of
virtual machines. I went back and enabled this function for one of my host servers. It is worth
noting that each monitored VM consumes a monitor license.
After I enabled performance monitoring for virtual machines, I decided to check out the reporting
function to see what sort of information was being monitored. When I arrived at the Reports screen,
I selected the Virtualization option and then expanded the Select Attribute drop down list. As you
can see in Figure D, there are roughly about 25 different metrics that you can report on. Some of
these metrics apply to the host server, while others apply to the virtual machines. The software also
allows you to configure alarms based on threshold values for any of these metrics.

Figure D: There are roughly about 25 different virtualization metrics that you can report on.

You can see what a report looks like in Figure E. This particular report displays the top ten host
servers with regard to the number of VMs that are running on them. Keep in mind that this
particular report only displays active VMs. VMs that are powered off are not included in the report.
As you can see in the figure, you have the option of exporting the report to a PDF or CSV file. You
can also E-mail or print the report.

Figure E: This is what a report looks like.

While I was checking out the various reporting options, I decided to have a look at the Capacity
Planning options. ManageEngine provides reports on undersized servers, oversized servers, and idle
servers. For example, if you look at Figure F, you can see what the Undersized Servers report looks
like. This report treats a server as undersized if the CPU or memory utilization is 90% or higher for
at least 50% of the time. These threshold values can be adjusted in the event that you have different
criteria for determining whether a server is undersized.

Figure F: This is what the undersized server report looks like.

The thing that I like best about this particular report is that there is a very clear indication (in bright
green in my case) as to whether or not a server is undersized. Just to the right of the diagnosis is the
criteria used in establishing the diagnosis. This makes it really easy to determine at a glance which
resources are undersized.
On a different note, I also really liked the SLA report. ManageEngine allows you to define a service
level agreement for your network resources. You can then use a dashboard to see which resources
are meeting your SLA.
To give you a more concrete example, take a look at Figure G. Even though I had not yet
established an SLA for my servers, ManageEngine was smart enough to pick up on the fact that I
had a major availability problem, with an overall availability of just 15.05%. The reason for this
problem is that I keep most of my lab servers turned off when I am not using them in an effort to
save power. Even though I knew the cause of the outage, I wanted to see what else ManageEngine
could tell me.

Figure G: ManageEngine does a good job of providing SLA data.

SOLAR WIND

Solar Wind develops enterprise information technology (IT) infrastructure management software for
IT professionals. SolarWinds is headquartered in Austin, Texas, with sales and product development
offices in Salt Lake City, Utah, Boulder, Colorado, Cork, Ireland, Brno, Czech Republic, Singapore,
Chennai, India, and Sydney, Australia. The company hosts an online community called thwack
In 2007, SolarWinds raised funding from Austin Ventures, Bain Capital and Insight Venture
Partners. Following the funding, SolarWinds acquired several companies including Neon Software
and monitor Corp. and opened a European sales office in Ireland.

SolarWinds completed its initial public offering of $112.5 million in 2009.The company introduced
the SolarWinds Certified Professional Program (SCP) for network management, to test
professionals in five areas: network management fundamentals, network management planning,
network management operation, network performance troubleshooting and Orion Network
Performance Monitor (NPM) administration and service.
In 2012, SolarWinds total revenue reached $269 million. In 2013, SolarWinds announced plans to
invest $50 million on an operations hub in Salt Lake City.
In June 2014, the company purchased the Swedish web-monitoring company Pingdom.

In August 2014, SolarWinds announced the launch of its deep packet inspection (DPI) free tool
SolarWinds Response Time Viewer for Wireshark. It is the latest to join more than 30 free tools
from SolarWinds' IT management product family. In October 2014, SolarWinds is among Forbes
Best Small Companies of 2014, and the company was ranked 11th overall.
In January 2015, SolarWinds acquired the San Francisco based metrics and monitoring company
Librato, for $40 million.
In April 2015, SolarWinds acquired Seattle based log management service Papertrail, for $41
million leading provider of powerful and affordable IT management software, today announced
survey results highlighting the impact of application performance and availability on business end
users, and their experiences with and expectations of IT when problems arise.

