Reviews
Showing 1 - 5 of 10 Results | Page 1 of 2 | 12 Next >
pfSense: A Router That Stands Up To Traffic
18-Aug-10 22:27
I've gone through hardware routers at the rate of about one a year, primarily cheap brands like D-Link and Airlink. They were inexpensive in dollars yet costly in terms of the time I spent wrestling with their limitations. They rarely locked up but were often a bottleneck. Streaming a TV show or sports event from the internet made my cable internet feel like dial-up. I kept buying newer models, hoping to find a satisfactory one.
Then I discovered software called Ipcop that can turn most any old computer into a gateway, firewall and DHCP/DNS server. All I needed to add was a second network card. The speeds climbed to what I expected. However, it made me hungry for more data from and control over this quasi appliance. For example, I still couldn't view the traffic and throughput in real time; nor could I adjust how much bandwidth was going to different applications.
Installation and Setup
I decided to try pfSense, a FreeBSD-based distribution that claims to do all this and more. Although BSD lacks some of Linux's support for the latest video and USB devices, that doesn't matter when you're building a machine dedicated to networking. And because the release 1.2.3 ISO image is a live CD, you can verify that your network adapters are recognized before you commit to installing it. The pfSense site has a set of screenshots showing the steps. The sequence may seem intimidating to a beginner. However, there's only a couple of decisions that require thought.
First, pfSense boots to a spartan black and white console with a numbered menu. Choose menu option 1 to assign your WAN and LAN interfaces. Your WAN interface is the one you'll connect to your modem and the public internet. The LAN interface is the one you'll attach to your computer or, if you're serving multiple computers, to a network switch or access point. Thus, the average user needs two network cards (or a network card in addition to your motherboard's built-in LAN port), and pfSense won't work without both of them available. pfSense will report the device names that it detects. In my case, I chose rl0 (a Realtek RTL8139 network adapter card) as the WAN interface, and lx0 (a built-in Intel network chip on the motherboard) as the LAN interface.
Only one more thing to do: select menu option 2 and define the LAN IP address. You can now ping other IP addresses on the internet and your private network to verify connectivity.
Next, I installed pfSense to the hard disk (menu option 99). pfSense only needs a few gigabytes space, so even a small hard disk will do. I chose the Quick/Easy install method, which automatically wipes, formats and partitions the drive. BSD systems don't use the MS-DOS kluge known as an extended partition. pfSense has you choose one primary partition for the entire OS, which is then subdivided into "slices" for the filesystem and swap. You don't have to worry about these details; the Quick/Easy install option takes care of them all, including the installation of a boot loader (bootblock).
A few minutes later, I was booting into my new system with the same black and white menu. I repeated the steps I had done during LiveCD testing to verify my settings. At this point, I could login from a web browser on another computer by using the IP address I had assigned (http://192.168.0.1). pfSense prompted me to run the Setup Wizard. There were about a half dozen text entry boxes to fill out, including my domain name, DNS addresses, timezone, and new admin password.
Performance and Features
That's all it takes to get pfSense up and running. I didn't have to define a single firewall rule. pfSense defaults to allowing all outbound connections initiated from your LAN and denying all inbound connections coming from the WAN. Users that want to open ports to the internet or deny certain types of activities can add their own rules. Typical home users won't need any.
I've only been using pfSense for a few days, but it's been absolutely stable and shows no risk of being overwhelmed. Its graphs display load and traffic history every which way, over hours, days, even months. On a Dell GX110 Pentium III (667 mhz) with only 256mb RAM, the CPU is rarely more than 5% busy, and RAM usage has never exceeded 25%.
One of the main advantages of pfSense over Ipcop is its ability to shape traffic precisely. My home phone service is from Vonage, and the voice quality can suffer when other traffic hogs the bandwidth. Many consumer routers offer a Quality of Service (QoS) feature, yet the user has little control over how it works. pfSense has an EZ Shaper wizard that addresses my VOIP problems. By answering the Wizard questions, it sets up traffic rules that divide up traffic into queues. While I did have to supply my download and upload speeds in Kbps (I got my numbers from Speedtest), the wizard managed the queue setup for me. For example, it asked me do I want to prioritize VOIP over other applications. If yes, it gives that queue a High priority. Moreover, pfSense let me specify how much bandwidth to guaranty for VOIP. I can also lower or raise priority for specific applications and services over standard ports. For peer-to-peer applications like bittorrent, I don't have to specify them individually. pfSense lets me toss them into a "p2pCatchAll" queue with Low priority.
pfSense provides the DNS and DHCP services you would expect from a router appliance. The DHCP server can convert dynamic leases to fixed ones. If you boot thin clients from the network, you'll appreciate the option to specify the server's IP address and filename.
