6 yếu tố cần tránh khi hợp tác kinh doanh

6 yếu tố cần tránh khi hợp tác kinh doanh
Cập nhật lúc: 15h 05.11.2008

Hợp tác giữa các công ty đã trở thành một phần quan trọng trong kinh doanh. Lý do thật đơn giản: đó là bổ sung kỹ năng cho nhau, chia sẻ công cụ, chi phí và ý tưởng để có thể hiện thực hóa một sáng kiến hay và các bên hợp tác sẽ cùng thu được lợi nhuận.

Nhưng cũng tương tự như một sự “hôn phối” giữa hai cá thể, bên trong mối quan hệ hợp tác thường có không ít rắc rối và thử thách liên quan đến vô số vấn đề như chi phí, thuê mướn nhân viên, chia sẻ lợi nhuận.

Vì thế, nếu đang nghĩ đến chuyện hợp tác cùng doanh nghiệp nào đó, bạn hãy cân nhắc đến những điều sau đây:

1. Không cân nhắc kỹ khi góp vốn

Bất cứ lúc nào nói đến việc phải sẻ chia một phần vốn của mình, như tiền bạc, nguyên liệu, thông tin và bất động sản, thì có nghĩa là bạn sẽ mất đi một phần khả năng nắm bắt sự nghiệp của mình.

Trong một thế giới hoàn hảo, người hợp tác cùng luôn có ý chí tốt, chính trực và không hề có ý tưởng chiếm đoạt phần tài sản ấy hay sử dụng chúng để kiếm tiền cho riêng mình, nhưng cuộc sống hiện nay không hoàn mỹ như thế.

Do đó, hãy luôn cẩn trọng, tính toán mọi chi phí hoạt động và lợi nhuận mà bạn chia sẻ theo một bản thỏa thuận hợp tác. Cũng đừng quên tạo ra một lối thoát dễ dàng cho mình nếu mọi chuyện trở nên không như ý muốn.

2. Hợp tác chỉ vì không đủ tiền thuê nhân công

Đây chính là liều thuốc giết chết sự hợp tác ngay khi mới bắt đầu. Hoàn cảnh thường rất quen thuộc: A có ý tưởng kinh doanh và B lại sở hữu kỹ năng kinh doanh, nhưng A không đủ khả năng thuê mướn B nên họ quyết định cùng chia sẻ công việc, chi phí và lợi nhuận.

Điều gì sẽ xảy ra nếu A và B cùng kết thúc mọi thứ trong tình trạng cả hai đối đầu với nhau và A chợt nhận ra rằng anh ta hoàn toàn lệ thuộc vào những điều lệ bắt buộc ghi trong hợp đồng hợp tác với B? Nếu bạn có được một ý tưởng và biết một ai đó có được một kỹ năng thì hãy thuê anh ta hoặc thực hiện một bản hợp đồng chấp thuận sự độc lập của mình.

3. Thiếu hợp đồng hợp tác

Trong sự hợp tác, mọi chi tiết và trách nhiệm đều phải được kê khai rõ ràng và viết ra giấy, và hợp thức hóa bằng hợp đồng có cả sự tham gia của luật sư hai bên. Bạn sẽ rất cần đến luật sư khi tình thế xấu đi.

4. Xem thường việc hợp tác hữu hạn

Một trong những nguyên nhân chính dẫn đến sự thất bại của hợp đồng hợp tác chính là việc hiểu nhầm về các điều lệ pháp lý mà các bên đặt ra cho nhau. Một điều đáng chú ý chính là chủ quan trong sự hợp tác hữu hạn, nghĩa là một bên không phải chịu trách nhiệm về những hành động hay bổn phận nào của bên kia. Hãy để luật sư xem xét kỹ vấn đề này trong bản thỏa thuận.

