Two years ago I wrote regarding Dual Firewall DMZ design. While (I hope) it does well to illustrate how a DMZ can operate, admittedly its a clumsy design and not one I’d recommend. First and foremost, DMZ design has to meet the needs of implementation; there is no one-size-fits-all solution. That said, I want to […]
Basic Cisco 1800 Configuration
Despite being all but EOL the Cisco 1800 line has some extremely versatile little devices with a good price point, which explains why you’ll see a fair number of them still kicking around. Sure they don’t have all the bells and whistle of some other manufactures, but the Cisco 1800 (and now 1900) stays true […]
Deep Packet Inspection (DPI)
A powerful and controversial new world of network analysis exists by the name of Deep Packet Inspection (DPI). While the technology to achieve this level of visibility has existed for decades, its only now that the implementations have evolved to allow large amounts of data to be inspected in a real time on fairly modest […]
Dual Firewall DMZ
Creation of a DMZ allows you to place externally-facing services in an isolated security zone so that the internal network is not exposed to the outside world. Today we’ll take the textbook DMZ example one step further by sub-diving the DMZ into external and internal zones. Instead of a single firewall and DMZ switch we’ll […]