Types of Firewalls

Firewalls are everywhere today even many home network have firewalls today. But there are several different types of firewalls. You have hardware, software firewalls, stateful, stateless firewalls, proxy, application, desktop, dual-homed, reverse, etc; 

Some of which are explained below:

How to configure a Cisco Layer 3 switch-InterVLAN Routing

Cisco Catalysts switches equipped with the Enhanced Multilayer Image (EMI) can work as Layer 3 devices with full routing capabilities. Example switch models that support layer 3 routing are the 3550, 3750, 3560 etc.

On a Layer3-capable switch, the port interfaces work as Layer 2 access ports by default, but you can also configure them as “Routed Ports” which act as normal router interfaces. That is, you can assign an IP address directly on the routed port. Moreover, you can configure also a Switch Vlan Interface (SVI) with the “interface vlan” command which acts as a virtual layer 3 interface on the Layer3 switch.

On this post I will describe a scenario with a Layer3 switch acting as “Inter Vlan Routing” device together with two Layer2 switches acting as closet access switches.

CheckPoint Having Acceleration and Clustering Software Blade

The Check Point Acceleration and Clustering Software Blade delivers a set of advanced technologies, SecureXL and ClusterXL, that work together to maximize performance and security in high-performance environments. These work with CoreXL, which is included with the blade containers, to form the foundation of the Open Performance Architecture, which delivers throughput designed for data center applications and the high levels of security needed to protect against today’s application-level threats.

How to Configure a Cisco ASA 5510 Firewall – Basic Configuration Tutorial

This article gets back to the basics regarding Cisco ASA firewalls. I’m offering you here a basic configuration tutorial for the Cisco ASA 5510 security appliance. This device is the second model in the ASA series (ASA 5505, 5510, 5520 etc) and is fairly popular since is intended for small to medium enterprises. Like the smallest ASA 5505 model, the 5510 comes with two license options: The Base license and the Security Plus license. The second one (security plus) provides some performance and hardware enhancements over the base license, such as 130,000 Maximum firewall connections (instead of 50,000), 100 Maximum VLANs (instead of 50), Failover Redundancy, etc. Also, the security plus license enables two of the five firewall network ports to work as 10/100/1000 instead of only 10/100.

Next we will see a simple Internet Access scenario which will help us to understand the basic steps needed to setup an ASA 5510. Assume that we are assigned a static public IP address 100.100.100.1 from our ISP. Also, the internal LAN network belongs to subnet 192.168.10.0/24. Interface Ethernet0/0 will be connected to the outside (towards the ISP), and Ethernet0/1 will be connected to the Inside LAN switch. 

Check Point : SecurePlatform (SPLAT) Backup Options Available.

One aspect of the Check Point SecurePlatform OS that I struggle to get my head around is backups. There are a few different options, and during the course of researching an upgrade I came across the best explanation I’ve seen yet.  I’ve decided to grab a copy of the relevant text and post it in my blog for future reference here.

Oversimplified Executive Summary

• upgrade_export contains just Check Point configuration
• A backup is an upgrade_export plus SPLAT OS configuration
• A snapshot is a backup plus binary files, both Check Point and SPLAT OS
• As a general rule of thumb, if your restoring on the same hardware a snapshot would be the easiest to use since it contains the most info and an upgrade_export would be the worst, since you’d have to manually restore the most stuff.

Checkpoint : Mount USB Memory Stick / Pen Drive to Splat

Ever wanted to use an USB stick on OpenServer using SPLAT or an appliance?

Just connect the device to an USB port of your choice.

1. Load the appropriate kernel module for handling the USB device.

* modprobe usb-storage

2. Check which new device was bound, for example "/dev/sda1".

* fdisk -l

3. Create a mount point.

* mkdir /mnt/usbdisk

4. Mount USB device.

* mount /dev/sdb1 /mnt/usbdisk

5. Use the device to transfer data as you like.   "[DATA Transafer]"

6. Unmount USB device.

* umount /mnt/usbdisk