5. Thiếu hẳn một lối thoát

Trong bất kỳ thỏa thuận hợp tác nào, hãy xác định rõ các điều khoản cho phép bạn và đối tác có thể chấm dứt việc hợp tác hoặc những lựa chọn liên quan đến việc mua lại toàn bộ tài sản của đối tác. Đây thật sự là một công việc dễ dàng và minh bạch, cũng như không hề dính dáng đến sự thành công của việc kinh doanh chung.

IT Manager - job description

Brief Description :

• Overall responsible for the Information Technology Management. • Other Responsibilities are: - Overall responsibility for the maximum uptime and utilization of IT systems - Project manage IT-related implementations - Manage and develop training plans for IT Team - Continuously review business processes with users to ensure that efficiency & quality of work are maximized through proper implementation of IT solutions.

Key Responsibilities :

 System and Project Management - To lead overall planning and selection of IT technical, infrastructure solutions & business applications. - To liaise with users to understand the business requirements and to source for the right solutions. - To lead in the evaluation and selection of IT solutions and strategic implementation partners. - To oversee planning, development and project management of IT projects.  IT Management - To prepare the annual IT Budget and Key Activities. - To ensure that the IT costs are well managed. - Provide timely reporting to management on IT project status and Service levels.  IT System Services & Operations - To work closely with NISAP Team in handling SAP related issues. - Work with Corporate IS in planning and implementation of local infrastructure & technical projects - Ensure minimal downtime in IT systems and proper backups are performed for critical systems. - Manage IT Helpdesk support and ensure that network and messaging system service levels are met. - Ensure environment has adequate security and protection in place such as virus mgmt, internet security mgmt, information security policies) - Vendor management of local contracts and service agreements  Business Process Review - To recommend alternatives of performing daily tasks to reduce redundancy & manual work through IT solutions. - To gather feedback from business users on their requirements for IT systems from time to time. - To work closely with NISAP Team to ensure SAP functionalities are being extended to enhance business processes. IT Staff Development - To assist in IT staff recruitment and definition of job roles & responsibilities. - To develop training & development plan and recommend appropriate training for IT staff - To develop the performance appraisal guidelines and KPI measurements for inclusion to Performance Contracts - To monitor overall performance of IT staff and provide direct assistance to team members in resolving work-related issues. - To coach IT staff in effective problem resolution and decision making process. - To motivate and supervise the IT staff to achieve the established key performance indicators.

Job Requirement:

IT technologies and devices are continual change therefore the jobholder needs to study and attend IT technology-training courses usually. http://www.vipdatabase.com/index.php?act=viewjob&jobid=4658&mn=2

Enable/Configure DHCP Snooping in Cisco Catalyst Switches (IOS)

Enable/Configure DHCP Snooping in Cisco Catalyst Switches (IOS)

Posted on May 15, 2008 under Cisco |

Tags:Cisco denial-of-service DHCP DHCP-Snooping ios Option82 Security

DHCP snooping is a DHCP security feature that provides security by filtering untrusted DHCP messages and by building and maintaining a DHCP snooping binding table. An untrusted DHCP message is a message that is received from outside the network or firewall causing denial of service attacks.

The DHCP snooping binding table contains the MAC address, IP address, lease time, binding type, VLAN number, and interface information that corresponds to the local untrusted interfaces of a switch. An untrusted interface is an interface that is configured to receive messages from outside the network or firewall. A trusted interface is an interface that is configured to receive only messages from within the network.

DHCP snooping can be enabled on the switch per vlan as it can intercept the DHCP messages at the layer2.

