Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi, I am trying to determine the best way to configure a WAP4410N, with our ASA5505, so that the WAP will have 3 SSIDs. 1, "Wireless-Inside" will allow internal users to connect to the internal network, 2 "Guest-DMZ" will allow guests access to the internet and not the internal network, and 3 "TimeClock-DMZ", which will only allow our timeclock to connect over the internet to its web instance.

interface Ethernet0/7
 switchport access vlan 30
 switchport trunk allowed vlan 1,15,30
 switchport mode trunk
!

*Inside: This network has Static IP Addresses
interface Vlan1
       nameif inside
       security-level 100
       ip address 192.168.50.140 255.255.255.0
      !
      access-list Inside-to-any extended permit ip 192.168.50.0 255.255.255.0 any
      nat (inside) 2 192.168.50.0 255.255.255.0

interface Vlan15
       description Internal Wireless
       nameif Wireless-Inside
       security-level 100
       ip address 192.168.60.254 255.255.255.0
      !
        access-list Wireless-Inside_access_in extended permit ip 192.168.60.0 255.255.255.0 any
      access-list Wireless-Inside_access_in extended permit icmp 192.168.60.0 255.255.255.0 any
      nat (Wireless-Inside) 2 0.0.0.0 0.0.0.0
      access-group Wireless-Inside_access_in in interface Wireless-Inside
            
      dhcpd address 192.168.60.100-192.168.60.200 Wireless-Inside
      dhcpd dns 192.168.50.50 interface Wireless-Inside
      dhcpd enable Wireless-Inside

interface Vlan30
       description Guest
       no forward interface Vlan1
       nameif Guest-DMZ
       …
0
The Lifecycle Approach to Managing Security Policy
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Dear all,

I am an IT support for a small company consist of 5 users. I assigned a static IP address on each computer.
Around 3 weeks one of my colleague was not able to browse the connection or see the shared folder on the server until I changed his PC's IP address. This issue reoccurred again today on his PC and on another PC.
I have done a lot of troubleshooting and the last step was changing the IP address. After changing the IP address on two PCs they were able to browse the internet connection and see the shared drives.

I am wondering what is the magician with changing the IP address. Please assist me because I am looking for a solution to avoid keep changing the IP addresses form time to time.
0
Hey all - anyone familiar with the exact requirements to be DFARS 252.204-7012 compliant? Thanks!
0
Hi
I'm deploying sonicwall cert from a firewall to all my windows clients.
The certificate has been distributed by GPO.
I'm having a problem with java apps (idrack) which can't connect.
I've imported this to my java store but the same issue appeared.
Eventually I will need to distribute this to all my Win and Mac clients.
0
I have an account that is used by a contractor occasionally, and want to keep it deactivated, only to activate it as needed.  But I keep noticing it get activated without my permission.  I'd like to see if there's a way to notify me when certain accounts are activated in Active Directory.
0
I need to add one of our vendors IP's to our Sonicwall so they are not blocked.

How?
0
I need to update a bunch of catalyst switches from TLSv1.1 to TLSv1.2. Also need to disable older ciphers. Has anyone implemented this before?

Please share the steps as I can't seem to find anything documentation online for this.

Thank you.
0
HI
I'm just implementing a DPI inspection and I've download a key from my sonicwall firewall.
This cert. has been distributed to my PC over GPO.
How do I distribute the same cert to my MAC clients  ??
0
My Favorites for IE and Bookmarks for Chrome keep replicating/duplicating themselves to the tune of 24,000+. We are on Office 365. i've deleted them both in IE (on my laptop and on the site directly) and Chrome. but they keep coming back. I've even deleted the chrome bookmark file and started with a clean slate.
0
About a month ago I reset our KRBTGT account using this script from Technet:

https://gallery.technet.microsoft.com/Reset-the-krbtgt-account-581a9e51

Everything verified and succeeded. Every since then like clockwork every Saturday almost our entire AD of User Accounts gets locked out. Computer Accounts are unaffected. I have checked and found a ton of event ID 4771's with the Failure Code 0x18 and 0x12. This is reflected in their meanings documented below:

https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4771

They claim that pre-auth is failing and then causing the lockout. I've checked and a lot of our Kerberos tickets do expire on Saturday. In addition to the 4771's I also see a lot of 4768 events.

https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4768

I've tried rebooting all clients, though not servers, to flush the existing tickets but that hasn't helped. Neither has bouncing the DC's or Restarting the Ticket Granting service. I've even played with some powershell scripts to use klist to flush the tickets for all users. Though I haven't gotten them to work remotely.

