Category Archives: Network Security

Blogs about network security

VMware NSX Service Composer: Advanced Security & Micro-segmentation

Posted on March 16, 2015 by Humair

In a prior blog, Firewalling & Micro-segmentation with VMware NSX, I discussed some of the basics of firewalls and micro-segmentation with VMware NSX. In this blog, I’ll introduce how security groups via NSX Service Composer can be used with VMware … Continue reading →

Posted in Dell, Dell EqualLogic, Dell Force10, Dell PowerEdge Blade Servers, Dell PowerEdge Rack Servers, iSCSI, Labs, Network Architecture, Network Security, Networking, Security, Servers, Storage, Technology, Virtualization and Cloud Computing, VMware, VMware | Tagged advanced security, advanced security policies, container, converged network, DCB, Dell, Dell DCB iSCSI, Dell end-to-end converged infrastructure, Dell iSCSI, Dell MXL, Dell S4810, Dell S6000, Dell VMware NSX, Dell VMware NSX Architecture, Dell VMware NSX design, Dell VMware NSX Guide, Dell VMware NSX RA, Dell-VMware NSX Reference Architecture, dynamic membership, end-to-end converged infrastructure, ESXi, firewall, firewall rules, iSCSI, iSCSI converged network, logical switch, micro-segmentation, Micro-segmentation with VMware NSX, microsegmentation, microsegmentation with VMware NSX, MXL, NSX, NSX advanced security policies, NSX Distributed Firewall, NSX firewall, NSX firewall rules, NSX logical switch, NSX partners, NSX security group container, NSX Security Group dynamic membership, NSX Security Groups, NSX security policy, NSX service chaining, NSX Service Composer, NSX Service Composer advanced security policies, NSX Service Composer Canvas View, NSX Service Composer container, NSX Service Composer Security Group, NSX Service Composer security policy, NSX-V, Palo Alto, Palo Alto Networks, Palo Alto Panorama, Palo Alto's Panorama, Panorama, S4810, S6000, security, security group container, Security Group dynamic membership, Security Groups, security policy, service chaining, Service Composer, Service Composer advanced security policies, Service Composer Canvas View, Service Composer container, Service Composer Security Group, Service Composer security policy, symantec, virtual machines, vms, VMware achitecture, VMware design, VMware ESXi, VMware logical switch, VMware NSX, VMware NSX advanced security policies, VMware NSX architecture, VMware NSX design, VMware NSX Distributed Firewall, VMware NSX firewall rules, VMware NSX logical switch, VMware NSX partners, VMware NSX security group container, VMware NSX Security Group dynamic membership, VMware NSX Security Groups, VMware NSX security policy, VMware NSX service chaining, VMware NSX Service Composer, VMware NSX Service Composer advanced security policies, VMware NSX Service Composer Canvas View, VMware NSX Service Composer container, VMware NSX Service Composer Security Group, VMware NSX Service Composer security policy, VMware NSX-V, VMware NSX-v design, VMware NSX-vSphere design, VMware Security Groups, VMware Service Composer, VMware virtual machine, VMware VM, VMware vSphere, vSphere | Leave a comment

Security, Art of Hacking, & the Worst 2014 Security Breaches

Posted on March 1, 2015 by Humair

Security is hot; no doubt about it. Consider the fact that between 2011 and 2013, venture investors put nearly $3 billion into cyber security companies, resulting in new funding for some 300 firms (Source: Thomson Reuters). Worldwide security software revenue … Continue reading →

