On this website I have written tens of articles about enterprise level firewalls (especially Cisco ASA) but many people are interested to learn about the best hardware firewalls for home or small business networks, so this is what I’ll focus in this article. Firewalls are designed to monitor incoming and outgoing traffic, helping to keep […]
[Continue reading]
Denial of Service attacks (DoS) are very common these days. Especially Distributed DoS attacks (called also DDoS) can be executed quite easily by attackers who own large networks of BotNets. Thousands of malware-infected computers (which comprise the so called “BotNets”) are controlled by attackers and can be instructed to start attacks at any target. Usually […]
[Continue reading]
Cisco Adaptive Security Appliance (ASA) is quite a versatile device integrating application-aware firewall, SSL and IPsec VPN, intrusion prevention system (IPS), antivirus, antispam, antiphishing, and web filtering services. Cisco ASA also supports routing protocols such as Routing Information Protocol (RIP), Enhanced Interior Gateway Routing Protocol (EIGRP), and last but not least, Open Shortest Path First […]
[Continue reading]
The Cisco 800 series routers are part of the “Branch Office” category, used mainly for SOHO purposes or for connecting remote branch offices to a central location. They are “fixed hardware configuration” devices, meaning that they don’t have any plug-in hardware slots for inserting additional interfaces to the device (all the interfaces are fixed). All […]
[Continue reading]
The “ping” command has been the “de facto” troubleshooting protocol used mainly for testing connectivity and communication between two hosts. As we all know, the ping command sends “ICMP” packets to the other end and waits for ICMP reply packets to come back. From ASA 8.4(1) and later, Cisco introduced an enhanced version of the […]
[Continue reading]
SNMP stands for Simple Network Management Protocol. Up to ASA software 8.1, the SNMP version supported was v1 and v2c. The newest ASA software 8.2 supports also SNMP v3 which is the most secure snmp protocol version. The ASA works as an SNMP server (or agent), so you need also a Network Management System (NMS) […]
[Continue reading]
One of the advantages of the Cisco ASA firewall is that you can configure multiple virtual interfaces (subinterfaces) on the same physical interface, thus extending the number of security zones (firewall “legs”) on your network. Each subinterface must belong to a different Layer2 VLAN, with a separate Layer3 subnet. There are limits on the number of […]
[Continue reading]
NMAP (Network Mapper) is the de facto open source network scanner used by almost all security professionals to enumerate open ports and find live hosts in a network (and much more really). One of my responsibilities in my job is to perform white hat penetration testing and security assessments in corporate systems to evaluate their […]
[Continue reading]
HSRP (Hot Standby Router Protocol) is the Cisco proprietary protocol for providing redundancy in router networks. The standard router redundancy protocol which is used by other vendors is VRRP (Virtual Router Redundancy Protocol), however Cisco has created its own proprietary protocol (HSRP) which works very well on Cisco routers. In a Local Area Network (LAN), […]
[Continue reading]
Network infrastructure devices (routers, switches, load balancers, firewalls etc) are among the assets of an enterprise that play an important role in security and thus need to be protected and configured accordingly. Many enterprises focus on protecting their data, servers, applications, databases etc but they forget about security of network devices which are sometimes installed […]
[Continue reading]
For a CCNA certification exam you must be prepared to answer questions about three important networking concepts, Unicast, Broadcast and Multicast. Even if these terms can be pretty confusing at the beginning, they are actually not that complicated. Learn how to keep them straight, along with other vital CCNA exam information. At the beginning of […]
[Continue reading]
Usually, in the world of network security, when we talk about Firewalls we mean the devices that help protect your computer systems and networks from attacks and provide a “wall” in front of servers and IT resources. The above concept of a “Firewall” refers to the classic network hardware firewall such as the Cisco ASA, […]
[Continue reading]
The Cisco “reload” command is used on almost all IOS Cisco networking devices (routers, switches etc) to restart (or reboot) the appliance. This command might seem very basic but it has some interesting practical applications that we will see later in this article. Basic Command Usage As we have said above, the basic usage of this […]
[Continue reading]