Tag archive: security

Zone Based Firewall in IOS, combines 2 concepts: Modular Policy Framework and well-known Zones from ASA firewalls. ZBF solution is more secure than ACLs, easier to implement and to troubleshoot. Rely on statefull filtering what is also well-known from ASA firewalls. Despite this, is not fresh solution, but still works out very well.  

By default Cisco router doesn’t provide any security regarding the access. You have to secure the router by yourself. In this article I’ll show how to do this for console and VTY lines .

Usually administrators focus more on threats that may come on WAN interface than LAN, what is understandable, cause we trust people that we work with. But sometimes it may be deceptive, especially if we administrate the network in rapidly changing environment (flow of people) with features like BYOD (Bring Your Own device) with no entire…

Access Control Lists are used not only to permit and deny traffic but for marking only interested traffic also. They may be used in cases like : NAT, Quality of service, policy routing, route filtering and VPN. Besides, there is a few kinds of ACLs depends on what traffic and where we are going to…

The attack from inside is much easier to carrying out then from the outside through the Internet. But as yo will see, the attacker is not on the lose position and still have a lot of tools to make the admins life difficult. Let’s have a look on what kind of attacks may the intruder…

The most of attacks on LAN are carrying out, surprisingly from inside (directly or via VPN). It means, that person who my be responsible for break-in may belong to the circle of trusted people or may use access to network resources thanks to one of trusted people.  Anyway, if you are network administrator the major rule…

The traffic control systems, besides a security function realize the following functions: traffic filtering, bandwidth limitation, collecting information about traffic characteristic. Each of mentioned device in the title, perform similar task but work in different way. Deployment one of them depends on network size, efficiency, utilized solutions (i.e remote access). They may work on different OSI layers and…

Menu