Posted in Business, Hacks, Labs, Linux, Network Architecture, Network Security, Networking, Operating Systems, Programming Languages, Python, Red Hat Linux Enterprise, Security, Technology, Technology, Tips, Tips & Tricks, Windows | Tagged backdoor, backdoor access, backdoor script, brute-force, cyber security, data breach, DOS, employee negligence, Experion, firewall, firewall misconfiguration, Gartner, Global Cybersecurity Spending, Goodwill industries, Goodwill Industries data breach, Goodwill industries security breach, hacked Linux, hacked pc, hacked target, hacker, hacking, Home Depot, Home Depot data breach, Home Depot security breach, host scanning, JP Morgan, JP Morgan data breach, JP Morgan security breach, linux, malicious code, malware, malware detection software, malware software, malware software detection, Michael Bruemmer, Michaels Data Breach, Michaels security breach, micro-segmentation, microsegmentation, negligence, Neiman Marcus data breach, Neiman Marcus security breach, network security, novice hackers, packet injection, perl, Point-of-sale, Point-of-sale system, Point-of-sale systems, Point-of-sales system, Point-of-sales systems, Ponemon Institute, POS, POS systems, proxy server, Python, Python client, Python hacking, Python hacks, Python server, RedHat, RedHat Linux, RedHat Linux Enterprise, security, security breach, security exploitation, security infrastructure, security perimeter, security software, sensitive information, social engineering, Sony, Sony data breach, Sony security breach, sophisticated hackers, spyware, spyware detection software, spyware software detection, SQL injection, Target, Target data breach, Target security breach, traffic sniffing, trojan, unpatched Windows, unpatched Windows flaw, vi, Visa, windows, Windows flaw | Leave a comment

Firewalling & Micro-segmentation with VMware NSX

Posted on December 8, 2014 by Humair

One very exciting and strong use case for VMware NSX is advanced security. VMware NSX has some inherent security features and also allows for 3rd party security appliance integration. In this blog, I’ll briefly discuss the firewalling and micro-segmentation capabilities … Continue reading →

Posted in Dell, Dell Force10, Labs, Network Architecture, Network Security, Networking, Virtualization and Cloud Computing, VMware | Tagged centralized firewall, Dell, Dell Networking, Dell Networking S4810, Dell Networking S4810 switch, Dell Networking S6000, Dell Networking S6000 switch, Dell S4810 switch, Dell S6000, Dell S6000 switch, Dell VMware NSX, DFW, DFW logging, distributed firewall, Distributed Firewall logging, east-west traffic, Edge Services Gateway, ESG, ESXi, ESXi hypervisor, firewall, firewall logging, firewall virtual appliance, firewall virtual appliances, micro-segmentation, Micro-segmentation with VMware NSX, microsegmentation, microsegmentation with VMware NSX, network segmentation, North-South traffic, NSX DFW, NSX DFW logging, NSX Distributed Firewall logging, NSX Edge Services Gateway, NSX ESG, NSX Security Groups, NSX-V, NSX-vSphere, One-Arm Firewall, perimeter-centric, perimeter-centric security, RBAC, Role Based Access Control, S4810 switch, S6000, S6000 switch, SDDC, security, security appliance, Security Groups, Security Tag, segmentation, Software Defined Data Center, traditional firewall, traffic tromboning, vCenter, VM Name, vmware, VMware DFW, VMware Distributed Firewall, VMware ESXi, VMware ESXi hypervisor, VMware NSX, VMware NSX DFW, VMware NSX DFW logging, VMware NSX Distributed Firewall, VMware NSX Distributed Firewall logging, VMware NSX Edge Services Gateway, VMware NSX ESG, VMware NSX firewall logging, VMware NSX-V, VMware NSX-vSphere, VMware vCenter | 4 Comments

Network Virtualization with Dell and VMware NSX [Video]

Posted on August 28, 2014 by Humair

Check out my latest Dell Networking video on Network Virtualization with Dell and VMware NSX. You can view it on the Dell VMware wiki site, the Dell YouTube channel, or see the video embedded below via direct link.

