LATEST POSTS

December 14, 2019

Life in security has been one of sporadic accomplishment and constant humility.  As in, I can resolve most firewall related problems, but other times just completely (and shamefully) miss the mark.  Luckily, I work with some brilliant network security engineers who are there to help. 

It started out with a simple change inquiry from our netw...

September 24, 2019

https://sc1.checkpoint.com/sc/SolutionsStatics/sk110683/Example.png

11:00 P.M. Tuesday

I had 98% iPhone battery life left, but wanted to make sure it hit 100%.  I was on-call for the next 7 days - and it was only Day 1.  Seems ridiculous to think the phone's battery would die completely overnight, but I didn't want to take any chances.  I was primary on-cal...

February 17, 2019

There are times when the security professional no matter how much technical knowledge, certifications, college degrees, SAT scores, or job interview skills...has to rely on just instincts.  Has to rely on their own "qualitative analysis" - a term to know for the CISSP exam.

The other day at work we received a ticket from the project manager of a mediu...

November 20, 2018

This is the second canon of the ISC2 Code of Ethics:

"Act honorably, honestly, justly, responsibly, and legally." 

You can ask, "why should I follow these ethics?".  Well, you don't have to.  The only ethics you have to follow are your own.  However, your certification status is contingent on following the list of ethics.  These ethics just provide a genera...

November 6, 2018

Situation

There was an upcoming change to a BlueCoat ProxySG over a weekend swing shift ( Saturday 3pm - midnight).  All we had to do was upgrade from version 6.1.6.1 to version 6.2.16.7.  Currently, we had two BlueCoat devices, a primary and secondary.  These were used together to provide high-availability.  If the primary proxy where to stop functioning,...

August 16, 2018

Source: https://sc1.checkpoint.com/documents/R76/CP_R76_VPN_AdminGuide/13847.htm

The Situation

You can learn a lot about encryption,  hashing, and DH when configuring a site-to-site VPN. 

I was on a conference call where several other network security engineers, project managers, and networking teams were trying to bring up an existing site-to-site...

May 12, 2018

When there are network connectivity issues, the first thing to be blamed is the firewall.  

40% of my job is proving that the issue is not with the firewall.  The simplest of tasks is just showing the customer that traffic has ingressed and egressed successfully out of a dual or multi-homed firewall.  


We manage the firewalls of Customer A....

February 20, 2018

In a secure corporate environment, it is critical to have a strict change management process.  Large environments mean large changes.  Even if it is a really small change to a firewall, it could still affect the overall stability and access control of other interdepenencies.  Which is exactly what happened at work a few weeks back. 

This is...

January 24, 2018

It was just supposed to be a simple software upgrade.  

The requirement was that there is zero downtime.  

The client was supposed to be on the conference call to upgrade their Palo Alto firewall from version 7.0, to 7.1, to 8.0 for just 2 hours.  It turned into 18 hours.  

The Palo was in active/passive HA mode, and to make matters just...

Please reload

© 2013 Study Notes and Theory
Terms and Conditions/Privacy Policy

Proudly created to make you

a better security professional.