Simple RSA Private/Public key is not enough to provide secure connection between Client and Server. How do we really know that the server we want connect to is actually correct server, not a bogus one ? Private Key might be stolen and somebody else can easily pretend the server. 3rd party Certificate Authority and Public Key Infrastructure…
There are two kinds of remote access which you may use in order to provide remote access for teleworkers in your company, namely IPSec and SSL. Both of them are reliable, secure and work very well but … there is always the catch. Based on one simple example of live, let me familiar you with advantages of…
Before OSPF will start to work seamlessly, one very important thing has to be accomplished, neighbor relationship namely. Every router in the network has to pass through a few stages of establishing relationships process, before network reach full convergence. What exactly happens behind the scene during establishing of relationship ?
If we can virtualize layer 2 with Vlans, maybe there is a solution that enables us to virtualize layer 3 on a router? If we could separate the traffic within the same interface and prevent particular flow in participating in choosen routing processes. In other words alike on ASA where we create contexts in order to split one single chassis…
One of the first things that you will have to configure on the new router is configuration of a service which is called NAT or to be more specified PAT in case if you got only one public IP address. This article explained what are public and private addresses and what is a difference between Network Address Translation and…
Usually administrators focus more on threats that may come on WAN interface than LAN, what is understandable, cause we trust people that we work with. But sometimes it may be deceptive, especially if we administrate the network in rapidly changing environment (flow of people) with features like BYOD (Bring Your Own device) with no entire…
Sometimes, especially if you are an administrator of let’s say not entirely trusted environment you may want to provide “level 0” security. This type of security is provided even before host obtains address from DHCP pool, because switch which discovers a hosts on particular interfaces firstly sends the question: “Who are you ?” forcing in this way authentication. The…
OSPF is definitely the most sophisticated internal routing protocol. There is a lot of things which distinguishes its from the other and one of them is complexity. It is very important to understand how works, how neighborhood is established, how OSPF packets flow in order to troubleshoot and debug its.
Access Control Lists are used not only to permit and deny traffic but for marking only interested traffic also. They may be used in cases like : NAT, Quality of service, policy routing, route filtering and VPN. Besides, there is a few kinds of ACLs depends on what traffic and where we are going to…
Nowadays companies go away of keeping entire IT infrastructure “on the spot”. It has many advantages like reduction of costs by hiring less IT engineers or buying less needed IT stuff (switches, routers servers etc) and no worries about IT problems hardware or software. In this article I’m going to look closer the Clouds from the end…
Provider that delivers any Cloud solutions is responsible for maintaining whole hardware infrastructure and depends on type of deployed service solutions for software also. This article will be devoted to Cloud models offered by Providers and which one of them is suitable for particular companies.
Fiber optic is the most reliable medium and it is out of question. But, can we do something in case when our network is growing up really fast, we have more and more sites to hook up, our infrastructure starts to suffer for lack of usable fibers and we have no additional place in the pipes to put another…
Even very well implemented servers farm within VMware vSphere will be working in limited scale and inefficiently if the network part won’t be deployed correctly. VMware in regard to networking provides many features, which are good to know and solutions like virtual Standard Switch and Distributed Switch. How to implement properly networking part, what are virtual switches,…
Widespread FTTx/GPON technology has become one of the most interesting variant for Internet Service Providers in case of delivery Internet with other services like Video or IP telephony. Easy to implement, doesn’t require active components on the path from ISP to the client and very robust. What else makes FTTx/Gpon solution so interesting, how does it…
The attack from inside is much easier to carrying out then from the outside through the Internet. But as yo will see, the attacker is not on the lose position and still have a lot of tools to make the admins life difficult. Let’s have a look on what kind of attacks may the intruder…