Posted in Dell, Dell EqualLogic, Dell Force10, iSCSI, Labs, Network Architecture, Network Security, Networking, Protocols, Storage, Technology, Virtualization and Cloud Computing, VMware, VMware | Tagged DCB, DCB capable storage, Dell, Dell EqualLogic, Dell EqualLogic DCB capable storage, Dell EqualLogic iSCSI storage, Dell EqualLogic PS 6110XS, Dell EqualLogic PS6110XS, Dell EqualLogic storage, Dell Force10, Dell MXL, Dell PowerEdge M1000e, Dell PowerEdge M620, Dell PowerEdge R620, Dell PowerEdge Servers, Dell S4810, Dell S6000, Dell VMware NSX, distributed firewall, distributed routing, distributed switching, DLR, EqualLogic, EqualLogic DCB capable storage, EqualLogic iSCSI storage, EqualLogic PS6110XS, ESXi, ESXi 5.5, ESXi hypervisor, firewall, Force10, Force10 Networks, hypervisor, iSCSI, iSCSI storage, L2 Bridge, L2 Gateway, Logical Network, Logical Networks, MXL, MXL Blade Switch, Network Virtualization, Network Virtualization with Dell Infrastructure and VMware NSX Reference Architecture, NSX, NSX Controller Cluster, NSX Distributed Logical Router, NSX DLR, NSX L2 Gateway, NSX Manager, NSX Perimeter Edge, NSX Services Edge, OSPF, S4810, S6000, SDN, software defined networking, vCenter, vCenter Virtual Appliance, VDS, virtual distributed switch, Virtual Network Identifier, virtualization, vmware, VMware ESXi, VMware NSX, VMware vCenter, VMware vSphere, VMware vSphere 5.5, VMware vSphere ESXi, VMware vSphere ESXi 5.5, VMware vSphere vCenter, VMware vSphere vCenter Virtual Appliance, VNI, vSphere, vSphere 5.5, vSphere vCenter, vSphere vCenter Virtual Appliance, VXLAN | Leave a comment

Changing the Root Password on Juniper JunOS Switches

Posted on January 26, 2014 by Humair

In this short blog, I show how to easily change the root password on Juniper JunOS [JunOS 11.1R6.4] switches. It’s important to note, on a switch reset to default configuration, you can easily log into the switch with just the … Continue reading →

Posted in Juniper, Labs, Network Security, Networking, Technology, Troubleshooting | Tagged 'root-authentication'error, 11.1R6.4, change root password, configuration check-out failed, EX4200, EX4200-48T, Juniper EX4200, Juniper EX4200-48T, Juniper JunOS, Juniper JunOS switch, JunOS, JunOS 11.1R6.4, Missing mandatory statement, missing statements, root password, set root password | 1 Comment

AAA Login Authentication on Dell Switches Running FTOS

Posted on December 31, 2013 by Humair

By default Dell switches running FTOS use local username/passwords for login authentication. This default behavior is assigned in the ‘default’ method list. To change the login authentication behavior, you can either modify the ‘default’ method list or create new method … Continue reading →

Posted in Dell, Dell Force10, Labs, Network Security, Networking, Protocols, Technology | Tagged AAA, Accounting, Authentication, Authentication Authorization and Accounting, Authorization, console terminal server, Cyclades, Cyclades console terminal server, Cyclades TS3000, Cyclades TS3000 terminal server, Dell, Dell AAA, Dell Force10, Dell Force10 AAA, Dell Force10 RADIUS, Dell Force10 TACACS+, Dell RADIUS, Dell TACACS+, Force10 RADIUS, Force10 TACACS+, FTOS, FTOS 8.3.3.8, FTOS AAA, FTOS RADIUS, FTOS security, FTOS TACACS+, login authentication, management switch, password, RADIUS, TACACS+, terminal server, TS3000, username | Leave a comment

Blocking Hackers From Accessing Your Switch via Telnet/SSH

Posted on October 21, 2012 by Humair

It’s amazing how much rattling at the doors and attempted intrusions companies become accustomed to seeing on their networks. Here I show a simple way to block telnet/SSH access to your switch. First, you should never use telnet to manage … Continue reading →

Posted in Dell Force10, Force10 Networks, Hacks, Labs, Network Security, Networking, Technology | Tagged access list, access lists, access-llists, block ssh, block telnet, block VTY access, Dell, Dell Force10, extended access list, extended access-lists, Force10 Networks, FTOS, hack, hacker, named access list, named access-lists, port 22, port 23, S0N, SSH, tcp, telnet, VTY, VTY access, VTY line, VTY lines | Leave a comment