The following is a step by step procedure to enable and configure DHCP snooping in Cisco catalyst switches running Cisco IOS

Enable DHCP Snooping

ciscoswitch(config)# ip dhcp snooping

Enable DHCP Snooping on VLANs

DHCP snooping can be enabled on one or more VLANs or a range of VLANs

ciscoswitch(config)# ip dhcp snooping vlan number 100

The above enables dhcp snooping on VLAN 100

To enable on more VLANs

ciscoswitch(config)# ip dhcp snooping vlan number 10-15 100 110

where the DHCP snooping is enabled on VLAN 10-15, 100 and 110

Enable DHCP Option 82

This allows DHCP option 82 message insertions into the packets. Option 82 is the Relay Agent Information Option as described in RFC 3046

ciscoswitch(config)# ip dhcp snooping information option

Configure Trust Interface

Interface not explcicitly configured as a trust interface is treated as an untrusted interface.

ciscoswitch(config)# interface fa0/0

ciscoswitch(config-if)# ip dhcp snooping trust

DHCP Snooping Rate limiting (optional)

Rate limiting allows restricting the number of DHCP packets per second (pps) that an interface can receive

ciscoswitch(config-if)# ip dhcp snooping limit rate 202

Where "202" indicates that the interface can receive "202" messages per second

This should configure DHCP Snooping on Cisco IOS switches.

Display DHCP Snooping

ciscoswitch# show ip dhcp snooping
DHCP Snooping is configured on the following VLANs:
10-15 100 110
Insertion of option 82 information is enabled.
Interface Trusted Rate limit (pps)
——— ——- —————-
FastEthernet2/1 yes 10
FastEthernet2/2 yes none
FastEthernet3/1 no 20

Display DHCP Snooping Binding Table

ciscoswitch# show ip dhcp snooping binding
MacAddress IP Address Lease (seconds) Type VLAN Interface
———– ———– —————- —– —– ————
0000.0100.0201 10.0.0.1 1600 dynamic 100 FastEthernet2/1

Related Posts

• Unable to delete Stale/Obsolete statc routes in Cisco IOS (Jul 03, 2008)
• How to create VLAN Interfaces for InterVLAN Routing in Cisco IOS (Jul 01, 2008)
• High CPU usage when SNMP is enabled in Cisco Routers (Jun 19, 2008)
• Configure MD5 encrypted passwords for users on Cisco IOS (May 20, 2008)
• Allow user view Running/Startup-Config (red-only) in Cisco IOS (May 12, 2008)

2 Comments so far »

1. by Tawfiq, on May 29 2008 @ 1:21 pm

   

   Thanks to him who is written this document -
   -he is describe easily here what is
   dhcp snooping and how to implement this security feature
   its a brilliant do doubt -

2. by Cisco.zephyr, on July 29 2008 @ 10:52 am

   

   This was straight to the point and gave just enough references to follow up for my own reasoning and thoughts.
   Thank you for a (as the other person commented)Brilliant simplistic configuration.

How to create VLAN Interfaces for InterVLAN Routing in Cisco IOS

How to create VLAN Interfaces for InterVLAN Routing in Cisco IOS
Posted on Jul 01, 2008 under Cisco |

Tags:Cisco cisco-switch InterVLAn-Routing ios router switch vlan

VLAN Interfaces are required in network scenarios where you have different VLANs and need Inter-VLAN switching on Layer3 (Routing capable) switches. Every VLAN that needs to be routed should have a VLAN interface.

Let's say we have VLAN 10 which hosts the subnet 192.168.10.0 subnet, VLAN hosts 192.168.20.0 subnet and VLAN 30 hosts 192.168.30.0 subnet. For Inter-VLAN routing to work, we need to have a VLAN interface setup for each of these VLANs and configured with an IP address from the same subnet which will be the default Gateway for that subnet. Lets say, 192.168.10.254,192.168.20.254.192.168.30.254 are the IP addresses for VLAN Interfaces of VLAn 10,20,30 respectively.

Assuming the VLANs are configured already, let's proceed to get the VLAN interfaces created.

Enable Routing on the Switch

ciscoswitch# conf t

ciscoswitch(config)# ip routing

Add VLAN Interface

ciscoswitch(config)# interface vlan10

ciscoswitch(config-if)# no shut

ciscoswitch(config-if)# ip address 192.168.10.0 255.255.255.0

This configures a VLAN interface for VLAN 10.