The DNS server was more flexible than the hardware router I used previously. I needed it to forward queries to a local DNS on my private subnet as well to the DNS upstream on the public internet. pfSense handled the requests transparently. All clients automatically used the pfSense IP as their sole DNS and received answers from it, regardless of where the requests were forwarded.
I've only scratched the surface of the feature set. In time, I'll explore the rest. Besides scheduling and syslogging, pfSense advertises an NTP daemon, Ipsec, OpenVPN, load balancing, and UPNP. You can enable or install packages for Snort intrustion detection, the Squid web proxy, HAVP/Clam anti-virus, and FreeSwitch telephony. Administrators can backup and restore the configruation from XML files, and install bug fixes and upgrades directly from the internet.
A Clear Difference
I'm very impressed with pfSense so far. I had expected a product thick with features but difficult to configure. Getting a working setup was almost trivial, thanks to the wizards. I don't have benchmarks, but subjectively the speed is faster and more consistent than when I used a hardware router. I also got a significant speed boost when I used Ipcop. The differentiating advantage of pfSense over Ipcop is that my Vonage phone calls are clearer. I could always hear the other party fine. Now, for the first time, the upload speed (from LAN to WAN) is reliable enough that my outbound voice doesn't periodically break up or get delayed.
Does pfSense make sense for you? It can't do everything that a Unified Threat Management (UTM) application can do, but what it does it delivers exceedingly well. Google around and you'll find people who swear that it can scale to support more demanding businesses. Commercial support is available, should you need it. Given how cheaply and quickly you can deploy a pfSense box, what have you got to lose?View comments for this article
Social Media and the Wisdom of Crowds
30-Jun-10 08:26
James Surowiecki's The Wisdom of Crowds, published in 2004, has been influential in financial markets and corporate transformations. It also has plenty of ideas relevant to social networking's future.
The book's leading concept is that that collective intelligence -- aggregating diverse opinions -- can out-perform judgments made by alleged experts and executives. Estimates are better when they pool many invidividual investors' bets; decisions are better when produced by decentralized organizations than by top-down initiatives.
This work has plenty of cautionary tales, and the failures are what makes it worth reading. The author warns that the group isn't smarter when individuals start trusting public information more than their own private knowledge. He points to information "cascades" where people do something because everyone else is doing it. The clearest examples are the last two stock market bubbles, when investors put aside their doubts and started following the ticker tape. The product of this lemming-like behavior can be worse than decisions made by a central committee. I would add that the ability of the crowd to estimate is limited even more than Surowiecki acknowledges. Group estimates work much better for predictable bell-curve type distributions than for rare but catastrophic events like market crashes, as Nassim Nicholas Taleb demonstrates in The Black Swan.
At first glance, social networking would seem the perfect environment for crowd wisdom. Participants are often anonymous to one another. Contrary to organizations, the average social media participant has no paycheck, relationships or loyalties that could interfere with her honest assessment. Surowiecki's enthusiasm for applying stock market simulations to other forecasting like elections and foreign affairs would seem to work well on an internet site.
However, there are several barriers to making effective use of mass participation. The tendency of internet forums to attract people with anti-social behavior is a significant problem. While a troll would be quickly silenced in a face-to-face meeting (and unlikely to even be in the room), the internet poses no such barriers to entry. Financial motivation may be replaced with something equally bad: the need to aggrandize one's ego, and impatience and hostility towards other members who don't agree with one's reasoning or conclusions.
Also, internet forums have some of the same problems as business task forces and focus groups. They're rarely a random cross-section of people. Internet sites are often self-selected samples of people with keen interests in a topic and a willingness to write or vent about it. They're hardly disinterested observers. In addition, even when the posts are civil, the cyber-atmosphere isn't. People have the burden of introducing and proving themselves. Depending on one's personality and confidence in his writing, the internet may be either an incentive or detriment to venturing an opinion. My own belief is that forums are excellent for sharing and arguing about technical information, but less suited when it comes to fuzzier issues that require contributions from the quieter members of the group.
The Wisdom of Crowds distinguishes between problems involving collective agreement and ones requiring coordination or cooperation. But collective agreements are of two fundamentally different types. One type is a decision to act by picking among two or more choices (what should we do); the other is an estimation or forecast (what is happening, or what will happen). Social media in its current state is more suited to the latter. The limited ability to make decisions isn't only because the group is for discussion only -- it can advise but it lacks the authority to act on anyone's behalf. Good decisions often can't be made until you've gathered all the facts, and some of the best decisions are ones whose choices are framed by the discussion, not generated in advance. Therefore, to even advise on complex decisions, social networking needs tools where the options can evolve from the group debate. The poll or voting booth, with its canned multiple choices, is a poor substitute for this negotiation.
Nevertheless, I wouldn't bet against the ability of social media to acquire the necessary sophistication. The ubiquity of e-mail and instant messaging, plus the growth of mobile apps and virtual companies, suggests that decision-making is only going to get more distributed. The technology will become wiser, because it has to.
