Tuesday, July 25, 2017

Cisco Wireless Controller 5508 Configuration Step by Step - Part 1 (CLI and GUI Access, Upgrade)

As the industry’s most deployed controller, the Cisco 5500 Series Wireless Controller provides the highest performance, security, and scalability to support business communications today and in the future.
Cisco 5500 Series Wireless Controller
• Support for up to 500 access points and 7000 clients
• 8-Gbps throughput, eight 1 Gigabit Ethernet ports, with Link Aggregation Group (LAG)
support
• Standalone, rack-mountable appliance

5508 Front Panel
Note: Service Port is the one above Redundancy Port. 

Monday, July 24, 2017

Gartner Magic Quadrant for Enterprise Network Firewall (2017, 2016, 2015, 2014, 2013, 2011, 2010)

Based on Gartner's definition, the enterprise network firewall
" is composed primarily of purpose-built appliances for securing enterprise corporate networks. Products must be able to support single-enterprise firewall deployments and large and/or complex deployments, including branch offices, multitiered demilitarized zones (DMZs) and, increasingly, the option to include virtual versions for the data center. Customers should also have the option to deploy versions within Amazon Web Services (AWS) and Microsoft Azure public cloud environments. These products are accompanied by highly scalable (and granular) management and reporting consoles, and there is a range of offerings to support the network edge, the data center, branch offices and deployments within virtualized servers and the public cloud. "

Here is the difference from UTM appliance, which  UTM approaches are suitable for small or midsize businesses (SMBs), but not for the remainder of the enterprise market.

2017 Gartner Magic Quadrant for Enterprise Network Firewalls



2017 Gartner Magic Quadrant for Enterprise Network Firewalls

Gartner Magic Quadrant for Unified Threat Management (2017, 2016, 2015, 2014, 2013, 2012, 2010,...)

Gartner defines the unified threat management (UTM) market as multifunction network security products used by small or midsize businesses (SMBs) (< 1000 employees).

2017 Gartner Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls)

Not much changes from 2016.
2017 Gartner Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls)

Wednesday, July 5, 2017

Gartner Magic Quadrant for the Wired and Wireless LAN Access Infrastructure (2016, 2015, 2014, 2013, 2012, 2011, 2010)

Gartner’s Magic Quadrant for Wireless LAN Infrastructure has been released for a couple of years. This post listed all reports found from Internet since 2010. If you are not familiar with this research publication or Gartner, please see graphic below. Gartner places vendors in one of four quadrants – Leaders, Visionaries, Niche Players and Challengers based on their score system.

Understanding Gartner Magic Quadrant Report
Source: Gartner (July 2013)

2016

No changes on Leaders Quadrant. Fortinet got into challenger. 

Thursday, May 18, 2017

Using Artica Squid Open Source Project to Build Powerful and Safe but Simple to Use Proxy

Looking for a pre-installed GUI based Proxy for a while and found Artica recently. The feature is pretty attractive and GUI interface looks cool.

What is Artica?
"Artica Proxy is an appliance that claim to manage Squid-cache proxy with all features that Squid Cache provides.With the Artica Web interface you can monitor, manage get statistics of your proxy service.
Artica Proxy provides ISOs in order to build a full proxy appliance without any technical skills.
Artica Proxy allows to enable Web filtering engine with more than 30.000.000 categorized websites.

Other features included such as reverse-proxy, RDP proxy, VPN, DHCP, DNS..."
Here are some my experience on it.

1. Download Link:
 http://artica-proxy.com/telechargements/

There are ISO, ESXi, Hyperv, Xen versions to download.

Friday, May 12, 2017

Configure Netflow on network devices for PRTG Netflow Monitoring

Netflow is a feature first introduced into Cisco routers and switches and then flow concept has been widely accepted by other network product vendors. Basically the network devices which support xflow feature can collect IP traffic statistics on the interfaces where xFlow is enabled, and export those statistics as xFlow records to remote defined xFlow collector.

PRTG can use this NetFlow feature for detailed bandwidth usage monitoring and it also shows you:
  • where your bandwidth is used
  • who is using it
  • how it is being used
  • why it is being used
It lets you see which specific applications are being used and how the usage might affect your network. NetFlow monitoring is included in all PRTG Network Monitor licenses, which means no special license to enable this feature. It will be counted into your sensors license.

Monday, April 17, 2017

Check Point Firewall Memory Issue


During regular firewall health check , I found one Check Point firewall cluster has a abnormal virtual memory usage from System Counters - System History view.  The cluster is 5600 Security Appliance.

It looks the memory usage is going up significantly recently. There is no recent changes on hardware, software and configuration except normal firewall changes. I am afraid of Check Point gateway will freeze after this counter reached certain high number based on some SKs such as sk66482, sk110362,

sk35496 lists a bunch of methods how to detect memory leak. In my this specific case, the fix was simple, just installed a latest Jumbo Hotfix 205 for R77.30.

NetSec Youtube Videos