Past Posts

Aruba Wireless LAN Training

I recently completed the Aruba Networks Partner technology training, and thought I’d post some of my notes here, which may be useful for others who also completed the course to refer back to, and for those who want to get a quick overview of the areas covered by the Aruba Mobility solutions. This [...]

November 19th, 2010 | Tags: , , , | Category: Networking, Wireless LAN | Comments are closed

Recovering from SecurePlatform Boot Failure

We recently assisted a client that had a failure with one of two Check Point SecurePlatform Security Gateway cluster nodes where after applying a license the machine failed to boot. The issue was that the machine sat at a “Loading” prompt after attempting to boot from CDROM (unsuccessfully), and then booted from C:. It [...]

June 30th, 2010 | Tags: , , , | Category: Firewalls, Security, Technology | One comment - (Comments are closed)

Vendor Support – a critical ingredient

Recently we had the misfortune of being involved in a system issue that required vendor support for a local integrator.

The integrator’s system, which provides security services to multiple customers of the integrator, became unstable during a routine change. While the system remained in operation with no immediate impact to customers utilising it, the [...]

May 26th, 2010 | Tags: , , | Category: Business, Security, Support, Technology | One comment - (Comments are closed)

Firewall rule base documentation and migration tools

I have recently worked on a number of projects where we needed to document and analyse a Firewall rule base for a customer.  Although much of this process can only really be done by hand (and in your head), ideally much of the hard work can be eliminated, either by using someone else’s (preferably public/open-source) tools or through the re-use of existing templates and scripts.  This not only saves time (and cost for the customer) it frees you up to perform more meaningful activities, like analysing potential security issues (rather than Excel issues).

I thought I’d share some of this experience here, and hopefully will save someone else a little time in the future too.

I should say that while ‘documentation’ is the primary goal here, the tools I mention here do far more than that, each in their own way.  In my case, documentation was the name of the game, as before you can take a pre-existing environment and improve on it, you need to know what you’re dealing with.  And in some cases a customer’s environment can be very difficult to come to grips with on the first pass, either because it was so poorly implemented in the past, or just because nobody bothered to write anything down.

Of course the end-game is about improvement – giving you the ability to migrate from a known (documented) state to a more secure, reliable and available future position.  So hopefully some of these tools will also help you along the way to achieving that.

Continue reading Firewall rule base documentation and migration tools

October 9th, 2009 | Tags: , , | Category: Firewalls, Security, Technology | 2 comments - (Comments are closed)
 
  Older Entries »