Posts

Showing posts from March, 2011

Link Aggregation

Image
Link Aggregation Introduction Link aggregation aggregates multiple physical Ethernet ports into one logical link, also called an aggregation group.  It allows you to increase bandwidth by distributing traffic across the member ports in the aggregation group. In addition, it provides reliable connectivity because these member ports can dynamically back up each other. Network Diagram Figure 1-1  Network diagram for link aggregation configuration Networking and Configuration Requirements Switch A aggregates ports GigabitEthernet 1/0/1 through GigabitEthernet 1/0/3 to form one link connected to Switch B and performs load sharing among these ports.

Device Link Detection Protocol (DLDP)

Image
DLDP Introduction Sometimes, unidirectional links may appear in networks. On a unidirectional link, one end can receive packets from the other end but the other end cannot. Unidirectional links result in problems such as loops in an STP-enabled network. As for fiber links, two kinds of unidirectional links exist. One occurs when fibers are cross-connected, as shown in  Figure 1-2.  The other occurs when one end of a fiber is not connected or one fiber of a fiber pair gets disconnected, as illustrated by the hollow arrows in  Figure 1-2. Figure 1-1  Unidirectional fiber link: cross-connected fiber Figure 1-2  Unidirectional fiber link: fiber not connected or disconnected Device Link Detection Protocol (DLDP) can detect the link status of a fiber cable or twisted pair. On detecting a unidirectional link, DLDP can shut down the related port automatically or prompt users to take measures as configured to avoid network problems.

Review A Firewall Log In 15 Min Or Less – Part 2

In my last post I introduced the concept of using white listing in order to review firewall logs. I discussed how this process can both simplify as well as expedite the log review process, by automating much of the up front work. In this post we will look at some actual examples, as well as start creating a firewall log parsing script. The basics of grep In order to show you the process of white listing your firewall logs, I am going to use grep. Grep is a standard Linux/UNIX tool, with free versions  available for Windows  (grab both the Binaries as well as the Dependencies). Grep is certainly not the most efficient tool for the job, but it is by far the simplest to learn. If you are a Perl, PHP, AWK&SED, SQL, etc. guru, by all means stick with your tool of choice. Simply mimic the process I’ve defined here using your appropriate command set. Grep is a pattern-matching tool. It allows you to search one or more files looking for a specific pattern. When the pattern is found, the e

Review A Firewall Log In 15 Min Or Less – Part 1

Image
One of the most difficult and time consuming parts of maintaining a perimeter is reviewing firewall logs. It’s not uncommon for an organization to generate 50, 100, 500 MB or more worth of firewall log entries on a daily basis. The task is so daunting in fact, that many administrators choose to ignore their logs. In this series I’ll show you how to expedite the firewall log review process so that you can complete it faster than that morning cup of coffee. Why firewall log review is important I once took part in a panel discussion where one of my fellow SANS instructors announced to the crowd “the perimeter is dead and just short of useless”. I remember thinking I was glad I was not one of his students. I occasionally take on new clients and find that 7/10 times I can identify at least one compromised system they did not know about. In every case it has been the client’s own firewall logs that pointed me to the infected system. In the old days firewall log review was all about ch

Multiple VPN Tunnels in Windows Environment

Image
With Windows RRAS, you can have multiple VPN tunnels to connect main office, branch offices, home office and remote laptop as a private LAN. In the below case, all VPN server and clients are assigned 172.16.x.x IP range and are using 172.16.0.x to route to remote office and computers.

Exporting VPN Client Settings

Cicso ASDM - how to export vpn profile from the client machine. I'm assuming this is a Windows machine- Create the profile and test it, then: Browse to -the Program Files folder -Cisco Systems -VPN Client -Profiles You'll see the PCF file you need. Same name! To import, just move into the same location on your target machine. Job done! Windows 7 VPN Settings/Profile Export/Import If you do not use Cisco VPN but just create the connection with the wizard in Windows system, you can simply copy the connection from the folder %userprofile%\AppData\Roaming\Microsoft\Network\Connections\PBK. For related information please refer Creating and Configuring Network Connections

IPSec-VPN

Image
Internet Protocol Security  ( IPsec ) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite. It can be used in protecting data flows between a pair of hosts ( host-to-host ), between a pair of security gateways ( network-to-network ), or between a security gateway and a host ( network-to-host ). Some other Internet security systems in widespread use, such as Secure Sockets Layer (SSL), Transport Layer Security (TLS) and Secure Shell (SSH), operate in the upper layers of the TCP/IP model. Hence, IPsec protects any application traffic across an IP network. Applications do not need to be specifically designed to us

Site to Site VPN

Image
The site to site VPN solutions provide security at the same time being affordable. It provides broadband connection via internet. It also meets WAN requirements apart from adding cheer to many businesses.  More and more enterprises are following a distributed business model. Branch offices extend an enterprise's reach into key markets. Communication between the central office and branch office is vital to applications that support the business. Security between branch office, point of sales or remote locations and the central office is important. In the past leased lines was a secure but a costly option. Virtual private networks create VPN tunnels on the internet for the secure transportation of data. VPN technologies is a cheaper alternative to dedicated leased lines WAN. Many technologies are invading the market and making a choice is difficult. There options among VPN technology are varied and differ based upon VPN hardware and VPN software. Traditional site to site connect

Client to Server VPN

Image
Client to Server VPN-RRAS A virtual private network is a means of connecting to a private network (such as your office network) by way of a public network (such as the Internet). A VPN combines the virtues of a dial-up connection to a dial-up server with the ease and flexibility of an Internet connection. By using an Internet connection, you can travel worldwide and still, in most places, connect to your office with a local call to the nearest Internet-access phone number. If you have a high-speed Internet connection (such as cable or DSL) at your computer and at your office, you can communicate with your office at full Internet speed, which is much faster than any dial-up connection that uses an analog modem. This technology allows an enterprise to connect to its branch offices or to other companies over a public network while maintaining secure communications. The VPN connection across the Internet logically operates as a dedicated wide area network (WAN) link. Virtual private netw

Peer to Peer VPN

Image
The definition of a Peer to Peer network is a network that allows two or more computers to share their resources. This can include not just file sharing, but the sharing of individual resources such as hard drives, CD-ROM drives, and printers. In traditional VPNs, there is a designated “server” computer and “client” computers that are accessing resources or files on the server. But in a peer to peer network, the resources of every computer on the peer to peer network are accessible from every other computer on the peer to peer network. So, a VPN peer to peer network is one that shares these resources across a public access, such as the internet. Since peer to peer computers have their own hard drives that are accessible by all computers, you can think of each computer as acting as both a client and a server. VPN Peer to Peer networks would normally be used for sharing content like audio, video, data or anything in digital format. Three major types of peer to peer networks are: Pure

VPN Solutions

VPN Solutions 1. Peer to Peer VPN 2. Client to Server VPN 3. Site to Site VPN 4. IPSec VPN 5. Exporting VPN Client Settings 6. Multiple VPN Tunnels in Windows Environment