firewall

SANS – SEC401 Security Essentials Day – 3

Security 401.3 – Internet Security Technologies On the third day of class, we started going into some of the actual technologies used in implementing security. The first topic covered is attack strategies and mitigation. Know thy enemy – Sun Tzu…


How to setup a simple Cisco IOS Firewall

Classic Firewall There are two configuration models to setup a firewall on IOS; the classic firewall (used to be called CBAC – Context based access control) and the zone based firewall. In this post I’m going to document how to…




How to clear CLI screen on ASA and IOS?

Problem: How do you clear CLI screen on ASA? Solution: Answer: You CAN’T! In case you came here asking for the clear CLI screen on IOS. Answer: You CAN’T! SecureCRT I wished there was a way to clear the CLI…


No Picture

Cisco Portable Product Sheets

Cisco portable product sheets are documents containing Cisco’s summary of various product comparisons and performance specifications. This includes a comparison of all Cisco’s switches switching performance, router routing performance, device VPN and encryption performance numbers, memory guildlines and more. This…


No Picture

Demystifying ASA/PIX Nat 0 vs Static

Firstly, Nat 0 and static can be used to achieve the same result of bypassing NAT, at least logically 🙂 However both are fundamentally different. Take a look at the following example: nat (inside) 0 192.168.1.1 255.255.255.255 and static (inside,dmz)…


Cisco ASA Failover Tips and misc.

When setting up a Cisco ASA failover pair, try to follow the following rules & tips: Do not use a crossover Ethernet cable or a fiber-optic patch cable to directly connect the two failover LAN interfaces if the firewalls are…


No Picture

Cisco ASA/PIX Firewall inside interface routing problem

If you are having issues routing your traffic within the inside interface, or hair-pining your traffic, chances are you need to enable the “same-security-traffic permit intra-interface” command. Take a look at the picture below which explains this problem: Basically when…


No Picture

Upgrading an Entrepreneur ASP infrastructure – PART II

After analyzing the situation I have identified several key problems. 1. System Availability – Systems fail frequently due to hardware failures, DoS, and application failures. 2. Collocation is far and administration requires frequent visits 3. Mini tower servers consume space…