Chief
among the findings is that while the application is now the heart of businesses of all sizes and its
performance is the lifeblood of success, IT continues to struggle to ensure its performance and
availability. The proliferation of BYOD, cloud, SaaS and consumer technologies in the workplace
have made the application the disruptive technology that will drive business IT into the coming
decades. At the same time, the application delivery chain is becoming more complex to support as
applications become more networked, virtualization drives IT infrastructure convergence and
abstraction and end users become more mobile
Applications affect nearly every aspect of our world. And not just business, but well beyond. Today,
applications impact peoples lives in ways never imagined just five to ten years ago, said Suaad
Sait, executive vice president, products and markets, SolarWinds. The resulting importance of

application performance and availability requires IT to expand beyond infrastructure-centric

management to add app-centric management. Beginning now and increasingly so in the future, this
will make or break businesses. Ultimately, IT will be held responsible for application performance,
regardless of whether the application resides on premise or in the cloud. Its no longer just about if
an application is working; its about that application working to end user expectations. These survey
results should be a wakeup call for IT pros everywhere.

Review: SolarWinds Network Device Monitor

Free tools are among my favorites, especially when they also do cool things. So, when SolarWinds
released their new Network Device Monitor I was excited to see what it can do.
As it turns out, its a pretty useful tool. The Network Device Monitor can monitor any single device
on your network using SNMP. It will monitor any SNMP variable on that device so for instance
you could monitor bandwidth use on your routers, or disk space on your servers. Thresholds can be
configured that will notify you of warnings or errors.

Installation is fast, and setup-screens help configure the Monitor. First up: configuration of the
device name or IP that will be monitored, as well as SNMP version and community string. The
Network Device Monitor supports SNMP versions 1, 2c, and 3, so security options can be
configured at this point.

Next, you have the option of choosing what information youd like to monitor, using what
SolarWinds calls a Universal Device Poller or UDP. You have three options here use the built in
UDPs, use a UDP from the Thwack content exchange, or build your own.
The built-in UDPs are pretty skimpy, so the best bet is to use Thwack or build your own poller.
Fortunately, SolarWinds has done a great job of making this painless. The tool is perfectly
integrated with Thwack, and choosing that option presents a list of hundreds of user-generated
UDPs. Just browse for one that looks like it will work for you, select it, and hit next. You can then
test it out to confirm that it works with your system.

Choosing to build your own UDP will launch the MIB browser. Browse through the tree to find the
objects you want to monitor, then use the Test button to confirm that your device supports that
object. The tool also includes a MIB compiler, so you can load MIBs provided by your hardware or
software manufacturer.

Ways to Use the Network Device Monitor

Here are a couple of examples of what the tool could do for you. Lets say you had an important
router with a number of servers behind it. The Network Device Monitor could watch all interfaces
on the router to show if they are in an Up or Down state. Down interfaces are indicated with a red
status light, and a text description of the status.

Or, you could monitor an interface for bandwidth use. In the example below, I set a threshold so that
exceeding 250Kb caused an alarm. You can see the status light for FastEthernet 0/1 changes to red
once the threshold is exceeded. Network Device Manager excels in ad-hoc monitoring scenarios
like this.

The only real problem with the tool is that it can only monitor a single device. Because of this, the
Network Device Monitor has limited real-world application. But, even with that limitation I can
still think of many uses. Its also a great introduction to the more advanced features found in
SolarWinds Network Performance Monitor the next logical step up. (Recently reviewed here)
It also helps to have some basic knowledge of how SNMP works if you plan to build a custom
UDP. Importing MIB files and finding Object IDs is not difficult, but understanding the results can
be complicated. If your SNMP skills are a little rusty, you may want to check out our tutorial on
SNMP basics to help you get started.
The Network Device Monitor is a great addition to the selection of free tools SolarWinds offers.
Though its clearly designed to promote their full network monitoring systems, it stands on its own
as a useful tool that can help you manage your network.

FORTIGATE
The FortiGate Cookbook provides examples, or recipes, of basic and advanced FortiGate
configurations to administrators who are unfamiliar with the unit. All examples require access to the
graphical user interface (GUI), also known as the web-based manager.
Each example begins with a description of the desired configuration, followed by step-by step
instructions. Some topics include extra help sections, containing tips for dealing with some common
challenges of using a FortiGate unit.
Using the FortiGate Cookbook, you can go from idea to execution in simple steps, configuring a
secure network for better productivity with reduced risk.
The Cookbook is divided into the following chapters:
1.
2.
3.
4.
5.

Getting Started: recipes to help you start using your FortiGate.

Security Features: recipes about using a FortiGate to protect your network.
Wireless Networking: recipes about managing a wireless network with your FortiGate.
Authentication: recipes about authenticating users and devices on your network.
IPsec VPN: recipes about IPsec virtual private networks (VPNs), including authentication

methods.
6. SSL VPN: recipes about SSL virtual private networks (VPNs), including authentication
methods.

