Improve company productivity with a Business Account.Sign Up


Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

Dear Experts

What is the difference between audit log enabling like setting up centralised logging like  Syslog server and  Networking monitoring enabling and setting up, does both serve the same purpose, can you please help me to understand this. what each of these does , is it recommend both to be enabled in two different servers please suggest
Managing Security & Risk at the Speed of Business
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

Good day-
I'm attemtping to forward port inbound requests on port 80 to internal port 16000 for viewing of a DVR camera system.  Can someone guide me over policy manager? I'm not understanding the kb from watchguard.

We have 30+ small office branches that connects to our Data Centre via WAN routers
& these WAN routers connect to a core switch in DC.  

Each branch has 2 flat Class C subnets : one for wired LAN & one to our corporate
Wifi LAN.   We don't expect more than 100 PCs/devices in each branch.  All devices
& PCs at each branch are connected to L2 switches (including the branch WAN router).

There are PCs & devices (Cashiers, cameras, small robots/automation, scanners and mini
databases) in the branches that run applications that do not need to communicate to
servers in the DC other than to AV EPO, SCCM patching, central encryption management
servers, HIPS (endpoint IPS) console & the likes  but backups are taken by NAS located at

However, there are some semi critical mini servers & databases which we deem ought to
be segregated from the rest of the organization to prevent DoS  though PCs for emails
& Internet access will need to go back to the DC.

What are among the best practices for such branches network traffic?
Hub & spoke design?   Layered security?  Micro-segmentation within each branch?

Do we treat each branch's network to be of lower, equal or higher trust levels than
DMZ, applications servers zone or backend servers zones (typical network trust

For traffic filtering / microsegmentation, is it best practice to configure
a) ACLs at each branches' WAN routers (as switches at branches are Layer 2 &
    at most …
I got a bunch of machines trying to access this IP( that looks very suspicious when doing a WHOIS. OpenDNS Umbrella blocks the traffic as malware but no other details are given.  I've ran extensive tests with different anti-spyware/antivirus solutions(safe mode and such) and was not able to find anything. In the last month or so there were at least 10 machines that tried to get to that IP address over port 443. Machines are either inside the network or just working in the field. Any suggestions on how else to tackle this problem would be appreciated.

When accessing our servers it states "my" account is locked out.  I ran Netwrix Account lockout examiner and it shows me locked out.    How do I find out exactly "why" or "what" is locking me out?

I have other accounts I can log on as to run the tests
We have set a global network setting in Excel 2016 using Group People Policy of:
Disable all Macros with notification

We want to allow Macros to run without notification just for some excel files on the network, can we set an exclusion rule on a network folder to allow this or something?

Any materials & inputs on Virtual Desktop Infrastructure (VDI) security is much appreciated?
We plan to use VDI for accessing systems of different criticality so how should it be securely
We have two clients in one building with one Internet connection at 75/20Mbps.
we would like to "limit" the bandwidth the second business uses, so we need to allocate maybe 5Mpbs to them.

We have a Sonicwall TZ100.

What do we need to do to accomplish this? hardware and configuration wise.
Hi we have a thousand of switches in the network. and Orion has been configured on each switches. Now we have a few of commands that need to be implemented on each of switches. How can we add these commands to each switches via Orion? Or you can send me a link for this issue. Thank you
We have a WatchGuard M300. We currently have an internet connection that is too small for our needs. Our issue is the upload speed is capped at 20Mbps. With the M300 can we add a second internet connection and have our internet traffic divided evenly between these two connections?
Improved Protection from Phishing Attacks
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

i am trying to setup the Internet default gateway on the new Internet circuit for testing. I have a current (A) and a new (B) Internet circuit. All of my traffic is currently going through A. I'd like to just have my laptop going though B. I have a Palo Alto FW and I have a DG pointed to Internet provider A. Any thoughts on how to setup the second DG pointed to provider B and only my laptop traffic. Thx
Hello Experts,

I am designing a internet edge firewall network.
Currently the customer has two Core 6500s connected with each other through Fiber Link and these switches are located in two seperate rooms which are 300 m away from each other.
The customer also have two internet connections from different providers, ISP1 is Room# 1 and ISP2 in Room# 2. There is no BGP running.

The customer is desiring to have high availability design where if primary firewall goes down then standby should take over. The same applies to internet connections.
These internet connections are mainly providing access to web servers from outside, S2S  and SSL Remote Access VPN
The web servers should be located in DMZ.

