By now many in the network and security field will have heard about the announcement from Juniper. Juniper’s commentary about an internal code review identifying malicious code on their ScreenOS platform sparked a marked increase of hype on the Twittersphere.…
Cisco VIRL is a learning platform which allows you to run real devices. It is built on an OpenStack architecture that allows rapid deployment of instances of NX-OS, IOSv, IOS-XE ASA and vSRX. I am going to show you the…
The summit This week I spent time at the Juniper Ambassador Summit. This summit is designed for people who use, deploy and administrate Juniper environments. I was invited into this program last year and since has received a lot of…
Currently as some people are aware I am in between roles. Whilst there is a period of time before I start and receive my work phone I have reverted back to an old spare phone. We keep an old Nokia…
I thought I would recap on some of the key numbers my blog saw this year. This year was a huge year for Cisco Inferno. I broke new records consistently and traffic to my little blog has soared. The numbers…
Today I sat the JNCIS-SEC exam. I felt it was a fair exam and I am going break it down. It capped off a year of certifications for me as I have worked on transforming my knowledge and applying myself…
Today Juniper Networks announced the MetaFabric. MetaFabric is the next step and evolution in data centre architectures. There has been a vast amount of chatter, noise and FUD recently when it comes to flow programmability and overlay networking. What Juniper…
There comes a point in all deployments when an installation transitions from deployment to support. This involves handover documentation and for many people what this encapsulates varies. The importance of having comprehensive documentation on handover cannot be overstated. It should…
Management is such an interesting topic. There are many ways in approaching how to manage a device and the correct method to do so. By no means is this a comprehensive guide but should influence how you design the management…
Over the last decade we have seen the increased footprint of physical firewalls. Audits and compliance require traffic isolation, segregation, and application tiers to meet the check boxes. This has seen a vast sprawl of the data centre firewall. Such sprawl…
So you have the business requirements from a customer and have garnered the requirement information that will allow you yo formulate a high level design. What do you do now? How do you distill this information into something that will…
In a pre-sales environment or an enterprise that empowers its own staff, the translation of business and strategic objectives into technical solutions is paramount. These can be such aims as to isolate customers, enhance stability, reduce cost, attain or maintain…
As some readers may note I have been using Juniper’s SRX-110 for my home firewall for some time. It is a very cool piece of kit and an extremely flexible, dynamic, and feature rich. In June, Brad Woodberg and Rob…
Networking Function virtualization (NFV) is what most businesses perceive as some of the strongest benefits of “SDN”. The ability to orchestrate and manage virtual network functions saves vast amounts of time, money, and can eliminate lag in delivery to market.…
I was lucky enough to be award Junipers Fan of the Month award. I am the inaugural winner of this spotlight. I am very honoured. They asked me some questions that I thought some readers might be interested in. Once…
A metric of time measurement in Tolkien’s Lord of the Rings is a ‘Valarian Age’. A Valarian Age is made up of 100 Valarian years. A Valarian year in turn is 10 mortal year. In the land of Tolkien, ‘In…
I have covered a deal of topics across JUNOS but now it is time to look at switch traffic capturing. It is possible in IOS with some simple monitor commands and it is rather straight forward on JUNOS. Now, I…
So what is DHCPv6 client mode and why can this help me? A while back Ivan Pepelnjak commented on the blog asking if the SRX had DHCPv6 client features such as IA_PD and IA_NA. Now as of version 12.1×45-D10 these…
The last couple of weeks I’ve spent some time dealing with a little adversary. The Cisco CCNP has been a want for a while and I started the quested and my pace did slow off. Well finally I made it…
As per the previous blogs if you have followed from the start you will notice you have downloaded, installed, and configured your Juniper SRX to support IDP technologies. This is a great start. For most users the default templates defined…
The Juniper SRX110h-va has some delicious features. It has been the darling of quite a few posts and whilst I have some free time it will be part of a few more. This post is number two in a small…
Juniper’s SRX family offer the ability to perform much more than firewalls, access-lists, and NAT. As a part of their Unified Threat Management suite (UTM), Intrusion Detection and Prevention (IDP) is a vital part to a layered approach to security.…
Time to get into some access-list tips. I am going to make a management zone and want to control which protocols.First make the address book entry we will use to define our management hosts. set security zones security-zone trust address-book…
A functional zone is a unique type of zone. The SRX family has only one type of functional zone applicable to it. The management zone is designed to have a physical interface allocated to it which allows true out-of-band management.…
Ever need to make a firewall change or update a rule set but not had access to the device? An always on, cloud based software as a service solution has grown from the labs of OneConfig. Based on the premise of…