Today I had to lower scanned files size on FOrtigate 80C. In the past it was a matter of few clicks in the good old version 3 via management GUI but in version 4 I spent some 20 minutes digging its GUI high and low and then finally opened Command …

To continue the series I did this video of configuring users to manage IPS sensor - adding/deleting/resetting password/unlocking them. All the configs are being done on CLI. http://vimeo.com/29885102 Follow me on https://www.linkedin.com/in/yurislobodyanyuk/ not to miss what I publish on Linkedin …

Some great products get unfair treatment for unclear reasons. One such gear is Cisco IPS sensor 4200 appliance, that while doing its job doesn't get much attention, fame and even worse proper relation on Cisco.com documentation site. The documentation exists but scarce , examples of configuration - close to none, screenshots …

Here is a feature that will save you time and frustration in many possible scenarios - especially when managing Cisco routers in multi-user environment. Once enabled archiving saves periodically copy of the running configuration of IOS router to the flash or remote server. So next time something stops working after changes …

Today i am posting the video showing how to configure Dynamic Virtual Tunnel Interface (DVTI) on Cisco IOS router. DVTI for remote access has been available for a long time already and actually comes to gradually replace the old way of dynamic crypto maps, but as always people are hard …

User actions accountability is one of the building blocks of Non-repudiation in Security. In Checkpoint , nevertheless, the default (and widely used) user authentication for SSH and WEBGui sessions is local. Actually Checkpoint thought about that long ago and have been offering Radius authentication for users accessing the SecurePlatform and Gaia …

You never know where your router may end up . It may be RMA'ed without proper wiping the configuration first, it may be plain simple stolen. In any of these or other unfortunate cases the last thing you would want is for the attacker get passwords or other security information stored …

Today a colleague of mine asked if I had a ready-to-use template to schedule a reload of Cisco IOS router . - "Of course, piece of cake, there should be millions of hits on it in Google" , was my thought. So, after 30 minutes of searching the mighty Google and being surprised …

SNMP version 3 has been with us for so many years but so very few Checkpoint folks use it that I decided to do this screencast/video showing how to enable and use SNMP v3 in Checkpoint firewall. NOTE - the language of narration is Hebrew . http://vimeo.com/22473169 Follow …

Today I'll bring you two tips to secure SSH access to the Checkpoint firewall/Linux server beyond firewall rules itself. SSH access is the most powerful way to own the firewall so it should be secured to the paranoid level and even then it is never enough. Tip 1 Change …