Still this has been going on for over a month and I can't find anyone else having a similar issue. Resetting the KRBTGT account should NOT cause this to happen from everything I've read. We are at 2012 R2 Functional for our Forest and Domain level. When going up a level in the past we never had a similar issue. It was …
0
The Firewall Audit Checklist
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

The 3750G (v12) is issuing dhcp to a bunch of voip phones.

When I connect another segment into the switch (for a maintenance workstation), that segments DHCP server is in competition when a DHCP request comes in. Oddly enough it replies faster than the one on the switch which itself seems odd but that's yet another subject.

The question is how can I block DHCP activity both ways on a single port of this switch?
0
Hi I have a question when configuring Catalyst 4500.  I am trying to find the command, which needs tacacs first. and if tacacs is not available, it needs local? Anyone can help and show me? Thank you!
0
I currently have a SonicWALL TZ 200 configured with WAN connections on 2 interfaces. I recently purchased a HughesNET satellite connection and I want hook this up to the SonicWALL (And add it to the failover/load balancing). However, once I received the Modem from HughesNET (HT2000) I learned that it does not have a "Bridge" mode built into the router. I cannot disrupt my current Subnet (needs to stay the same). Does anyone know if there a way to configure the interface for the modem/router combo into the SonicWALL so it will work properly?

Thanks in advance.
0
Desktop:Windows 8
VPN connection: Forticlient 5.6 or Sonicwall Netextender 8.0 used to connect to office network
Telus internet connection
Browser: Chrome, Firefox
Situation:
1. Telus internet connection works fine.
2. Without VPN connection, Chrome and Firefox access internet is normal, .
3. With VPN connection, Chrome works fine, only Firefox is very, very slow.
4. I turned off Firefox proxy server setting, Firefox works fine about two days then slowly again
5. Computer found unnormal login script error message, seems has malware in it.

Question:
How to block firefox access internet through VPN connection before I find a way kill the malware.
0
I have a client that we support that just purchased a 10 person office across town and need them to connect to our office.  The 10 users will be connecting to our applications via remote desktop services (RDS server 2012 R2) at the main office.  I am looking for a router / firewall appliance that offers both site to site VPN and Client to site VPN.  My goal is to use a robust solution that offers support that I can easily setup and understand.  Some have recommended Sonicwall and Watchhguard, but their business strategy requires that I go through one of their partners - who may be in direct competition with what we do - provide IT support.  We simply want a solution that is under $1000 per appliance, easy to setup and logical and someone to help should we have questions.  We gave also looked at Barracuda networks as well.  But with any of these appliances, I need specific models to go with.

We will need the VPN for both the branch office we are connecting to as well as allow users from our current office to connect remotely from their homes.  So total # of VPN users could be 20 users.  Any guidance would be appreciated.
Don't get me wrong, I have 20 years IT experience and can configure most routers easily and have used Most in the past.  Just don't know the current offerings with subscription based / more robust VPN solutions.
0
The Sonicwall OS is 5.x. This is just the base router, no extra licenses for IPS, malware etc... I recently setup L2TP VPN for a couple users - using long and complex Pre-shared secret and each have a very long and complex password... I have been blocking obvious attempts from just IP addresses trying to access a webcam port using the info I found on how to do that - but blocking an IP address from WAN  - doesn't seem to affect efforts of a couple outsiders trying to access via L2TP - I see the failed messages from the different stages... but they keep trying - and added their IPs to my 'Blocked IPs' address object group has no effect.
I want to be able to deny them access to even try to authenticate and get them out of the logs - like blocking IP addresses.
Anyone savvy on the SonicWALL as to how to prevent attempted L2TP connections from undesired sources? Is there a way to create access rules to block from L2TP to ANY or LAN, we have the network on the X0 interface.
My understanding is there is a VPN access list on the SonicWALL - but it does not apply to L2TP.
Thank you!
0
I have been informed by Spamhaus that the IP address we use for corporate email has communicated with a known spam site and is either infected by, or NATing for, a computer that is infected by the S_Gozi trojan / downloader.

It states that the infection is extremely difficult to detect and is not seen by most commercial AV or EndPoint protection suites.

