Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

We would like to do virtual patching for various CVEs that
were published early ie we can't wait for 1-3 months to
patch : ideally it's auto-deployed from the principal to
the device via Internet.

Is NIDS, HIPS (eg: Trendmicro's Deep Security) or WAF or
which product is most suited for virtual patching in terms of

a) lead time the vendor releases the signature/rules (the
    earlier the vendor releases it, the earlier we can deploy
    the mitigation)

b) the thoroughness the vendor/developer/principal tests
     the rules/signatures so as to minimize service disruption:
     had seen cases where the rules/signatures cause
     disruptions (eg: 'Repeated IIS Parameter'   and
     'Clickjacking' vulnerabilities)

c) we may not plan to do layered security ie not multiple
    devices of NIDS, HIPS plus WAF, but just  select one.
    So ideally the selected device could also do
    "Brute Force" (say 10 login attempts within 10 secs
     from same IP) & "Bad public source IP" blocking
0
The Lifecycle Approach to Managing Security Policy
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

We've just installed a new next-gen firewall and I need some assistance getting some communication between two of the interfaces.
It's a Watchguard T35 and we have our WAN on Eth0, LAN1 on Eth1, and LAN2 on Eth2.
Our WAN has a static IP, but we have /27 block of public IP's routed (at the ISP level) to our WAN for use by public facing servers.

I have that part of it working OK.  Servers connected to the LAN2 all have their static IP assignment and IP checks on the internet show the correct IPs.  This interface in the Watchguard is set as "Optional".

LAN1, is our private LAN and is set as "Trust".  Internet traffic and NAT/port forwarding is all working OK, but I cannot seem to get access to LAN2 from LAN1 devices.

I've created a firewall policy with "ANY" for the packet filtering and have set both 192.168.1.0/24 and 203.xx.xx.0/27 in both the To and From boxes.  The rule is set to allow and enabled.
But I cannot browse (using the IP or UNC name) or access any of the LAN2 resources from LAN1.  Nor can LAN2 access any of the LAN1 resources.

I'm new to Watchguard and thought I might ask here for any things I may have overlooked before lodging a support ticket with Watchguard support.
1
I am installing WatchGuard SSL Vpn software which is using Open VPN software and it has TAP network driver but I can't install it unattended. Does anybody know how to install OpenVPN un-attended including TAP-Windows adapter?
0
I have a watchguard M270, the customer has a hosted server they connect to via ipsec. What policy could I enable to allow the ipsec vpn outbound.
0
Hi Cisco switch has one command "switchport port-security mac-addrss xxx.xxx.xxx vlan access". My question is what is difference between with vlan access and without vlan access? and it mentions " vlan  set VLAN ID of the VLAN on which this address can be learned" is that meaning the mac address can be learn from this vlan anywhere? Thanks
0
I have a user who is using the Watchguard VPN client software. They have been using it on Windows 10 Pro (v 1709) for 6 months without issue. The UAC prompt suddenly started appearing this morning when they try to run the software. No updates for Windows or the software have been installed. I have 60 other users that are using it without this problem also. I am at a loss as to why this would suddenly start needing elevated privileges to run. Does anyone know why this would happen or how to fix it? I am not going to disable user account control or give them admin rights.
0
I have a customer who is wanting to ensure his staff can't take any data with them.  We can lock down USB devices (Thumb drives, Hard Drives, etc), but he's now concerned about them accessing things on the server and getting them off by using web mail clients (Yahoo, Gmail, Hotmail, AOL, etc) or file sharing sites (Dropbox, OneDrive, etc).  Short of blocking access to these sites (which would be a pain), is there any way to restrict their ability to steal his work?  And, if so, how difficult AND expensive would it be?

Failing that, is there some way of recording access so we can tell that John Doe accessed these 275 files today, and he was only supposed to be accessing 100 of them?

