Always Networks Blog

What is a zero day vulnerability?

Mon 10 February 2020

Malware

What is a zero day vulnerability?

Often you'll see antivirus products, firewall vendors, and other security products claiming to stop "zero day vulnerabilities" or "zero day threats". But what does zero day vulnerability mean?

Before we dive into that, there are a few other terms we need to understand.

What is malware?

Malware is short for "malicious software,". It is software that is specifically designed …

Read whole post...

What is automation?

Automation

Automation can mean lots of things to lots of people. Officially:

Automation:

The use of machines and computers that can operate without needing human control

So basically, automation is a way of getting computers to do things automatically for us.

What are the prerequisites?

Fundamentally, computers follow instructions.

This means that when we are looking for automation candidates, we are looking for tasks which have …

Read whole post...

Check Point Deployment Tool (CDT)

Sun 24 March 2019

Update

We have been working with one of our clients doing Check Point upgrades - applying jumbo hotfix accumulators (JHA) and also upgrading from R7x to R80.

Check Point Deployment Tool (CDT) is a fantastic tool for making this process quick, easy and painless.

What is it?

Central Deployment Tool (CDT) is a utility that runs on Security Management Servers and Multi-Domain Security Management Servers running Gaia …

Read whole post...

Converting a VMware vSwitch uplink from an access port to a trunk

Wed 06 February 2019
Trunk

There was recently a scenario we had whilst working with a client, where we had an ESXi host running version 5.5 using a single VLAN. All of the Virtual Machines were in a single port-group, and they were untagged, sending traffic to a neighbouring Cisco switch where the port was configured as an access port. There were a couple of vmkernel ports on the …

Read whole post...

GRE Tunnels and VRFs

Wed 23 January 2019
Tunnel

GRE Tunnelling. It's a tool that should be in every network engineer's toolbox, but not one we like to use very often.

But sometimes, it's needed. Sometimes you need to just make something work, across somebody else's network. This week's task is to do just that, in support of an office migration for a client.

So, let's have a look at how GRE works, and …

Read whole post...

Design Consideration - The effects of VLAN ID's on Spanning-Tree convergence

Network Switch

When designing a network, consideration should be given to separating traffic into VLANs. This is done for logical separation, security and performance reasons.

This affects the convergence of a Layer 2 Network. Most Cisco switches running STP (Spanning-Tree Protocol) will be running an instance per VLAN. This is called PVST (Per VLAN Spanning-Tree), or RPVST (Rapid Per VLAN Spanning-Tree), depending on whether you are running …

Read whole post...

Always Networks is now Serverless!

Fri 21 December 2018

Powered by AWS Cloud Computing

This blog has now been moved on to AWS using entirely serverless technologies, meaning both reduced cost and better performance.

To do this, a number of technologies have been employed to automate the deployment. As there is really only one Always Networks site, a lot of this was probably a lot more effort than it could have been - it would probably have been easier to …

Read whole post...

Identifying which zone a subnet is in on a Palo Alto firewall - Script

One of the challenges with managing any zone based firewall on a large scale is knowing which zone everything is in. We all know that the network should be well documented, but we also know that routing tables get unwieldy, and it's not uncommon when adding a firewall rule to be wondering exactly which zone that source or destination is in.

There are three ways …

Read whole post...

Scout2 and Security Monkey - AWS Security Auditing

Wed 30 August 2017

I recently had cause to do some auditing of a pre-built AWS environment. The lazy guy in me tried out some free tools to speed things up.

Security Monkey

First up was Security Monkey. This was made by Netflix. It can be found on their github: https://github.com/Netflix/security_monkey. It's actually really well documented, and I just followed their setup guide verbatim - I …

Read whole post...

Automated Deployments of Palo Alto Firewalls in AWS

I've recently been working with a client on magically spinning up entire environments in AWS. This means I've learned a fair bit about AWS on the way!

Without going into too much detail (as it's the clients work), we have been bootstrapping Palo Alto firewalls. This allows you to be able to stand up a fully configured Palo Alto firewall using a CloudFormation script in …

Read whole post...

Can we keep in touch?

Recent Posts

Categories

Tag Cloud