Default Route on Switch

Add a default route on the Switch. This will forward all traffic from the different VLANs to the default router.

ciscoswitch(config)#ip route 0.0.0.0 0.0.0.0 192.168.100.1

Interface to the Router

If the switch cannot reach the default router through a VLAN then an interface that connects to the router which does these routing needs to configured as a routed interface and assigned with an IP address that is in the same subnet as that of the Default router.

ciscoswitch(config)# interface gi0/1

ciscoswitch(config-if)# no shut

ciscoswitch(config-if)# no switchport

ciscoswitch(config-if)# ip address 192.168.100.2 255.255.255.0

This makes the inerface as a routed interface and assigns an IP address in the same subnet as the default router.
Related Posts

* Unable to delete Stale/Obsolete statc routes in Cisco IOS (Jul 03, 2008)
* High CPU usage when SNMP is enabled in Cisco Routers (Jun 19, 2008)
* Configure MD5 encrypted passwords for users on Cisco IOS (May 20, 2008)
* Enable/Configure DHCP Snooping in Cisco Catalyst Switches (IOS) (May 15, 2008)
* Allow user view Running/Startup-Config (red-only) in Cisco IOS (May 12, 2008)

url:http://www.itsyourip.com/cisco/how-to-create-vlan-interfaces-for-intervlan-routing-in-cisco-ios/

Configure Cisco Port Security on Switches and Router interface

Configure Cisco Port Security on Switches and Router interface
Posted on Dec 04, 2007 under Cisco, Security |

Tags:Cisco ios mac-address port-security router Security switch

Cisco Port Security is a features that can help secure access to the physical network. Any Network admins nightmare is an unauthorised device or a PC connecting to the network. This could be as simple as an innocent guest plugging his PC into a floor port hoping to get an internet connection or a malicious intruder connecting to the network trying to gain access to confidential information.

Consequences could as bad as

* Virus, Spyware or malware infection from a PC unprotected PC
* A malicious hacker or an intruder gaining access to the network
* A malicous attacker launching a Denial of Service attack using MAC Address flooding

Cisco IOS has the port-security feature which can be used to restrict the MAC-Address of the devices that connects to each of the physical switchports.

Cisco Port-Security can help to

* restrict the MAC-address or addresses that can connect through a switchport [default: first connected device MAC Address]
* restrict the number of MAC-Addresses that can connect through a switchport [default is 1 and maximum is 128]
* set aging in minutes of the MAC Addresses registed
* Action to take when there is a violation detected (default is to disable the port and send an SNMP Trap message to the SNMP management server (if any))

For a switch port to be security enabled,

* the switchport cannot be a Trunk Port
* the switchport cannot be a destination port for a Switchport Analyzer (SPAN)
* the switchport cannot belong to an EtherChannel port-channel interface
* the switchport cannot be an 802.1X port

If you try to enable 802.1X on a secure port, an error message appears, and 802.1X is not enabled. If you try to change an 802.1X-enabled port to a secure port, an error message appears, and the security settings are not changed.

To enable Port Security on a Cisco Switch or router interface

Enter the interface config mode (say fa0/1)

Switch# conf t

Switch(config)# interface fastethernet 0/1

Switch(config-if)# switchport mode access

This sets the switchport to access mode. Default mode of "Dynamic desirable" cannot be configured as a secure port

Switch(config-if)# switchport port-security

This enables the port security on the switchport with the defaults [1 MAC Address allowed, 1st connected MAC Address, disable port if there is a violation]

If you know the MAC Address of the device and that thats the only device that connects to the swicthport (for example, A server on a Serverfarm switch) then you can set the MAC-Address manually.

Switchport(config-if)# switchport port-security mac-address 1111.2222.3333

Where 1111.2222.3333 is the MAC Address of the server. This will disable the secure port, if any other device other than the one with the above MAC-Address connects to the switch port.

If there is a switch or a hub (say 12 port or a 24 port) that connects to the switchport which you want to secure then you can set the maximum number of MAC-Addresses that connects to the port and/or set the MAC-Address optionally.