We're in a workgroup environment at the moment, switching to a Server 2016 AD domain.  All users are local admins on their workstations (Windows 7 and Windows 10).  A lot of the people in question will likely have to REMAIN local admins due to their software (AutoCAD, Quickbooks).

Please feel free to ask any questions for me to elaborate.
0
Dear Experts
We have hosted SugarCRM application on premise and for external users we have configured firewall that is hardware appliance fortigate 60C to function as SSL Web VPN where the users login to the firewall appliance portal and from here they access CRM application, they are able to login to the CRM through the  web VPN portal but the dashboard reports are not showing up, it shows blank dashboard but when we access directly to the CRM application we are able to see the dash board reports, please help me understand to where things are going wrong and how to fix it please.
0
I had this question after viewing Watchguard Firewall xFlow Configuration.
0
Can someone tell if this connection is normal?  for some reason I have several computers that has about 1000+ connection to microsoft.com.edgesuit.net.    Please see attached file.  - thank you
0
Turn Raw Data into a Real Career
Turn Raw Data into a Real Career

There’s a growing demand for qualified analysts who can make sense of Big Data. With an MS in Data Analytics, you can become the data mining, management, mapping, and munging expert that today’s leading corporations desperately need.

Hi, I'm looking for some advise on Cisco switch security. I have a switch which i require to sit in front of my firewall on the WAN side. I would like to be able to manage this switch via SSH and it has a separate management port. If i create a flat vlan with no ip address for all normal switch ports and assign only an IP address to the Management port and attach this to my internal LAN ( by passing my firewall ) would this be secure ? is there a better way to provide management to a switch exposed to the internet while maintaining security ?
0
Customer has a watchguard T10 firebox firewall for a pos system.  The POS server connects directly to the trusted network port. no other computers connect to that network.  

Customer wants to setup an access point for wifi.  The watchguard has a 3rd port.  I want to activate it as a second network and allow wireless devices to access the internet.  

The watchguard firewall does not have built in wifi.  We purchased an access point that we plan to connect to the 3rd port.

This is a restaurant, there are no office pc's or network printers.

Need suggestions on policy's, the device has contenfilter subscriptions.  I want to enforce them on the 3rd port too if possible.
0
How to block RFC 1918 and create object-groups and use that object-groups to block any udp traffic inbound to the external interface on a WatchGuard Firebox (M200)?
0
I have a computer on our domain that is sharing a folder and a printer.  Just within the past couple days, access to any shares on this computer has stopped.  I have double checked the shares are still active.  I can get to the shares from that computer itself via unc.  No other machine can access the shares though and remote desktop connection is not working either.  I also rejoined the machine to the domain and turned the firewall off.  Any other suggestions?
0
I have recently joined a company where the juniper SRX 3400 already bought but not installed.   Now I want to implement this in HA mode as a replacement of SonicWALL 4400.  Please help me, step by step to implement same. For your kind information I very new to Juniper so I need details knowledge in same.

Waiting for the good answer.
0
We have a Watchguard M200 firewall that we would like to limit inbound/outbound bandwidth to 20Mbps on our External (WAN) interface. Our ISP allows for 40Mbps total bandwidth. I've gone into Traffic Management and changed the interface to limit bandwidth to 20Mbps but this only seems to apply to upstream outbound traffic. Inbound traffic is still coming in at the fulll 40Mbps. Is it possible to also limit inbound traffic to 20Mbps?

Thank you
0
I'm working with a customer who has a camera system and it's configured for remote viewing. Unfortunately, this is causing the customer (a retail store) to fail their PCI compliance scan due to open ports.

My suggestion was to purchase a second static IP from their WAN vendor (Verizon FiOS) and use 2 routers: one for their POS system (an existing SonicWall) and a new router for their WiFi and camera access. So the system would look like this:

Verizon FiOS ONT Box
|
HP 1810-8g Switch
|
|--------------|
SonicWall Netgear

The problem is that when I connect the SonicWall through the HP switch, the WAN port won't connect. When I set a laptop to the same static IP and plug in it to the same switch port on the HP, it connects fine and is able to pass data. As soon as I connect the SonicWall directly to the FiOS ONT, it works fine.

