Not much of a post but link to the Cisco site stating how much Netflow loads the Cisco routers: Netflow data sheet I, personally, do a lot of Netflow monitoring and can say that on unloaded routers , passing 2-5 mbits/sec of traffic, the additional load will be some 1-2 …
Not limited to CCIE Security Lab only, of course, here is the list of books I find really useful in preparing for the Lab . Amazon Listmania list Follow me on https://www.linkedin.com/in/yurislobodyanyuk/ not to miss what I publish on Linkedin, Github, blog, and more.
While the reason for me getting involved with this ASA 5510 module is of less interest (client was getting notification message " LogServer has recently stopped on InterScan for CSC SSM" , more about that at the end of the post) , the module itself looks cute , so I bring here some output …
Hi everyone, in this video I tell and show how to enable SCP file transfer in Checkpoint firewall. I am beta testing it at the present therefore a bit shy to present to the wide audience, but be sure to check later when this idea of my site goes public …
New Year present from Checkpoint - R75 Well, saying 'present' I was a bit sarcastic - just another release in the NGX family - R75 , that is now available for download: R75 release . So go ahead , install it , use it, enjoy its new features and bugs and report back to the mothership . Note …
Hello, fellow checkpoint-heads. I know you have been waiting for this for a long long time, and now it happens - Checkpoint announced that Check Point Certified Master Architect Certification lab can be taken at "convenience of your desktop" - that is Online. You don't need to ride your horses over the …
People ask me frequently what software I would recommend for Netflow analysis , especially with security implementations in mind. I made my choice a long ago and haven't been complaining so far - Nfsen graphical frontend that has Nfdump as its data processing backend . It provides most flexibility, configurability; its filter syntax …
This is a not critical but rather annoying bug in the Checkpoint Edge devices firmware 8.1.x preventing any host behind it to reach class A network 2.0.0.0/8 . If you notice this problem then it is most probably because recently the pool 2.16.0 …
Once upon a time I mentioned that blocking Facebook is easy as they have a uniform IP addresses pool . Since then they added more , here is the new and old pools: NetRange: 69.63.176.0 - 69.63.191.255 CIDR: 69.63.176.0/20 OriginAS: AS32934 NetName: TFBNET2 …
Nothing new here , just a round-up of the commands/configs I happen to need from time to time. Google probably has better references for that.I talk about Pf firewall used in FreeBSD, OpenBSD and Solaris systems. Enable and disable firewall: pfctl –e Enable packet filter real time pfctl –ef …