The Wisdom of Crowds, by James Surowiecki, Anchor, August 16, 2005, ISBN-10: 0385721706 ISBN-13: 978-0385721707
View comments for this article
You Are Not a Gadget
11-Jun-10 12:37
Jaron Lanier’s recent book, You Are Not A Gadget, is a broad criticism of the internet. Lanier thinks cyberspace is full of unimaginative software. Web 2.0 is window dressing on a tired paradigm. Silicon Valley is funding trivial applications.not much better than than the hasty business plans of the dot-bomb era. Users have bought into a mash-up universe where authorship is not rewarded and content is divorced from context. Anonymity and incivility rule.
All information is becoming one big book, managed by Google’s search engine. Lanier derides those who think this trend is desirable, calling them digital Marxists who believe in the eventual “singularity” of knowledge with the same fervor as a fundamentalist Christian awaiting the Rapture. This vision is anti-humanist, because it treats people as unimportant once their contributions have been uploaded to “the hive."
Lanier is eager not to be judged a Luddite. He's one of the fathers of virtual reality programming. His disappointments are similar to those of a pioneer reviewing the settled civilization that followed him. As the book's title suggests, he's not impressed with the landscape. Instead of exposing us to new experiences, internet applications are dumbing us down. People are becoming more like machines in order to interact with their computers. It should be the other way around. This theme may sound like the growing backlash of articles about the dangers of internet dependency. (See, for example, Is Google Making Us Stupid?.) However, this work isn't a signal for retreat. It's a call for us to demand more from technology
The author worries about where we're heading as the internet erases geographic, business, and personal boundaries. He questions whether the mass unpaid participation of the “free" social web can produce the same quality as commercial software. As a Microsoft fellow, he may appear self-interested in this subject (although he points to Apple as the exemplar of quality engineering). But a closer reading of this book shows that he's more concerned about the artist than the entrepeneur. The internet and the Creative Commons model allow others to re-mix a performer's or writer's work without compensating him and without even his knowledge and consent. This freedom to copy dissolves the relationship between the performer and the audience. A musician in his spare time, Lanier thinks the value of recordings can only be restored by re-introducing them in physical packaging. He proposes the creation of "songles" -- micro-chips embedded in everyday objects -- that would enable playback of a purchased tune, functioning like a dongle but connecting wirelessly to any audio system in the vicinity.
I enjoyed Lanier's irreverent shrugs about Linux (it's just an extension of Unix, a decades-old operating system) and Wikipedia (there are usually better sources of information just below it in a Google search). The most interesting chapter is the explanation of software "lock-in". By this term, Lanier doesn't mean a single vendor's strategy. He's talking about the unintended inflexibility of software design as a code base grows larger and more inter-dependencies are created between packages. So-called standards enable rapid development of new software -- you don't have to re-invent the wheel -- but at the price of creativity. The patterns become entrenched and we quickly lose the ability to do things any other way. He illustrates how even a revolutionary concept like MIDI notation, which was designed for keyboard instruments, has narrowed our idea of the musical note, and therefore musical composition, to fit within its limits.
You Are Not A Gadget has the marks of a cogent essay stretched into a rambling disorganized book. If you take it as a tonic against internet hype, it's a fun read.
You Are Not A Gadget: A Manifesto, by Jaron Lanier, Knopf, January 12 2010, ISBN-10: 0307269647, ISBN-13: 978-0307269645
View comments for this article
The Long Tail Revisited
06-May-10 11:13
I've been reading The Long Tail, the 2006 blockbuster extolling the unlimited consumer choice made possible by the internet. The book was written by Chris Anderson, editor of Wired magazine. Its title is now part of the marketing lexicon, and aptly captures the author's thesis: there's a lot of money to be made by offering goods beyond the top sellers. Niche products individually don't account for much revenue, but cumulatively they add up to a lot of profit.
How well do Anderson's observations stand up four years later? Better than most predictions, I'd say. Anderson's examples are derived largely from the behemoths of internet retailing. He documents success stories that continue in 2010, such as Amazon, eBay, and Netflix. He's at his most prescient when writing about the entertainment industry. Anderson once worked in the music business and correctly predicts the increasing demand for lesser known artists at the expense of major labels and mass marketing. His description of the new generation of consumers rings truer today than ever. Younger people are accustomed to scanning the internet and picking things that establish their identities and individualities from this universe. Traditional methods of broadcasting and controlling content are hopelessly outdated for this audience.