Here are a few more specifics:

SonicWall MTU: 1492
HP MTU: Default (1500?)
HP Switch: No VLANs set; LLDP disabled; jumbo frames off; port mirroring off; flow control off; green features off; loop protection off; advanced security off; no trunks configured; management port set to Port 8 on an unused subnet

Any help would be great. Thanks.
0
Hi,

Can you please advise why IP of server is changing like

C:\Users\Administrator>ping 113.255.213.114
Pinging 113.255.213.114 with 32 bytes of data:
Reply from 113.255.218.217: Destination host unreachable.
Reply from 113.255.218.217: Destination host unreachable.

Open in new window

0
Active Directory: Customize the Password must meet complexity requirements. Is there a way to enforce 4-4  categories? or how to specifically enforce the Non-Alphabetic characters?

Contain characters from three of the following four categories:
English uppercase characters (A through Z)
English lowercase characters (a through z)
Base 10 digits (0 through 9)
Non-alphabetic characters (for example, !, $, #, %)
Complexity requirements are enforced when passwords are changed or created.

We are trying to enhance our password security and would to be able to enforce the special character.
We know there is third party software that allows this but like to know if there is a way to do it on Windows server 2012?
0
CompTIA Security+
LVL 12
CompTIA Security+

Learn the essential functions of CompTIA Security+, which establishes the core knowledge required of any cybersecurity role and leads professionals into intermediate-level cybersecurity jobs.

Hi Experts,

I am looking for a two-way authentication procedure in the attempt to protect one of our public facing website.

I would like to implement some type of two way authentication to add an additional layer of protect.


I am thing of the end users getting an email notification or some type of verification method.

Any thought or recommendations?

Thank you
0
Hi,
We have two SRX series firewalls (100H) in an HA configuration running software version 11.4.R7.5; I Need to allow stunnel through from a specific IP (external) and port through to a specific local machine and port on our internal LAN, and I can't find any information on how to do this - I'm not that familiar with Juniper firewalls, so am unsure of what to do;
Please help!
Thank you
Robin human
0
I am having an issue accessing a secure ftp web site from a network.  The network uses a watchguard xtm 25 appliance and then runs Server 2008 R2 as the network server.  The workstations are all Windows 7 Pro.

The URL is https://oebsftp.ontarioenergyboard.ca.  This should bring me to a log in page, but instead the following message

The message from IE 11 is as follows:

This page can’t be displayed


Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://oebsftp.ontarioenergyboard.ca  again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered secure. Please contact your site administrator.

Fire fox give the following:
Secure Connection Failed

The connection to oebsftp.ontarioenergyboard.ca was interrupted while the page was loading.

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.
Often the Ontario energy board upload sites are designed for IE only.

I do not see anything in the Watchguard appliance but may be overlooking something.

The server uses SEP 14.0 for both anti-virus and Firewall

As a separate issue, email using Outlook 2013 cannot use ssl either
0
How do I use a Baracuda web filter to block YouTube
0
I got a bunch of machines trying to access this IP(208.91.197.27) that looks very suspicious when doing a WHOIS. OpenDNS Umbrella blocks the traffic as malware but no other details are given.  I've ran extensive tests with different anti-spyware/antivirus solutions(safe mode and such) and was not able to find anything. In the last month or so there were at least 10 machines that tried to get to that IP address over port 443. Machines are either inside the network or just working in the field. Any suggestions on how else to tackle this problem would be appreciated.

Thanks!
0
Hi we have a thousand of switches in the network. and Orion has been configured on each switches. Now we have a few of commands that need to be implemented on each of switches. How can we add these commands to each switches via Orion? Or you can send me a link for this issue. Thank you
0

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.