Switchport(config-if)# switchport port-security max 12

This sets the maximum number of mac-address allowed on the secure port (default is 128).

One step further, if you want to manually add some or all of these MAC-Addresses then you can specify using the following command one for each MAC-Address

Switchport(config-if)# switchport port-security mac-address 0000.0000.0000

Switchport(config-if)# switchport port-security mac-address 0000.0000.1111

If now, you need to set the maximum number of MAC Addresses on the switchport but are aware that some or most of them are temporary ones (guest users or temporary workers) then you can set the aging time on the port-security which allows MAC-Addresses on the Secure switchport will be deleted after the set aging time. This helps to avoid a situation where obsolete MAC-Address occupy the table and saturates causing a violation (when the max number exceeds).

Switchport(config-if)# switchport port-security aging time 10

Where time is specified in minutes (10 mins in the above)

Now, you can set the action to be taken when there is a violation. The default is to shutdown the port and mark the port err-disabled.

For example,

Switchport(config-if)# switchport port-security violation protect

Where protect is the action taken when a violation event is triggered.

The actions are

protect — Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.

restrict — Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the Security Violation counter to increment.

shutdown (default) — Puts the interface into the error-disabled state immediately and sends an SNMP trap notification.

To show the port-security,

Switch# show port-security interface fastethernet 0/1
Security Enabled:Yes, Port Status:SecureUp
Violation Mode:Shutdown
Max. Addrs:5, Current Addrs:0, Configure Addrs:0

To display port-security info without any interface provided

Switch# show port-security
Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security
Action
(Count) (Count) (Count)
—————————————————————————-
Fa0/1 11 11 0 Shutdown
Fa0/2 15 5 0 Restrict
Fa0/3 5 4 0 Protect
—————————————————————————-
Total Addresses in System: 21
Max Addresses limit in System: 128

To display the security MAC-Address table

Switch# show port-security address
Secure Mac Address Table
——————————————————————-
Vlan Mac Address Type Ports Remaining Age
(mins)
—- ———– —- —– ————-
1 0001.0001.0001 SecureDynamic Fa0/1 15 (I)
1 0001.0001.0002 SecureDynamic Fa0/1 15 (I)
1 0001.0001.0003 SecureConfigured Fa0/1 16 (I)
1 0001.0001.0004 SecureConfigured Fa0/1 -
1 0001.0001.0005 SecureConfigured Fa0/1 -
1 0005.0005.0006 SecureConfigured Fa0/5 23
1 0005.0005.0007 SecureConfigured Fa0/5 23
1 0005.0005.0008 SecureConfigured Fa0/5 23
1 0011.0011.0009 SecureConfigured Fa0/11 25 (I)
1 0011.0011.0010 SecureConfigured Fa0/11 25 (I)
——————————————————————-
Total Addresses in System: 10
Max Addresses limit in System: 128

For more information, check this Cisco documentation

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
Related Posts

* Unable to delete Stale/Obsolete statc routes in Cisco IOS (Jul 03, 2008)
* How to create VLAN Interfaces for InterVLAN Routing in Cisco IOS (Jul 01, 2008)
* High CPU usage when SNMP is enabled in Cisco Routers (Jun 19, 2008)
* Configure MD5 encrypted passwords for users on Cisco IOS (May 20, 2008)
* Enable/Configure DHCP Snooping in Cisco Catalyst Switches (IOS) (May 15, 2008)

Adding a Cisco switch to a VTP domain

Adding a Cisco switch to a VTP domain
By James on October 16, 2007
757 views
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Categories: Cisco Tags: IOS

Adding a switch to a VTP domain is fairly easy to do, but done incorrectly, can bring down a whole network. Fortunatly I have not had this happen to me, but I have heard horror stories. There are a few simple steps to take to make sure everything stays running smoothly.