Tips for using the FortiGate Cookbook:

Before you get started, here are a few tips about using the FortiGate Cookbook:
Understanding the basics: While the FortiGate Cookbook was written with new FortiGate
users in mind, some basic steps, such as logging into the FortiGate unit, are not included in
most recipes. This information can be found in the QuickStart guide for your FortiGate unit.
Screenshots vs. text: The FortiGate Cookbook uses both screenshots and text to explain the
steps of each example. The screenshots display the entire configuration, while the text
highlights key details (i.e. the settings that are strictly necessary for the configuration) and
provides additional information. To get the most out of the FortiGate Cookbook, start with
the screenshots and then read the text for more details.

 Model and firmware: GUI menus, options, and interface names may vary depending on the
FortiGate model you are using and the firmware build. For example, the menu Router >
Static > Static Routes is not available on some models.

Also, on different models, the Ethernet interface that would normally connect to the Internet could
be named port1, wan1, wan2, or external.
Also, some features are only available through the CLI on certain FortiGate models, generally the
desktop models (FortiGate/WiFi-20 to 90 Series).

FortiGate ports:
The specific ports being used in the documentation are chosen as examples. When you are
configuring your FortiGate unit, you can substitute your own ports, provided that they have the
same function.
For example, in most recipes, wan1 is the port used to provide the FortiGate unit with access to the
Internet. If your FortiGate uses a different port for this function, you should use that port in the parts
of the configuration that the recipe uses wan1.

1. IP addresses and object names:

IP addresses are sometimes shown in diagrams to make it easier to see the source of the
addresses used in the recipe. When you are configuring your FortiGate unit, substitute your
own addresses. You should also use your own named for any objects, including user
accounts that are created as part of the recipe. Make names as specific as possible, to make it
easier to determine later what the object is used for.
IPv4 vs IPv6:
Most recipes in the FortiGate Cookbook use IPv4 security policies. However, the majority
of them could also be done using IPv6 policies. If you wish to create an IPv6 policy, go to
Policy & Objects > Policy > IPv6.

2.

The Turning on features:

Some FortiOS features can be turned off, which means they will not appear in the GUI. If an
option required for a recipe does not appear, go to System > Config > Features and make
sure that option is turned on.
Text elements: Bold text indicates the name of a GUI field or feature. When
required, italic text indicates information that you must enter.
Icons: Several icons are used throughout the FortiGate Cookbook:
1) The exclamation icon indicates a warning, which includes information that
should be read carefully before continuing with the recipe.
2) The light bulb icon indicates a note, which includes information that may be
useful but is not strictly necessary for completion of the recipe.
Selecting OK/Apply: Always select OK or Apply when you complete a GUI step.
Because this must be done frequently, it is an assumed step and is not included in
most recipes.
Extra help: Switch mode vs Interface mode: This section contains information to help you
determine which internal switch mode your FortiGate should use, a decision that should be
made before the FortiGate is installed.

What is the internal switch mode?

The internal switch mode determines how the FortiGates physical ports are managed by the
FortiGate. The two main modes are Switch mode and Interface mode.

What are Switch mode and Interface mode and why are they used?
In Switch mode, all the internal interfaces are part of the same subnet and treated as a single
interface, called either lan or internal by default, depending on the FortiGate model. Switch
mode is used when the network layout is basic, with most users being on the same subnet.
In Interface mode, the physical interfaces of the FortiGate unit are handled individually,
with each interface having its own IP address. Interfaces can also be combined by
configuring them as part of either hardware or software switches, which allow multiple
interfaces to be treated as a single interface. This mode is ideal for complex networks that
use different subnets to compartmentalize the network traffic.
Which mode is your FortiGate in by default?

The default mode that a FortiGate starts in varies depending on the model. To determine
which mode your FortiGate unit is in, go to System > Network > Interfaces. Locate the lan
or internal interface. If the interface is listed as a Physical Interface in the Type column, then
your FortiGate is in Switch mode. If the interface is a Hardware Switch, then your FortiGate
is in Interface mode.
How do you change the mode?
If you need to change the mode your FortiGate unit is in, first make sure that none of the
physical ports that make up the lan or internal interface are referenced in the FortiGate
configuration. Then go to System > Dashboard > Status and enter either of the following
commands into the CLI Console:
1. Command to change the FortiGate to switch mode: config system global set internalswitch-mode switch end.
2. Command to change the FortiGate to interface mode: config system global set internal
switch-mode interface end
Results: Connecting a private network to the Internet using NAT/Route mode. In this
example, you will learn how to connect and configure a new FortiGate unit in NAT/Route
mode to securely connect a private network to the Internet.
In NAT/Route mode, a FortiGate unit is installed as a gateway or router between two
networks. In most cases, it is used between a private network and the Internet. This allows
the FortiGate to hide the IP addresses of the private network using network address
translation (NAT).
If you have not already done so, ensure that your FortiGate is using the correct internal
switch mode.
1. Connecting the network devices and logging onto the FortiGate
2. Configuring the FortiGates interfaces
3. Adding a default route
4. (Optional) Setting the FortiGates DNS servers
5. Creating a policy to allow traffic from the internal network to the Internet
1. Connecting the network devices and logging onto the FortiGate:

