Security Rant: Phishing Prevention and Mitigation

I think there are 3 parts to phishing defense. 1. Investigation You have to gather statistics on the current state of the environment. Should the customer even invest in training or tools to prevent links from being clicked?  They won’t know until they run a campaign to find out how many users fall prey to … Continue Reading

JUNOS Space Security Director Rules

JUNOS Space 14.1 and Security Director 14.1 have been out for a few months now.  With this version, I can finally start recommending the widespread adoption.  I’ve actually started using it and started installing it for customers.  It’s finally usable and workable! Juniper’s documentation is usually one of the better vendors out there, but for some reason, the … Continue Reading

Password Protection #netsec

We all hate it when our companies make us change our passwords every 60 days.  But they do it for a reason!  It’s more secure! With all of the hoopla over the leaked celebrity scandalous pictures, I thought I’d revisit a topic that’s been covered to DEATH, but no one seems to really take the advice … Continue Reading

Know Your Environment #netsec

In one of my recent posts (5 Things Every Network Needs) I mentioned application/endpoint visibility.  Let’s look into this idea a bit further. When you are looking to implement security mechanisms in your network, you need to know what you’re securing.  Not just “what” you’re securing, but how it works, what it’s for, and where … Continue Reading

East to West Data Center Security? #netsec

I always recommend layered security. And East-to-West Data Center Security is no different!  However, security for the sake of security isn’t ever a good thing. So let’s take a look at East-to-West DC security. I’d also wholeheartily agree with intrusion prevention (IPS) and possibly application layer security on east-to-west data center traffic.  Hackers are breaching East-to-West … Continue Reading

5 Things Every Network Needs

Run a service provider network, enterprise, commercial, health, financial, or retail network?  Run any sort of network? Well then, here are 5 things your network NEEDS today! Redundancy Security Capacity Management Logging (SIEM) Application/Customer/Endpoint Visibility  Redundancy Have you ever owned a computer that didn’t blue screen or give you the spinning beach ball of death? … Continue Reading

DDoS Protection with NetFlow

DDoS Protection: The Problem with NetFlow

“Netflow collection.” This is what I kept hearing from DDoS providers when I asked how they monitored networks.  But there are a couple problems with utilizing NetFlow. Problem 1: Sampling Rates… I’ve very rarely seen a sampling rate of 1 on routers.  Cisco’s CRS shelves and ASR9ks as well as Juniper’s TX Matrix Plus and MX960s are certainly capable … Continue Reading

Layered Security on A Network Device

I recently co-authored a whitepaper discussing the layered network security approach typically implemented with PCI Compliance. This got me thinking about layered security in general. Data center security, network security, application security, physical security, and national security… One thing these entirely different security architectures have in common is the layered approach to securing critical assets. … Continue Reading

SSH to a New Cisco IOS-XR Device

If you have a Cisco device you’re wanting to get SSH access to, you can’t just SSH into the box right from the get go. There are a couple things to do first:  Add an IP Address to an Interface (from config mode)

Enable SSH (from config mode)

Create a DSA key (from … Continue Reading