Cisco VIRL allows administrators and network engineers to build network topologies rapidly and validate a variety of use cases on a virtual platform. Superb for change and even better when considering traditionally this used to require physical equipment or ‘guestimation’.…

Cisco Virtual Internet Routing Lab (VIRL) is a platform that allows administrators and developers the ability to test changes, new technology, or try new architectures in a safe lab environment. This is a fantastic tool for studying the CCIE. It…

VMware VCP5-DCV

Last week I passed my VMware VCP5-DCV exam. This posts looks to review and give my impression on the sought after certification. Exam Quality Within the standard Pearson Vue test environment, VMware deliver an exam that is of high quality,…

  I mused online recently about the team that Devin Akin is building over at AirTight. Hiring talent like Ryan Adzima and Andrew VonNagy is a great play on AirTight’s behalf. These are experts in their own right and alumni…

Here is the Juniper flavour of the FQDN access-list. The policy used references the dns-name and creates policy destination addresses accordingly. It is important, as noted in the optimisation and initial ASA FQDN configuration post, that you have a set…

My previous post focused on using access-lists that we based upon Fully Qualified Domain Names. This recently has posed a solution for some works that have been undertaken. Even though it might seem quite straight forward to implement – there…

A recent change came through which required a geo-spatial map data server from an isolated network to cache maps from various public entities. The geo-spatial database calls upon various websites.  The use of Bing, Google, government agencies, traffic management combine together…

I have covered a deal of topics across JUNOS but now it is time to look at switch traffic capturing. It is possible in IOS with some simple monitor commands and it is rather straight forward on JUNOS. Now, I…

Network virtualization allows an abstraction from a physical topology. It takes the notion of a logical network further. Abstraction allows segregation of the routing table and can be used in a flexible way. The ability now to define a security…

So what is DHCPv6 client mode and why can this help me? A while back Ivan Pepelnjak commented on the blog asking if the SRX had DHCPv6 client features such as IA_PD and IA_NA. Now as of version 12.1×45-D10 these…

The last couple of weeks I’ve spent some time dealing with a little adversary. The Cisco CCNP has been a want for a while and I started the quested and my pace did slow off. Well finally I made it…

I have managed to get the QEMU version of ASA running inside Ubuntu 12.04. Previously I have installed this on Windows and OSX. The trifecta will be complete with this post with the ASA running inside Ubuntu. Similar to the…

As per the previous blogs if you have followed from the start you will notice you have downloaded, installed, and configured your Juniper SRX to support IDP technologies. This is a great start. For most users the default templates defined…

As I march onwards to the CCIE written the need is apparent that you must understand every trick and caveat of a routing protocol. I have been reading up and working on RIP this weekend and amongst the funny situations…

Juniper’s SRX family offer the ability to perform much more than firewalls, access-lists, and NAT. As a part of their Unified Threat Management suite (UTM), Intrusion Detection and Prevention (IDP) is a vital part to a layered approach to security.…

A functional zone is a unique type of zone. The SRX family has only one type of functional zone applicable to it. The management zone is designed to have a physical interface allocated to it which allows true out-of-band management.…

I have a various number of devices in my lab. I constantly deploy them, rework them, and lab new things. Once up and operating I generally move off a console connection and move to SSH. Well sometimes there poses a…

  Ever need to make a firewall change or update a rule set but not had access to the device? An always on, cloud based software as a service solution has grown from the labs of OneConfig. Based on the premise of…

In a branch office you generally have workers who work standard business hours. These generally exist between the hours of 0700 and 1800 hours. Most branches have VOIP handsets or APs that run off PoE. These do not need to…