A VMware email come through about my VCP, 3 years it’s too short! No way i will let this expire. So what are the options?
Monthly Archives: July 2017
Uninstall Paloalto Traps Agent
You install the agent and can’t uninstall it now? By default the password for removal is Password1
Largest FREE Microsoft eBook Giveaway!
This giveaway includes: Windows 10, Office 365, Office 2016, Power BI, Azure, Windows 8.1, Office 2013, SharePoint 2016, SharePoint 2013, Dynamics CRM, PowerShell, Exchange Server, System Center, Cloud, SQL Server and more!
https://blogs.msdn.microsoft.com/mssmallbiz/2017/07/11/largest-free-microsoft-ebook-giveaway-im-giving-away-millions-of-free-microsoft-ebooks-again-including-windows-10-office-365-office-2016-power-bi-azure-windows-8-1-office-2013-sharepo/
Magic Quadrant for Enterprise Network Firewalls 2017
Cisco is climbing fast, Fortinet faster, PaloAlto still leading and filling their gaps in portfolio and Check Point released finally the R80 for gateways. I predict 4 Leaders next year, it will be a nice race to watch!
Full Report on Report Magic Quadrant for Enterprise Network Firewalls 2017
Some DNS Resources Compiled
Working a lot around Response Policy Zone (RPZ) these days, it’s better to start collecting some valuable tools, whitepapers, research, best practises, etc
DNS Servers
Name | Description |
---|---|
BIND | The most widely used DNS software on the Internet |
Bundy | Integrated authoritative DNS and DHCP server (the continuation of the BIND 10) |
Dnsmasq | A lightweight, easy to configure DNS forwarder and DHCP server |
Knot DNS | Knot DNS is a high-performance authoritative-only DNS server |
PowerDNS | A versatile nameserver which supports a large number of backends |
F5 REST API Resources
These are for me the best two resources if you want embrace Dev/Net/Sec Ops using F5 iControl
Just a sneak peak of what you can find:
- Mesos Marathon Container Integration
- Kubernetes Container Integration
- RedHat OpenShift Container Integration
- OpenStack Cloud Integration
- F5 Application Services Proxy
- Dockers
Really recommended
Realistic Traffic Generator
TRex is an open source, stateful traffic generator fuelled by DPDK. It generates L4-7 traffic based on pre-processing and smart replay of real traffic templates. TRex amplifies both client and server side traffic. Trex can can scale to 200Gb/sec with one UCS, but you can run it in any x86 hardware.
You can build your own VM running Fedora or Ubuntu, but Cisco cooked a OVA and Virtual Box image ready to go here
Cisco DEVNET has a corner for TREX too, check here
It’s time to load some devices, and compare with datasheets :)
TRex Current Stateful Feature sets
- DPDK 1/2.5/5/10/25/40/50/100Gbps interfaces support
- High scale of realistic traffic, up to 200-400Gb/sec with one Cisco UCS
- Latency/Jitter measurements
- Flow ordering checks
- NAT, PAT dynamic translation learning
TRex New Stateless Feature sets
- Crafting and generating stateless traffic streams
- Large scale – Supports up to 20 million packets per second (mpps)
- Multiple streams support
- Ability to change any field inside the packet (e.g. src_ip = 10.0.0.1-10.0.0.255)
- Continuous/Burst/Multi-burst support
- Interactive support – Console, GUI
- Per stream statistics, latency and Jitter
- Python API for automation
- Multi-user support
Spot Bad Traffic without decrypting it
How can we detect and mitigate a kill chain in encrypted traffic without breaking users privacy and same time with minimal false positives? Cisco Catalyst 9k is the newest platform with this capability which is called Encrypted Traffic Analysis (ETS). Machine Learning & metadata seems to be the right ingredients to make the wheel work.
Read here for more detail.