I have been told to program the Sonic-wall TZ215 to stop all traffic to sites outside the US.  We have never done this before.  Not sure how to setup the sonic-wall for that purpose.  I know this virus does not use the standard port 25 for smtp traffic it uses port 80 which i cannot block.  It is extremely difficult to find so i am trying to stop its connections at the firewall level to stop it communicating.  Any help would be greatly appreciated.
0
Good Morning,
I have a ShoreTel phone plugged into a Cisco 2960x and we use port security. Before I configure port-security for the end user I normally see 3 MAC addresses on the port, 1 for the PC & 2 for the phone. (1 associated to data VLAN, the other to Voice VLAN)
In this case I  do not see the phones MAC address associated to the voice VLAN.  When i configure port-security the phone shows a message of "No Service", once I remove port-security it works fine.

Has anyone seen this behavior? I am thinking it may be  a bad phone.
0
are any of you guys using Dyn Internet Guide for DNS filtering? i am trying to set it up but some forums mentioned i need to pay for a service before i can use the Dyn Internet Guide service
0
Become an IT Security Management Expert
Become an IT Security Management Expert

In today’s fast-paced, digitally transformed world of business, the need to protect network data and ensure cloud privacy has never been greater. With a B.S. in Network Operations and Security, you can get the credentials it takes to become an IT security management expert.

Hi All,

My company Scenario:

I have connected the branch office to main office using VPN.

Main office is running under domain environment and using a Watch guard as a firewall.
Branch office is running in a work group environment and using a Billion VPN Wi Fi router.

VPN has been set up between Watchguard Firewall (XTM26) and Billion Wifi Router (Bi Pac 8920nz)

VPN is working fine. I am able to take remote of all the computers located in to the branch office using "Microsoft Remote Desktop" from the main office.  

Problem:

I am not able to ping any of the branch office computers. I can ping branch office wifi router and network printer only. What could be the reason?
0
First timer here with a Sonicwall Soho wireless. I want to integrate it into a network where currently Verizon FIOS is providing Internet connectivity to one Server and three Windows 10 Pro workstations. Server is the only DC.

I'm almost certain the Verizon router's IP is dynamic, but will check when onsite.

I am thinking that the Sonicwall appliance should be set up physically where I run a CAT5 from the Verizon Router's LAN port to the WAN port on the Sonicwall, and then from the Sonicwall's LAN port to the switch.

Is this correct implementation? Any insight would be greatly appreciated.

Verizon Actiontech RouterMI424WR
Sonicwall SOhO Wireless-N
DellServer 2008 set up as DC
3 Windows 10 Workstations
0
Hi  all, please help me on this.
in the palo alto monitoring I see the ip is allowed by policy but the session end reason showing" tcp-rst-fromclient" means pls advice me this is the issue causing due to firewall denying or dropping traffic or issue on the client end.
0
hi all got an snmp alert received an hp spectrum which polls &  captures  snmp logs from all network devices within our network.a week earlier seen alert polled by hp spectrum showing management agent lost on Palo Alto passive firewall device ,no alert for active device but as verified the passive device status is up & able to reach all snmp poll servers but the alert still stays generally which will be cleared automatically as temp fix. verifying both the active passive snmp configurations observed no changes or different .can help what else need to be checked on these palo alto devices further which causing this alert.
0
I am looking to create an IP strategy for a hybrid environment (VMware on prem and Azure public integrated). I am wondering if anyone has best practice on best practices for IP strategy and more importantly on IPv6 implementation in Azure. Anything to watch out for with IP addressing, in particular IPv6.

Your help is appreciated.

Regards,
J
1
Our Solarwinds admin guy said he can't set up rules unless a sample event is sent to solarwinds.

We have about 70 events from an app : so far the apps team only could get someone to login/logoff
to simulate once such event but for the other 69 events, need to do reboot etc which they can't
unless there's downtime.

Attached is the full list of snmp events our apps team gave to me.

I'm wondering :

a) what exactly our solarwinds admin is expecting or hinders him from creating rules?  He's
    elusive & extremely busy (ie no time to show me)

b) are there free tools like snmpwalk etc which I could trigger sample events?

I'm sure Cisco devices & Windows events which are currently sent to the solarwinds will
go through the same process to be monitored but really doubt the network chaps will
send the 100+ Cisco event types to Solarwinds for them to be monitored.
SAA-Event-Distribution-Snmp.XLSX
0

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.