The very first step to complete as soon as you are ready to put a new switch on a network and join it to the domain, is to make sure that the vtp mode is set to transparent. Setting the mode to transparent ensures that the “Configuration Revision” is set to 0. If the switch has been used in a lab and has vlans configured and a configuration revision that is higher than the domain server, even if the switch being added is in client mode, it will overwrite the server and propagate all of it’s vlans across the network.


This is directly taken from Cisco’s website:

A recently added switch can cause problems in the network. It can be a switch that was previously used in the lab, and a good VTP domain name was entered. The switch was configured as a VTP client and was connected to the rest of the network. Then, you brought the trunk link up to the rest of the network. In just a few seconds, the whole network can go down.

If the configuration revision number of the switch that you inserted is higher than the configuration revision number of the VTP domain, it propagates its VLAN database through the VTP domain.

This occurs whether the switch is a VTP client or a VTP server. A VTP client can erase VLAN information on a VTP server. You can tell this has occurred when many of the ports in your network go into the Inactive state but continue to assign to a nonexistent VLAN.

To make sure this does not happen, before you connect the switch to the network, make sure to set the vtp mode to transparent.
C3750-Client(config)#vtp mode transparent
C3750-Client(config)#exit
C3750-Client#show vtp status
C3750-Client#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
VTP Operating Mode : Transparent
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0×18 0×17 0xE9 0×22 0×49 0×96 0×0C 0×7E
Configuration last modified by 10.10.10.20 at 3-1-93 00:03:25

Now that this switch won’t overwrite the server, configure the vtp domain and password, and then change the mode to client.
C3750-Client(config)#vtp domain Test
Changing VTP domain name from NULL to Test
C3750-Client(config)#vtp password Testpassword
C3750-Client(config)#vtp mode client
Setting device to VTP CLIENT mode

Show the vtp status to confirm.
C3750-Client#show vtp status
VTP Version : 2
Configuration Revision : 62
Maximum VLANs supported locally : 1005
Number of existing VLANs : 38
VTP Operating Mode : Client
VTP Domain Name : Test
VTP Pruning Mode : Enabled
VTP V2 Mode : Enabled
VTP Traps Generation : Disabled
MD5 digest : 0xCD 0×9D 0xFF 0xC3 0×6F 0×63 0×5F 0xF5
Configuration last modified by 10.10.10.2 at 10-16-07 22:16:43

And then a show vlan and check the output to make sure all the vlans have propagated.
C3750-Client#show vlan

The only rule you really need when adding switches is to make sure the switch is in TRANSPARENT mode first.


url:http://jklogic.net/adding-a-cisco-switch-to-a-vtp-domain/

How to configure a Cisco Catalyst switch to act as a DHCP relay agent

How to configure a Cisco Catalyst switch to act as a DHCP relay agent
How to configure a Cisco Catalyst switch to act as a DHCP relay agent in the following Cisco Catalyst switches:
2940 - 2970 - 3550 - 3560 - 3750 - 4000 - 4500 - 6000 - 6500
Relay agents are used to forward requests and replies between clients and servers when they are not on the same physical subnet.
Relay agent forwarding is distinct from the normal forwarding of an IP router, where IP datagrams are switched between networks somewhat transparently.
Relay agents receive Dynamic Host Configuration Protocol (DHCP) messages and then generate a new DHCP message to send out on another interface.
The 2900XL, 2950 and 3500XL switches cannot be configured as a DHCP helper, or DHCP relay.
This requires a router or a switch with a Layer 3 capability that can do InterVLAN routing.
These switches are Layer 2 devices, which can only do DHCP snooping.
The ip helper-address command is present on a configurable Layer 3 interface.
The general rule is to configure the command on the Layer 3 interface closest to the client.
In order configure a Cisco Catalyst switch to act as a DHCP relay agent, issue the ip helper-address command in interface configuration mode and specify the IP address of the DHCP server on the remote subnet.
This ensures that all DHCP broadcasts are forwarded to that address.
More than one helper address can be configured per interface.
You may also wish to investigate:
Understanding and Troubleshooting DHCP in Catalyst Switch or Enterprise Networks