BOLL Konsolenkabel

Netzwerk & Security Administratoren kennen die Problematik. Um Zugriff auf eine serielle Konsole zu bekommen, benötigt es einen Adapter, da kaum mehr ein Notebook einen alten DB9 (DE-9) Anschluss hat. Kein Hersteller liefert aber ein USB Konsolenkabel direkt auf RJ45 Ports, welche heute bei praktisch allen Netzwerk & Security Devices der Standard sind.

Die nervigen Adapter und die teilweise mühsame Treiber Unterstützung hat uns bewogen, ein eigenes Boll Konsolen Kabel entwickeln zu lassen. Folgende Bilder illustrieren das schön:

Konsolen Access früher:

«BOLL Konsolenkabel» weiterlesen

PaloAlto EDL Hosting Service

If you want to configure rules for Saas services on the PaloAlto Firewall, you can do this using the App ID for the particular service, or you can use the IP addresses, Domains or URLs of the service in the policy.

However, since Saas services typically do not use only one IP address, domain or URL, and since these can change dynamically, it requires a dynamic list that is constantly updated automatically.

PaloAlto offers this service as «EDL hosting service». External Dynamic Lists (EDL) are dynamic lists that can contain a list of IP addresses, domains or URLs. These lists are periodically queried by the firewall and updated accordingly. These EDL lists can then be used in various policies. Due to the automatic update of the lists, they are always up to date. There is also no need to commit the configuration if the list changes.

«PaloAlto EDL Hosting Service» weiterlesen

FragAttack: Security Flaws in all Wi-Fi devices

In the last few days, more and more articles about vulnerabilities in the Wifi area have appeared. These FragAttacks (fragmentation and aggregation attacks) which is a collection of new security vulnerabilities affects Wi-Fi devices from different vendors.

heise.de: FragAttacks: Neue Angriffe gefährden nahezu alle WLAN-Geräte (German article)

There is a separate web page with more information about this attack:
https://www.fragattacks.com/

On this page we collect information from our vendors so that you can react accordingly and provide information to affected customers.

«FragAttack: Security Flaws in all Wi-Fi devices» weiterlesen

 803 total views,  3 views today

How to transfer a FortiGate configuration to a newer model

During the lifecycle of firewalls, they are often replaced with a newer model, but you would like to keep the configuration. In this case, there are several possibilities, which we present in this blog post:

1. FortiConverter Service
2. FortiConverter Tool
3. Partial Config Transfer
4. Full Config Transfer

Den deutschen Artikel dazu finden Sie hier: So übertragen Sie eine FortiGate Konfiguration auf ein neueres Modell

«How to transfer a FortiGate configuration to a newer model» weiterlesen

So übertragen Sie eine FortiGate Konfiguration auf ein neueres Modell

Im Laufe des Lebenszyklus von Firewalls werden diese oftmals ersetzt mit einem neueren Modell, die Konfiguration möchte man aber gerne übernehmen. Für diesen Fall gibt es verschiedene Möglichkeiten, die wir in diesem Blog Beitrag vorstellen:

1. FortiConverter Service
2. FortiConverter Tool
3. Partielle Konfigübernahme
4. Volle Konfigübernahme

English article can be found here: How to transfer a FortiGate configuration to a newer model

«So übertragen Sie eine FortiGate Konfiguration auf ein neueres Modell» weiterlesen

Netzwerk Subnettierung

Öfters sehen wir Fragen oder Probleme zur korrekten Subnettierung von Netzen. Mit dem folgenden Raster kann man schnell und einfach die richtige Anzahl Host oder die Subnetzmaske herausfinden.

Die erste Adresse des Subnetz nennt man Netzadresse. Diese kann nicht für Hosts verwendet werden (Bsp. 192.168.10.0 bei einem Subnetz von 255.255.255.0 oder /24)

Ebenso die letzte Adresse des Subnetz. Diese ist die Broadcast Adresse und steht Clients nicht zur Verfügung (Bsp. 192.168.10.255 bei einem Subnetz von 255.255.255.0 oder /24)

Die verbleibenden IP Adressen können von Hosts genutzt werden (Anzahl Hosts in der Tabelle, also 256-2= 254 bei einem Subnetz von 255.255.255.0 oder /24)

«Netzwerk Subnettierung» weiterlesen

Palo Alto Firewall Feature: Block Tor Exit nodes with an External Dynamic List (EDL)

With the possibility to include external lists from third parties via the feature «External Dynamic List EDL», this opens up many possibilities to restrict your own security policies even better and to prevent access to the TOR network.

In the following tutorial I will show you how to configure the list of TOR exit nodes, which can be found at https://check.torproject.org/torbulkexitlist as a list of IP addresses.

«Palo Alto Firewall Feature: Block Tor Exit nodes with an External Dynamic List (EDL)» weiterlesen

Performance Best Practices for Kaspersky Endpoint Security for Windows

Here you can find some recommendations how to configure protection in Kaspersky Endpoint Security for Windows and reduce the impact on the system. The original document written by Evgeniya Kirikova from Kasperksy can be downloaded here.

General recommendations

  1. Use the latest versions of Kaspersky Endpoint Security for Windows, as they contain the latest fixes and improvements, including performance related.
  2. We recommend you to use all protection components with default settings. They provide the optimal balance between protection level and performance recommended by our experts.
  3. Check KES for Windows policy and make sure that general performance settings are enabled (KES policy –> General –> Application settings):
«Performance Best Practices for Kaspersky Endpoint Security for Windows» weiterlesen

WatchGuard new Knowledge Base Articles November 2020

Each month WatchGuard publishes numerous new articles and known issues to the WatchGuard Knowledge Base. Here is the new content published in November:

Articles

Firebox Cloud supports accelerated networking in Azure

Known Issues

IKEv2 profile import fails on macOS Big Sur 11.0.1
DHCPv6 server restarts repeatedly when DHCP reservation exists
Hotspot custom logo does not load in Fireware v12.6.2
Cannot edit SD-WAN actions after you change the names of multiple external VLAN interfaces
Application Control category actions not applied correctly on 12.5.x Firebox fully managed by Management Server 12.6.x
Upgrading from Dimension 2.1.2 to Dimension 2.1.2 Update 4 fails due to lack of free disk space
Application Control category action changes to Drop after upgrade to Fireware v12.6.2
Interfaces with fixed link speeds change to 10 Mbps Half Duplex after upgrade from Fireware v12.5.4 to v12.6.2
Files load slowly through an HTTPS-proxy when content inspection is enabled with Application Control or IPS
AP125 and AP325 reboot after kernel panic message
Mobile VPN with SSL client not supported on Windows devices with ARM processors