The Long Tail doesn't claim to be a crystal ball, so it's a bit unfair to critique it for omissions. Nevertheless, it gave scant notice to a a few emerging trends. The most obvious is the connection between social media and internet video. Anderson pictured internet video as a means of selling old TV episodes, but didn't mention self-production, distribution, and promotion using this avenue. At the time of publication, Google hadn't yet purchased Youtube. Yet, it's interesting that Anderson failed to see how the same "democratization" he describes in the recording industry would also apply to video.
Anderson also takes a cursory look at the economics of software-as-a-service (SaaS) companies. Although he illustrates the success of Salesforce.com and how this model creates a secondary market of platform developers to customize it, he doesn't deal with competition and survival -- how these new services will supplant old software, change the consulting business, and whether these spaces will inevitably consolidate as they mature or remain fragmented.
The Long Tail is written for the mass market, but it's not a how-to book. It won't tell a start-up or small retailer how to compete with big businesses that have already mastered the distribution system of the internet economy and its virtual warehouses. It's still highly applicable to e-commerce today, and recommended reading for refreshment and inspiration. There's likely demand out there for whatever you offer, if you can find a way to connect with it.
The Long Tail: Why the Future of Business is Selling Less of More, by Chris Anderson, Hyperion July 11, 2006, ISBN-10: 1401302378, ISBN-13: 978-1401302375
View comments for this article
Rework: How To Succeed in Business Without Really Growing
16-Mar-10 15:25
Rework is as much a manifesto as a business guide. The content is less bombastic than some of its advance publicity, but be prepared for a polemic. Authors Jason Fried and David Heinemeier Hansson (the inventor of Ruby on Rails) argue why you should keep your company's size and products as small as possible. Their attitude toward growth for the sake of growth is skeptical, if not outright antagonistic. Their main exhibit is 37Signals, the company they founded, which has only 15 employees serving millions of customers.
They make a compelling case why start-ups and entrepreneurs (two terms they detest) should put aside plans for creating a big splash in the market. The book advises anyone with business ambitions to do what they love, embrace constraints like lack of outside funding, launch quietly and work to build incrementally on small successes with real customers. Readers who have spent a few years in high tech won't find many surprises here, as these observations have now become industry imperatives. However, newer entrants will find some inspiration in them. Rework assures you that you can build a sustainable business without 80-hour work weeks, consultants, and major expenses -- if you focus on the right things.
The authors are at their best when applying their small-is-beautiful credo to operational decision-making. Without jargon, they apply concepts recognizable from agile software development. According to Fried and Hansson, business plans, even medium term ones, are guesses; therefore, one shouldn't waste much time on them. Instead, a business should focus on the immediate weeks to come. It's important that your team have an exact understanding on where you're heading at the moment. You'll decide on what happens next when you get there. They note how a new, anonymous company can use this stepwise cycle to its advantage, for instance by experimenting and collecting feedback to guide the next stage.
Another consequence of this just-in-time approach to planning is that it simplifies prioritization for most workers. There's only two classes of things: what we're working on now, and what can wait until later. As an example of their commitment to this extreme, the writers brag that they launched their flagship product, Basecamp, without even an invoicing system -- knowing that they'd have 30 days to put one together for their first monthly billing.
As a product manager, I was particularly interested in the book's argument for sticking to a limited feature set. There are multiple reasons against adding new features. They make the software too complex for some customers; they distract you from improving your core competency into doing too much; they make you less innovative, too worried about imitating competitors. The authors are so passionate about sticking with your own vision of the product that they caution you against listening too much to your customers, even at the risk of losing them. Talking about their experience with Basecamp, their project collaboration software, they say they resisted the urges of existing clients to make it into a more full-blown project management system. Their rationale? They're more interested in selling to the vast millions who want basic features than the smaller number who want an advanced product.
The latter chapters fail to sustain the promise of the early stories that lay down the principles. The text feels like a scatter-gun attempt to cover subjects in which the writers have little or no interest. There's criticism of marketing, customer service, hiring practices and policy manuals, yet little advice you haven't already thought about. An exception is the explanation of why you should promote your business by freely educating your audience. Rework contains some good illustrations why sharing your expertise can build your brand, and why you shouldn't worry about giving away too much.
Whether you like this book will depend on your temperament. The authors value control over their work and question why anyone would want to see it diluted by factors like venture capital and expansion into new markets. They don't see themselves as overprotective for foregoing the chance to make their company larger. On the contrary, they believe that growth makes you more timid and risk-averse, as you struggle to scale your model and please investors.
Five years ago, Rework might have provoked intense debate about business practices. Today, its ideas have less novelty. The book is nonetheless valuable as a reminder that bigger often isn't better, and as a challenge to teams within all enterprises to seek simplicity and set boundaries.
Note: this review is based on listening to the full unabridged audiobook of Rework, not the hardcover edition.
Rework, by Jason Fried and David Heinemeier Hansson, Crown Business, March 9, 2010, ISBN-10: 0307463745, ISBN-13: 978-0307463746
View comments for this article
