Understanding the configuration of WCCP
--> You can check my previous post to understand what is WCCP by clicking here ( http://networkingmaterials.blogspot.com/2017/09/introduction-to-wccp.html ). --> WCCP can be configured on the Router, Multilayer Switch as well as Firewall. --> In this post, I will explai…
Read more
What is ZBPF?
--> Zone-Based Policy Firewall allows you to configure stateful firewall implementation on IOS Routers. --> Supports deep packet inspection. --> Zone-Based Policy Firewall works on the concept of logical security zones. --> Security Zones is a logical segmentation of…
Read more
Introduction to FTD
--> FTD stands for Firepower Threat Defense. --> The Firepower Threat Defense software, is the unified operating system which provides following services in a single image, i) Built-in stateful firewall ( Used to filter the packets based upon Layer 3/4 information) ii) …
Read more
How to configure ASA Active/Standby Failover??
ASA1 Configuration S1: Configure the interfaces as shown in the topology. ASA1(config)# interface g0/1 ASA1(config-if)# nameif Inside ASA1(config-if)# Security-level 100 ASA1(config-if)# ip address 192.168.1.1 255.255.255.0 standby 192.168.1.2 ASA1(config-if)#exit ASA1(config)# …
Read more
What is ASA Active/Standby Failover?
--> Active/Standby failover allows you to use a standby ASA, In case of Active ASA fails. --> When the active ASA fails, it changes to the standby state while the standby unit changes to the active state. --> Now the Standby ASA that becomes active assumes the IP addres…
Read more
Introduction to ASA Firewall
-->ASA is an application-aware stateful packet filtering firewall. --> Inspects all the packets which are passing through the firewall. --> Each and every interface on ASA requires configuration of following things, 1) Interface Name 2) Security-level 3) IP Address --&g…
Read more
How to Configure Site to Site VPN on Cisco Routers
BR1: 1) Configure the ISAKMP Tunnel From BR1 to BR2 router ( Phase1). BR1(config)# crypto isakmp policy 1 BR1(config-isakmp)# encryption 3des BR1(config-isakmp)# hash md5 BR1(config-isakmp)# authentication pre-share BR1(config-isakmp)# group 2 BR1(config-isakmp)# lifetime 8640…
Read more
Types of Security Operation Centers(SOC) ?
1) Threat Centric SOC --> A threat-centric SOC actively searches for malicious threats in the network. --> New threats can be identified with the help of i) known vulnerabilities 2) threat intelligence feed services 3) malicious anomalies across networks. --> In order t…
Read more
Different types of firewall deployment modes
--> Selection of firewall mode mainly depends upon two criteria's i) Security and Performance requirements ii) Location of the firewall to be placed --> Enterprise Firewalls can be deployed in four modes, i) Distributed Enterprise Firewall --> Performance and…
Read more
Posture assessment in ISE
--> Posture assessment in ISE allows you to check internal state such as antivirus, registry entries, personal firewall and many more things before allowing the access to the network. --> It is very important in case of BYOD network designs. --> In order to ISE to check…
Read more
