Blog

shape
shape
shape
shape
shape
shape
shape
shape
How do I allow my staff to work from home, securely?
March 19, 2020

How do I allow my staff to work from home, securely?

For some of us, flexible working or remote working is already common place. But for many, it’s a new concept. I want to provide some advice about the technological challenges for supporting remote working, particular for businesses with a more “legacy” IT set up. A lot of organisations these days have already moved a lot

What is Cisco Meraki?
March 03, 2020

What is Cisco Meraki?

Cisco Meraki is a product range from Cisco, providing a complete range of networking products, from access points to switches to firewalls, and even security cameras. They are powerful, packed with features, yet so simple to use. Let’s see what they have to say about themselves: Cisco Meraki is the leader in cloud controlled WiFi,

What is a zero day vulnerability?
February 10, 2020

What is a zero day vulnerability?

Often you’ll see antivirus products, firewall vendors, and other security products claiming to stop “zero day vulnerabilities” or “zero day threats”. But what does zero day vulnerability mean? Before we dive into that, there are a few other terms we need to understand. What is malware? Malware is short for “malicious software,”. It is software

What is automation?
February 03, 2020

What is automation?

Automation can mean lots of things to lots of people. Officially: Automation: The use of machines and computers that can operate without needing human control So basically, automation is a way of getting computers to do things automatically for us. What are the prerequisites? Fundamentally, computers follow instructions. This means that when we are looking

Check Point Deployment Tool (CDT)
March 24, 2019

Check Point Deployment Tool (CDT)

We have been working with one of our clients doing Check Point upgrades – applying jumbo hotfix accumulators (JHA) and also upgrading from R7x to R80. Check Point Deployment Tool (CDT) is a fantastic tool for making this process quick, easy and painless. What is it? Central Deployment Tool (CDT) is a utility that runs on

Converting a VMware vSwitch uplink from an access port to a trunk
February 06, 2019

Converting a VMware vSwitch uplink from an access port to a trunk

There was recently a scenario we had whilst working with a client, where we had an ESXi host running version 5.5 using a single VLAN. All of the Virtual Machines were in a single port-group, and they were untagged, sending traffic to a neighbouring Cisco switch where the port was configured as an access port.

GRE Tunnels and VRFs
January 23, 2019

GRE Tunnels and VRFs

GRE Tunnelling. It’s a tool that should be in every network engineer’s toolbox, but not one we like to use very often. But sometimes, it’s needed. Sometimes you need to just make something work, across somebody else’s network. This week’s task is to do just that, in support of an office migration for a client.

Design Consideration – The effects of VLAN ID’s on Spanning-Tree convergence
January 09, 2019

Design Consideration – The effects of VLAN ID’s on Spanning-Tree convergence

When designing a network, consideration should be given to separating traffic into VLANs. This is done for logical separation, security and performance reasons. This affects the convergence of a Layer 2 Network. Most Cisco switches running STP (Spanning-Tree Protocol) will be running an instance per VLAN. This is called PVST (Per VLAN Spanning-Tree), or RPVST

Identifying which zone a subnet is in on a Palo Alto firewall – Script
September 17, 2018

Identifying which zone a subnet is in on a Palo Alto firewall – Script

One of the challenges with managing any zone based firewall on a large scale is knowing which zone everything is in. We all know that the network should be well documented, but we also know that routing tables get unwieldy, and it’s not uncommon when adding a firewall rule to be wondering exactly which zone

Scout2 and Security Monkey – AWS Security Auditing
August 30, 2017

Scout2 and Security Monkey – AWS Security Auditing

I recently had cause to do some auditing of a pre-built AWS environment. The lazy guy in me tried out some free tools to speed things up. Security Monkey First up was Security Monkey. This was made by Netflix. It can be found on their github: https://github.com/Netflix/security_monkey. It’s actually really well documented, and I just followed