My concern is - How do I physically connect each device to provide redundancy ?
im changing roaming profiles to local, I'm trying to change the folder redirection path and it seems to be referencing the old path. New GPOs have been created.  what's weird Is if I log a new user onto the pc folder redirection works fine. creating a local account got a user that's already on the computer doesn't work

please assist
We have several locations. Each location has several DNS servers, all replicating to each other. In DNS we have several Conditional Forwarders. At all locations except one I can ping and RDP into any of the servers in the Conditional Forwarders list. However in one of the locations I am unable to ping to any of the Conditional Forwarder IPs. All locations are connected using a Watchguard firewall using a VPN. When I do a tracert from the location that is unable to get to any of the Conditional Forwarder locations, it goes to the local DNS server, then out to local ISP DNS server. I have been reading and searching for articles that might help however I am unable to find a solution.
I am in the process of upgrading Splunk Enterprise, I have backed up configuration information by copying the /etc folder. I have to backup the indexers database which can be doneby  copying the database folder after shutting down the indexer. How do I shut down the indexer - Splunk enterprise installed on windows 2008 R2?  Is there anything else I need to backup before proceeding with installation?
Hi All

This is not a question as such im looking for information ideas on how i can pass VLAN's across a ipsec VPN tunnel

Ive got 16 VLANS that is hosted at one site located a few hundred kilometers away from my secondary site and i want to be able to push the vlans from the main site to the secondary site and then be able to distriube those via a switch at the remote site

The sites currently will be connected via either Sonicwalls or WatchGuard UTM Appliances

Any help or suggestions on this would be greatly appreciated
Hello Experts,

I have got XTM 26 series watchguard Firewall in the company. We are now in the phase of upgrading internet bandwidth from 20 Mbps to 100 Mbps.  According to service provider, I have to setup firewall for traffic shaping but I am not sure watchguard support it or not?

Parameters to configure on firewall are; Shaping Rate, Shaping burst, Extended burst.

I do not want to go with other option of adding a router before the firewall, as it may stops all applications running in branch office.

Can anybody help me with?
I come across the following link

Custom Filter OR Servlet Filter or AccessDecisionVoter

Need to provide access to user after login to the pages or actions based on certain conditions (user is active or user expiration date is over or user doesn't have any orders) and looking for a custom spring security. In the above which one would be suitable in this case and need a good code snippet to achieve it.
I have a Cisco 3650 running 16.3.5b Lan base. I want do disable the login but prompt for the enable password with connecting via the console cable. I am using AAA for ssh access. The "no login local" command isn't an option.

aaa group server tacacs+ Clear_Pass
 server-private XXX.XXX.XXX.XXX timeout 3 key 7 PASSWORD
 ip vrf forwarding Mgmt-vrf
 ip tacacs source-interface Loopback1
aaa authentication login default group tacacs+ local enable
aaa authorization exec default if-authenticated
aaa authorization network default if-authenticated
aaa accounting exec default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+

username cisco privilege 15 password 7 CISCO

line con 0
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 privilege level 15
 logging synchronous
 transport input ssh
line vty 5 15
 privilege level 15
 logging synchronous
 transport input ssh
Increase Security & Decrease Risk with NSPM Tools
Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

Currently we have TMG as web proxy and websense as web filtering
We are going to replace TMG with Bluecoat SG Appliance.

Hence I need to know which design is considered as best in terms of secure and efficiency.

We have 1500 users.

Any help would be appreciated.
Hi experts,
The company’s implementing SecureTower DLP. Did anyone work with that? I’m trying to find any 3rd parties reviews.
Watchguard to Draytek site to site VPN - 2 tunnels required.

WG side has local IP of and this needs linking to the draytek which has 2 LAN and

I need a tunnel for both

Now i can set this up with one tunnel no issue. but cant see anywhere to add a second tunnel on the draytek end. Ive herd GRE might be the answer my question but havnt used this before.

How do i add a second tunnel. I have also tried a second VPN with the other tunnel but this causes both VPNs to alternate and not work correctly. any help or questions welcome
Hi Guys,

In many managed switches (HPE, DELL, CISCO) There's an option to bounce a port via a radius request (useful reauthenticating MAC based devices with very long re-auth timeouts like printers).

I'm implementing a NAC solution and all the switches are Junipers. I can't for the life of me find a way to bounce a port.. the only way I see is to disable and enable the port, both of which require a commit, and on a 3 member chassis, It's a long commit....

Any ideas? perhaps via SNMP or anything else?
i currently have a watchguard firebox with UTM and using vmware.
im currently upgrading the environment to the latest vmware and nsx.
is it recommended to eliminate the watchguard and ONLY use NSX?

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.