[CRTech] Christian Radio Tech [MSG 79308]
[Thread Prev] [-- Thread Index --] [Thread Next] [Date Prev] [-- Date Index --] [Date Next]
Re: Barix as backup STL
To: CRTech <crtech@crtech.org>
Subject: Re: Barix as backup STL
From: Sherrod Munday <smunday@ieee.org>
Date: Tue, 28 Mar 2017 13:09:39 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ieee-org.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=98zsRtzpO9K7ibhI/fVLzhZMLTEJ+RbZikgHaA+C3O4=; b=KxIDxRhQR58KlJvMznotdxwGzxLdh78JGzCWv9w1YZfStjk6FRWIL9GsRg4vGfmTSd +zHXHzYAcJhDKwuSFwdargQVKS5qCOwChr+Xjg82pxYYEHaoslVymp32USDFpTOyR3H+ iIL1JsUFrfH2B2SDwuYJEs2QXzIlM3nMxA8BI2EQIsWTGuuPeXjdkgpd2ZTw1VcRCJbj NTLqjsWS/WmzRfqX5O+hky2PO+2B/8E5rwv7oGcIe9T6La/JYtS20/DpYYXwRXgUqLOd 3odDGCptxUGE5FaYbw2S3KIytt0qQ5SkWrsT+wTd2F4d1EFvXfX3t2dwZ/rzpIinWIjk GXzw==
In-reply-to: <CAP8KTHZ3b1W5kLXv--BwHu4P82PuXydZs-Wxo-qAjHWYhsxZGQ@mail.gmail.com>
References: <CAJHfeBv1=2YLbH5dnSbj+_=0Xogu4D3pxvuCK5wnqLB8fYR7tQ@mail.gmail.com> <1eaa5017-c470-baf2-3a51-dad67054b18d@knlr.com> <CAP8KTHZ3b1W5kLXv--BwHu4P82PuXydZs-Wxo-qAjHWYhsxZGQ@mail.gmail.com>
On Mar 28, 2017, at 12:20, BIll Moede <bmoedereplay@gmail.com> wrote:
> I'm looking to put together a backup STL system for use over an IP / Internet connection. ...

If you have the wherewithal to use a private (non-public-Internet-based) Ethernet link between the two sites, that would be your most secure option.  The peace of mind would be worth the extra money IMHO.

If you need some options for this, call Kile Broyles at Jabez Communications ( http://ww.jabeztelecom.com/contact-us ) and tell him "Sherrod says you can give me some quotes for something like a private Ethernet or Metro Ethernet circuit for our radio station STL."  :-)   He'll take care of you.

On Mar 28, 2017, at 12:41, Steve Tuzeneu <stuzeneu@gmail.com> wrote:
> ... If you do go with the Barix boxes, don't forget to change your user name and password.

Said another way:

Don't forget to change the credentials on *any* system you deploy using the public Internet.

And don't think that just putting it behind a firewall with a port-forward makes it secure -- I recently found one piece of broadcast gear sitting out on the open Internet.  It was behind a perfectly good (but useless) firewall that had a port-forward directly into the unprotected equipment.  The user might have as well assigned it a public IP address with a sign hung out front saying "Come hack me!"

At the very least, if you're not going to use a private circuit or a VPN to provide an end-to-end path between the two sites (which you really should do whenever possible), configure your firewalls (you do have a firewall at each site, I trust) to only allow incoming IP connections from the static IP address of the other site's ISP connection.  If you were thinking of using DHCP addresses from your ISP, do yourself a favor and instead acquire a static IP address.  It will make your security much easier to configure on the firewalls and make setting up a VPN far easier too.

If anyone needs some help with this type of setup (or better understanding of the concepts involved) feel free to contact me off-list.

Sherrod Munday

Follow-Ups: Re: Barix as backup STL
(BIll Moede <bmoedereplay@gmail.com>, 28 Mar 2017 18:27:14 -0000)
References: Barix as backup STL
(BIll Moede <bmoedereplay@gmail.com>, 28 Mar 2017 16:21:00 -0000)
Re: Barix as backup STL
(Terry Cowan <tcowan@knlr.com>, 28 Mar 2017 16:35:44 -0000)
Re: Barix as backup STL
(Steve Tuzeneu <stuzeneu@gmail.com>, 28 Mar 2017 16:41:27 -0000)
Prev by date: Re: Frequency Search by ASR Number?
(Alan Kilgore, 28 Mar 2017 16:44:05 -0000)
Next by date: Re: Barix as backup STL
(BIll Moede, 28 Mar 2017 18:27:14 -0000)
Prev by thread: Re: Barix as backup STL
(Steve Tuzeneu, 28 Mar 2017 16:41:27 -0000)
Next by thread: Re: Barix as backup STL
(BIll Moede, 28 Mar 2017 18:27:14 -0000)