How to build Cisco Embedded Automation System (EASy) for Remote Connections

Cisco Easy (Embedded Automation System) VPN is an IP Security (IPsec) virtual private network (VPN) solution supported by Cisco routers and security appliances. It greatly simplifies VPN deployment for remote offices and mobile workers. There are three components of the Cisco Easy VPN solution: Easy VPN Client, Easy VPN Remote, and Easy VPN Server.

Cisco Easy VPN supports quality of service (QoS) and multicast, but if there is a requirement to support dynamic routing protocols or direct spoke-to-spoke communications
Customers that need to deploy and manage large-scale site-to-site and remote-access VPNs should consider a Cisco Easy VPN solution because of its simplification of VPN management and configuration.

Read more >

How to request a Data Plane or Control Plane failover in the Juniper firewall SRX 5800

The data plane software manages flow processing, session state redundancy and processes transit traffic. All packets belonging to a particular session are processed on the same node to ensure that the same security treatment is applied to them. The system identifies the node on which a session is active and forwards its packets to that node for processing. (After a packet is processed, the Packet Forwarding Engine transmits the packet to the node on which its egress interface exists if that node is not the local one.)

Read more >

Cisco ASA packet flow for IPsec VPN

The interface that receives the packet is called the ingress interface (Inside) and the interface through which the packet exits is called the egress interface (Outside). When referring to the packet flow through any device, it can be easily simplified by looking at the task in terms of these two interfaces.

Read more >

How packet flows into Juniper SRX Firewall

SRX Firewall series Services Gateways are high-performance network security solutions for enterprises and service providers.
The SRX Firewall enforces security policy by processing the flow of packets through the device.
It is very important to understand how a packet flows into SRX firewall because it makes the troubleshooting process very easy:

Read more >

Basic configuration of Cisco Meraki MX Security & SD-WAN

Cisco Meraki MX Security & SD-WAN Appliance (MX64) is a 100% cloud-managed solution for Unified Threat Management (UTM) and SD-WAN in a single appliance. MX appliance is self-provision, automatically pulling policies and configuration settings from the cloud.
The MX appliance has a comprehensive suite of network services, eliminating the need for multiple appliances.
It has an application-aware feature, which means bandwidth policies for Layer 7 application types (e.g., block YouTube, prioritize Skype, ect..)

Read more >

How to enable LDAP server in the Palo Alto firewall

LDAP (Lightweight Directory Access Protocol) is an application protocol used to locate data related to organizations, individuals and other resources such as files and devices in a network — whether on the public internet or on a corporate intranet. LDAP is used in Microsoft’s Active Directory (AD).

Read more >

How to create a Security policy in Palo Alto firewall

Any traffic traversing the dataplane of the Palo Alto Networks firewall is matched against a security policy.
Security policies on the Palo Alto firewall are created by using various criteria such as zones, applications, IP addresses, ports, users and they can allow or deny traffic.

Read more >


Cisco IPsec VPN stands for Internet Protocol Security Virtual Private Network, and it uses tunneling to establish a private connection between two sites (e.g Headquarters and Branch).

IPSec VPN Tunnel is used to allow a secure transmission of data, voice and video with Advanced Encryption Standard.

Read more >