Tag Archives: security

Information Management is Hard

I’m curious what PacketU readers are using for information management. Do you use a single ubiquitous storage mechanism or app (like Box or Evernote)? Or perhaps you have a specific (perhaps local) solutions for sensitive nature of information? Maybe you approach this as … Continue reading

Posted in invis, Rant, Security, Technology | Tagged , | 2 Comments

Discard Routing for RFC1918 Addresses

While working with firewalls for the last few years, I’ve seen many logs polluted with scanning traffic. Obviously this is the type of thing that I want to see when someone is legitimately scanning, or attempting to scan, through the firewall. However, … Continue reading

Posted in CCIE Security, CCNA Security, Certification, General, Network, Technology | Tagged , | 2 Comments

Securing Your Connection Anywhere You Go

We all know that there are a lot of incomplete security models. Firesheep made this fact painfully obvious to those who regularly work from public hotspots. Although this issue extends beyond insecure wireless deployments, unencrypted hotspots are an easy target. … Continue reading

Posted in Network, Security, Technology | Tagged , , , | Leave a comment

Google and Cloudflare: Encrypting the WWW

A couple of months ago, Google announced that it had started using SSL as a factor in SEO ranking. Since the search giant is the referrer for most website traffic, this is the type of announcement that gets the attention … Continue reading

Posted in Rant, Technology | Tagged , , | Leave a comment

Using the Brocade vRouter VPN Capabilities

One of the challenges that must be overcome as servers are migrated to a cloud service provider is the ability to continue to reach all servers and securely communicate with them for various administrative and data transfer needs. NAT can … Continue reading

Posted in Events, Network, Security, Technology | Tagged , , , , , | 2 Comments

ASA HTTP Filtering by Domain with Host Headers

One of the questions that regularly comes up with firewalls is how to filter based on domain name. Access Control Lists, or ACLs, are designed to filter based on IP addresses and networks. One of the things that many would … Continue reading

Posted in CCIE Security, Certification, Security, Technology | Tagged , , , | 4 Comments

First Look at the CCNP Security Refresh

Today Cisco announced a significant update in the CCNP Security program. As with other program changes, Cisco is allowing candidates time to complete their current studies. However they are aggressively moving everyone toward the new curriculum. Those having already passed … Continue reading

Posted in Certification, General, Security, Technology | Tagged , , | 10 Comments

Cisco ASA — Minimizing Challenges with VPN and Management Traffic

The ASA appliance is a very popular choice for the branch office environment. It provides flexible security and is a good termination point for a VPN connection back to a headquarter location. One challenge that technicians often run into is … Continue reading

Posted in CCNA Security, Certification, Network, Security, Technology | Tagged , , , , | 1 Comment

Combining GRE and IPSec with a Front Side VRF

The article last week focused on the process of taking a typical GRE configuration and reconfiguring it so the transport network was in a separate VRF. This type of VRF is called a FVRF or front-end vrf. While this provides … Continue reading

Posted in Network, Technology | Tagged , , , , | 8 Comments

Using a GRE Tunnel VRF to Separate the Physical Interface

Whether we like it our not, production networks often have particular use cases that require the implementation of tunnels. This may be an effort to extend a dynamic routing protocol across a service provider segment or an effort to overcome … Continue reading

Posted in Network, Technology | Tagged , , | 10 Comments

Using Notepad++ to Mirror Cisco ACLs

Having an occasional need to create mirrored access-list entries, I was seriously considering writing a PERL script to automate this process. Before I really got started on it, I stumbled on a pretty cool feature in Notepad++. This feature basically … Continue reading

Posted in CCIE Security, CCNA Security, Certification, Network, Security, Technology | Tagged , , | 6 Comments

Cisco ASA 8.4 VPN — Dealing with Internet Hairpin Traffic

Over the past few months, I have received a few requests regarding hairpin scenarios and the ASA. Earlier, I provided a scenario that deals with hairpinning (also known as U-Turn) traffic between two VPN spokes in a typical ASA environment. In another … Continue reading

Posted in CCIE Security, CCNA Security, Certification, Security, Technology | Tagged , , , , , | 2 Comments