Network technologies and trends:

firewall


February 29, 2016  12:45 PM

Things to consider before introducing Palo Alto Firewall into routing domain- Series 2

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
ASA, BGP, Cisco, firewall, Network design, OSPF, Routing

In my previous post , I did mentioned Palo Alto Networks Firewall having issues in...

February 29, 2016  12:07 PM

How does Palo Alto Firewall identify an App?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
app, application, ASA, BGP, Cisco, firewall, HTTP, IP address, Network design, OSPF, Routing, Signatures, Technology

When it comes to identifying an application  Palo Alto Firewall is quite accurate and yield great results in either allowing or dropping the traffic based on security policy applied.  I believe App-ID is the strongest point of Palo Alto Firewalls and it makes them leaders in the Next Generation...


February 28, 2016  6:15 AM

Things to consider before introducing Palo Alto Firewall into routing domain- Series 1

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
ASA, BGP, Cisco, firewall, Gartner, Gartner Magic Quadrant, Network design, OSPF, Routing

When it comes to routing, most of us are quite comfortable in using dedicated routers in Enterprise networks.  Some time the Business need or the existing network design forces an Organisation to use a traditional firewall not only as a firewall but also as a router. Well this works well, if some...


February 26, 2016  4:28 PM

Palo Alto Firewall with PAN-OS 7.02 have issues with OSPF

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
firewall, OSPF, Palo Alto Networks, router

When it comes to Palo Alto Networks Firewall, we all know PAN-OS 6.x is a quite stable version, Palo Alto announced PAN-OS version 7 almost 8 months back,  but I see very few people are using this version of PAN-OS. Those who are considering  a migration from PAN-OS 6.x to PAN-OS 7.x  they...


February 24, 2016  12:55 PM

Using ECMP with Palo Alto Firewalls? Make sure you’re running PAN-OS 7

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
BGP, firewall, OSPF, Routing

When it comes to using Equal Cost Multipath in Palo Alto Firewalls, one needs to be very careful as this feature is not available in all PAN-OS versions by default.  Most of the Network Engineers assume ECMP is supported by default,  and they are shocked to discover ECMP is not working when they...


February 13, 2016  8:40 AM

How does Palo Alto Networks Firewall examines an UDP Packet to identify an application?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
application, Application firewalls, DNS, firewall, Next Generation Networking, Packets, Palo Alto Networks, UDP

In the below example, a single DNS query packet is trying to query  the domain www.yasirirfan.com. This packet contains all the information needed by a Palo Alto Network Firewalls to identify an app,  by inspecting the below UDP packet it can determine


February 11, 2016  8:14 PM

Cisco ASA Firewalls can be exploited by sending crafted UDP packets

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
Cisco, Cisco ASA, firewall, IPsec, IPsec VPN, LAN, UDP, vulnerabilities

Yesterday I received an email from Cisco Security Advisories about the critical vulnerability related IKE version 1 and IKE version 2 code of ASA Software which could empower an unauthenticated remote attacker to reload or even execute a code remotely on a affected ASA firewall.


February 8, 2016  1:04 PM

What is Palo Alto Networks App ID?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
application, DNS, firewall, Gartner, IPS

When it comes to treating an Application every vendor has a way of treating an App, most of the traditional firewalls treats Applications mostly on port numbers. For example traditional Firewalls treats DNS as port 53 application. And a rule  is configured in traditional firewall to allow port 53...


December 31, 2015  5:20 AM

What is Palo Alto Security Policy –  Intrazone rule ?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
Business, DMZ, firewall, Palo Alto Networks, Security policy

When comes to Palo Alto Networks Firewalls, they work on the concept of zones not the security levels. They are no different when compared to other leading Firewall vendors. While designing the Network one must focus on number of zones the business is looking for and what kind of scalability the...


September 19, 2015  4:43 PM

Palo Alto Networks Firewall Configuration Management Auditing

Yasir Irfan Yasir Irfan Profile: Yasir Irfan
Auditing, Configuration management, firewall, router, Troubleshooting

Palo Alto Network Firewall offers configuration-auditing feature, using this feature one can compare any two configuration files and see the difference. Palo Alto firewalls after comparing any two configuration files, highlights the differences using color coding schemes. Following color codes are...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: