Featured Article

Deploying the ASAv using GNS3 and Integrating it with the Physical Network

GNS3 has been around for a while and is a fantastic tool to virtually create labs and test out Cisco technology, as it has evolved GNS3 has become better at providing support for many new devices. In older versions of GNS3 – running an ASA was very CPU intensive as the image used was initially… Read More »

Featured Article

BPDU Filter and its Potential to Cause a Network Loop

Spanning-tree “BPDU Filter” works similar to “BPDU Guard”, as it allows you to block BPDU’s. The major difference is that “BPDU Guard” will place an interface that receives the BPDU into an “err-disabled” state pretty much protecting the violating port while “BPDU Filter” just “filters” it leaving the port to stay up. If a user… Read More »

Featured Article

BPDU Guard Concept, STP Attack and Mitigation

BPDU Guard, BPDU Filter, Root Guard and Loop Guard are all considered spanning tree security features, they all have different characteristics as to what they protect and how they work. Spanning tree attacks can harm the data-plane at Layer 2 therefore using spanning tree security we can mitigate “Man in the Middle” type attacks, protect… Read More »

Featured Article

VLAN Hopping Concept, Attack Example and Prevention

VLAN hopping is a Layer 2 attack that uses exploits to attack a network with multiple VLANS, the attacker would normally deploy frames into the switch port to either Double Tag – Use double tags and attack a real VLAN via the native VLAN Switch Spoofing – attempt and negotiate a trunk and gain access… Read More »

Featured Article

Dynamic ARP Inspection (DAI) Concept/Attack Example and Implementation

Dynamic ARP Inspection is a security feature that rejects invalid and malicious ARP packets, by using DAI we can prevent ARP Poisoning/Spoofing Attacks. The Address Resolution Protocol works the following way “192.168.0.1” wants to communicate with “192.168.0.50” however the switch does not know how to reach the layer 3 address as switches only understands L2… Read More »

Featured Article

Private VLAN Concept/Implementation

Private VLANs are basically VLANs within a VLAN, they partition a regular VLAN domain into sub-domains. A sub-domain is represented by a “Primary” VLAN and a “Secondary” VLAN, this is called a “VLAN pair”. You can have multiple VLAN pairs for example one VLAN pair for each sub-domain. All VLAN pairs share the same primary VLAN. The secondary VLAN… Read More »

Featured Article

DHCP Snooping Concept/Implementation

DHCP Snooping is a layer 2 security technology built into the IOS of a switch. The switch will drop DHCP Server messages in order to prevent unauthorized/rogue DHCP servers from offering IP addresses to DHCP clients. This is a very valuable security measure that can be used to help mitigate the network from attacks. DHCP… Read More »

Featured Article

Cisco Port-Security Concept/Implementation

Cisco port security is a layer 2 traffic control feature used to protect the network from unknown devices which may be plugged into the network either via a network point in a publicly available space or by a malicious user who has physical access to a network point. Port security works by first setting a… Read More »

Featured Article

Deploying a Checkpoint Firewall Solution (GAIA-R77.30)

Checkpoint is known as being a next generation firewall vendor due to being able to support advanced features up to layer 7 of the OSI model, these include “Application Filtering”, “Deep Packet Inspection(DPI)”, “IPS”, “SSL Inspection”, “AV scanning”, “Identity Management”, “URL Filtering” and many more. Checkpoint Firewalls are not zone based Firewalls unlike your Cisco or… Read More »

Featured Article

Blocking URLs Using MPF on the Cisco ASA

The Cisco ASA 5505 doesn’t have a built in feature for URL filtering, nowadays most next generation firewalls will have a URL filtering option built in – which can be licensed and used without the need of a separate device. Commonly this type of deployment would act as a transparent proxy. Using regular expressions with the modular policy… Read More »

Featured Article

Deploying Smoothwall Express 3.1 (Explicit Proxy)

Smoothwall Express is a open source project setup in year 2000 to develop a free firewall that includes its own security-hardened GNU/Linux operating system and easy to use web interface. This product is not to be mistaken for the commercial corporate product “smoothwall” which  is a a very powerful web filtering and security appliance that can be… Read More »

Featured Article

Cisco Wireless – Central Authentication using EAP-TLS with vWLC as the AAA Server

EAP-TLS can be deployed a number of ways in  “Deploying EAP-TLS Wireless Solution in an Enterprise Environment” we demonstrated RADIUS authentication using a Microsoft Server 2012 R2 as a AAA server. In this example we will use the WLC to perform the authentication centrally instead of forwarding the requests. Although it is better and more secure to… Read More »

Featured Article

Deploying EAP-TLS Wireless Solution in an Enterprise Environment

EAP TLS is one of the most secure methods of deploying wireless solutions in an organisation. It uses certificate based authentication both on the server side and client side to authenticate each other, the internal CA is responsible for issuing certificates to the users and computers. There are a number of ways to deploy EAP-TLS, using… Read More »

Featured Article

Install Certification Authority on Server 2012 R2

Microsoft’s Certification Authority is designed on Public Key Infrastructure, the CA is responsible for attesting to the identity of users, computers and organizations. the CA authenticates an entity and vouches for an identity by issuing a digital certificate which is signed by the CA. The CA also manages the revocation and renewal of certificates. Certificates… Read More »

Featured Article

Configure RADIUS Authentication on Server 2012 R2 for Cisco Devices

In this step-by-step guide we will setup NPS as a RADIUS server to authenticate users for our Cisco 3560X switch, this process will work on most Cisco switches and routers. In this example we will be using two AD security groups to define level 15 and level 1 user access. This is a good practice, for… Read More »

Featured Article

Install Network Policy Server (NPS) on Server 2012 R2

NPS (Network Policy Server) is also known as RADIUS, NPS allows you to create and configure network access policies for client health, connection request authentication, and connection request authorization. NPS can also be used to set-up a RADIUS proxy, which is used to forward remote access connection requests to another RADIUS server that can authorize or… Read More »

Featured Article

Cisco Wireless – Central Authentication using EAP-FAST with vWLC as the AAA Server

EAP-FAST – Flexible Authentication via Secure Tunnelling is a proprietary 802.11X authentication method from Cisco. FAST does not require certificates, the protocol creates a tunnel between the user and AAA server and uses PAC – Protected Access Credentials as part of the algorithm, clients must support this in order to be compatible. Not all clients will… Read More »

Featured Article

Cisco Wireless- Central Authentication using PEAP with the vWLC as the AAA server

In this Step-by-Step guide we will set-up central authentication on the vWLC using PEAP – Protected Extensible Authentication Protocol, this type of authentication uses a certificate on the server side, which we validate – this must be from a valid CA on our PKI, however in this example we will use a self signed certificate… Read More »

Featured Article

Cisco Wireless – Setting up FlexConnect aka “H-REAP” with Local Switching of Multiple VLANs

FlexConnect also known previously as H-REAP – “Hybrid Remote Edge Access Point” is usually set-up for branch sites which are connected via a WAN link, FlexConnect access points have the ability to perform local switching and authentication, which means they can make layer 2 forwarding decisions without having to send them up to the WLC… Read More »

Getting Started with Cisco Configuration Professional to Configure a ZBF

Cisco Configuration Professional is a Windows GUI application that network security administrators can use to deploy and manage multiple routers in a single environment. It can be used to configure and monitor Cisco routers without using the Cisco IOS Command Line Interface. There are two versions currently available on the market – Cisco Configuration Professional is… Read More »