Keywords: firewall

Cisco ASA Firewall Cluster Member Replacement

So one of your firewalls in your highly available cluster died. It happens. It’s not your fault. But, you have to put humpty dumpty back together again. Do it the wrong way, and you can erase your configuration and bring the cluster down! Prepare for Success Backup current configuration:  Use the more system:running-config command b.      Certificates [...]

Check Point Firewall – Find Your Top 5 Rules Used on the CLI

An easy way to find out your top 5 used rules in R76 and above from the CLI (command-line interface) on your Check Point firewall is to type cpstat blades.  The command is not super intuitive, but it does produce results. [[email protected]:0]# cpstat blades |grep -A9 "Top Rule" Top Rule Hits ----------------------- |rule index|rule count| [...]

Juniper ScreenOS DNS Application Layer Gateway Madness

You have a custom application that performs DNS queries, but does not follow security best practices to at least randomize the source port of those queries. Business must go on, so you secure this connectivity via a site-to-site VPN. So, you need to make an exception to your Juniper ALG. By default, DNS traffic, running [...]