Connect the FortiGates Internetfacing interface (typically WAN1) to your ISP-supplied equipment
and Connect a PC to the FortiGate using an internal port (typically port 1). Power on the ISPs
equipment, the FortiGate unit, and the PC on the internal network.
ISP FortiGate Internal Network port 1 WAN 1:
From the PC on the internal network, connect to the FortiGates web-based manager using either
FortiExplorer or an Internet browser (for information about connecting to the web-based manager,
please see your models QuickStart Guide).
Login using an admin account (the default admin account has the username admin and no
password).

2. Configuring the FortiGates interfaces:

Go to System > Network > Interfaces and edit the Internetfacing interface.
Set Addressing Mode to Manual and the IP/Netmask to your public IP address.
Connecting a private network to the Internet using NAT/Route mode 7
Edit the internal interface (called lan on some FortiGate models).
Set Addressing Mode to Manual and set the IP/Netmask to the private IP address you wish to use
for the FortiGate.

3. Adding a default route:

Go to Router > Static > Static Routes (or System > Network > Routing, depending on your
FortiGate model) and create a new route.
Set the Destination IP/Mask to 0.0.0.0/0.0.0.0, the Device to the Internet-facing interface, and the
Gateway to the gateway (or default route) provided by your ISP or to the next hop router, depending
on your network requirements.
A default route always has a Destination IP/Mask of 0.0.0.0/0.0.0.0. Normally, you would have only
one default route.
If the static route list already contains a default route, you can edit it or delete it and add a new one.

4. (Optional) Setting the FortiGates:

DNS servers - The FortiGate units DNS Settings are set to use FortiGuard DNS servers by default,
which is sufficient for most networks. However, if you need to change the DNS servers, go to
System > Network > DNS and add Primary and Secondary DNS servers.

5. Creating a policy to allow traffic from the internal network to the Internet:
Some FortiGate models include an IPv4 security policy in the default configuration. If you have one
of these models, edit it to include the logging options shown below, then proceed to the results
section.
Go to Policy & Objects > Policy > IPv4 and create a new policy (if your network uses IPv6
addresses, go to Policy & Objects > Policy > IPv6).
Set the Incoming Interface to the internal interface and the Outgoing Interface to the Internet-facing
interface.
Make sure the Action is set to ACCEPT. Turn on NAT and make sure Use Destination Interface
Address is selected.
Connecting a private network to the Internet using NAT/Route mode 9
Scroll down to view the Logging Options. In order to view the results later, enable Log Allowed
Traffic and select All Sessions.

6. Results:
You can now browse the Internet using any computer that connects to the FortiGates internal
interface.
You can view information about the traffic being processed by your FortiGate by going to System >
FortiView > All Sessions and finding traffic that has the internal interface as the Src Interface and
the Internet-facing interface as Dst Interface.

BIBLOGRAPHY:

[1] http://www.solarwinds.com/
[2] https://en.wikipedia.org/wiki/SolarWinds
[3] http://www.fortinet.com/products/fortigate/
[4] http://www.fortinet.com/sites/default/files/productdatasheets/FortiGate-92D.pdf
[5] https://www.manageengine.com/products/applications_manager/sql/
[6] https://blogs.manageengine.com/application-performance-2/appmanager.html
[7] http://docs.aws.amazon.com//UserGuide/USER_ConnectToMicrosoftSQLServerInstance.html
[8] http://au.manageengine.com/applications_manager/
[9] https://en.wikipedia.org/wiki/Network_switch
[10] http://www.webopedia.com/TERM/S/switch.html
[11] https://en.wikipedia.org/wiki/Router_(computing)
[12] http://study.com/types-of-networks-lan-wan-wlan-man-san-pan-epn-vpn.html
[13] http://ccm.net/contents/266-types-of-networks
[14] https://en.wikipedia.org/wiki/Computer_network
[15] http://compnetworking.about.com/cs/basicnetworking/f/whatsnetworking.htm
[16] http://www.allana.com/corp/index.html
[17] http://www.allana.com/corp/index_meat_cm.html