F5 101 Application Delivery Fundamentals-Study Notes-OSI Layer

Explain, compare, and contrast the OSI layers http://www.tcpipguide.com/free/t_OSIReferenceModelLayers.htm  7 – Application Interacts with the user (FTP/HTTP/SMB/SSH/etc.) 6 – Presentation Converts information into data structures that are understandable by/useful to the system (XML/TLV/JSON) SSL/WEP/WPA 5 – Session Allows two endpoints to exchange data for a period of time. NetBIOS, TCP/IP Sockets, RPCs Not necessarily the length [...]

PCNSE Study Notes: Global Protect

Overview GlobalProtect: Solution to VPN Issues Extends NGFW to endpoints Deilvers full traffic visibility Simplifies Management Unifies policies Stops Advanced Threat Components Portal – Provides Management functions for GP; every client connecting to GP receives configuration information from the portal Gateways – Provide Security Enforcement for traffic External gateways provide security enforcement and VPN Access [...]

PCNSE Study Notes: Content-ID

Overview Scans traffic for/offers protection against/can do: Software Vulnerability exploits – detects attempts to exploit known software vulnerabilities Viruses – detects infected files crossing the firewall Spyware – detects spyware downloads and already infected system traffic Malicious URL’s – blocks URL’s known to be locations that host or assist any of the content scanned with [...]

PCNSE Study notes: App-ID

Application ID Overview An application is a specific program or feature who’s communication can be labeled, monitored and controlled App-ID does additional work beyond just port Port-based rules use ‘Service’ Application-based rules use ‘application’ Application rules will allow only the application traffic that is allowed (ex: FTP) and not other traffic using that port. Zero-day [...]

PCNSE Study Notes: Security Policies and NATs

Security Policy fundamental concepts All traffic must match a session and security policy (stateful firewall) Basics are a source and destination zone Granular includes Source/Dest Address, ports, application, URL Categories, Source user and HIP profiles. Sessions are established for bidirectional data flow. Policies > Security has the current security rules Columns on this page can [...]

PCNSE Study notes: Interface and Routing Configuratin

Security Zones and interfaces Security zones are used to group like-devices, user groups, locations or specific-use systems. In-band interfaces are traffic-passing ports, ex: ethernet1/1, 1/2, etc Each interface (or subinterface) can only be assigned to one zone A zone can have multiple physical or logical interfaces Traffic inside zones is allowed by default. Example: Trust [...]

PCNSE Study Notes: Platforms and Architecture

Here is the datasheet for the hardware platforms, has some good information to look over! https://www.paloaltonetworks.com/resources/datasheets/product-summary-specsheet Security Platform Overview Recon, Weaponize, Deliver, Exploitation, Installation, Command & Control, Act on Objective NGFW: Identifies and inspects all traffic Blocks known threats Sense unknown to cloud Extends to mobile and virtual networks Threat Intel Cloud: Gathers potential threats [...]

F5 LTM Troubleshooting- Things to check if Pool member is down

Check if the server is reachable from the F5 Load balancer [[email protected]:Active:Standalone] config # ping PING ( 56(84) bytes of data. 64 bytes from icmp_seq=1 ttl=255 time=3.83 ms 64 bytes from icmp_seq=2 ttl=255 time=2.88 ms ———————————————————— If you want to ping from particular vlan you can specify vlan name after –I [...]

IP address and Subnetting

IP ADDRESS & SUBNETTING Private IP addressing – Subnet Mask calculation – If the CIDR value is /25 then subnet mask will be – In binary – 11111111.11111111.11111111.10000000  (8+8+8+1 = 25) Same way if subnet mask is – the CIDR value will be /18 (8+8+2) Wild card calculation – Whatever the subnet mask [...]

What are the STP times?

 Hello Timer  Forward delay Timer  Max-age Timer   Hello Timer: How often switches send BPDU’s by default every 2 seconds Forward delay Timer: how much long a port must spend time in both learning and listening state. By default 15 seconds Max-age Timer: How long a switch will retain BPDU information from a neighbor switch [...]

Why we use Spanning Tree Protocol in the Switches?

 Broadcast Storms Duplicate Frame copies Unstable MAC Table   Broadcast Storms Without any loop removing mechanism, switches will flood broadcasts endlessly throughout the network. This is known as broadcast storm. Duplicate Frame copies A device could receive duplicate copies of same frame from different switches. It creates additional overhead on the network. Unstable MAC Table [...]

What are the link aggregation protocols in Cisco Switches, what are their modes required to bundle a link?

Dynamic Configuration Cisco switches support two dynamic aggregation protocols: PAgP (Port Aggregation Protocol) – Cisco proprietary aggregating protocol. LACP (Link Aggregation Control Protocol) – IEEE standardized aggregation protocol, originally defined in 802.3ad. PAgP and LACP are not compatible – both sides of an Etherchannel must use the same aggregation protocol. EthernChannel – PAgP It supports [...]