Secure IT

File Blocking Shootout – Palo Alto vs. Fortinet 2018-06-27 Fortinet ,  Palo Alto Networks ,  Password Data Leak Prevention ,  DLP ,  Encrypted ,  fail ,  File Blocking ,  FortiGate ,  Fortinet ,  Microsoft Office ,  Palo Alto Networks ,  Password ,  PDF ,  Protected ,  ZIP Johannes Weber We needed to configure the Internet-facing firewall for a customer  to block encrypted files  such as protected PDF, ZIP, or Microsoft Office documents. We tested it with two next-generation firewalls, namely Fortinet FortiGate and Palo Alto Networks. The experiences were quite different… TL;DR:  While Fortinet is able to block encrypted files, Palo Alto fails since it does not identify encrypted office documents! [ UPDATE : Palo Alto has fixed the main problem, see notes below.] Note that the Internet connection must be either unencrypted itself, i.e., HTTP or FTP, or some TLS inspection/MITM technique...

From MPLS to SD-WAN to SASE: An Evolution of Enterprise Networking The way we do business is changing. As critical business applications migrate to the cloud, and the mobile workforce continues to grow, networking and security solutions need to evolve in order to meet the changing business needs. Gartner believes (and we agree) that the future of networking lies with  SASE (Secure Access Service Edge)  – the convergence of networking and security into one cloud service. Here’s why. 1990s – 2000s: MPLS and the Era of Clear Network Boundaries? Back in the day, networking models were hardware-centric and manually configured. Applications, data, and services lived within private datacenters and relied on remote access solutions to connect remote workers. Dedicated network connectivity, known as MPLS, was the preferred approach for connecting remote locations. MPLS provides predictable performance, low latency and packet loss, and central management. However, MPLS is ...

Check Throughput of Interfaces - Palo Alto Networks NGFW Following command shows brief interface throughput. > show system statistics session To see the complete statistics, run the show system state browser command > show system state browser Press Shift+L and click on Ports To enable tracking and updates press Y and U To see additional ports, press space bar

Palo Alto Interview Questions and Answers – Part II Plao Alto Interview Questions and Answers This post is a continuation to one of our recent post where we discussed a few questions and answers on Palo Alto firewall. Here we are adding another set of Q&A based on our readers interest. Hope this will help you in improving your knowledge of the PA firewall. 1. How to publish internal website to internet. Or how to perform destination NAT ? To publish internal website to outside world, we would require destination NAT and policy configuration. NAT require converting internal private IP address in to external public IP address. Firewall policy need to enable access to internal server on http service from outside .We can see how to perform NAT and policy configuration with respect to following scenario Provide the access to 192.168.10.100 through the public IP address 64.10.11.10 from internet Following NAT and policy rules need to be created. NAT:...

Palo Alto Interview Questions and Answers – Part I Plao Alto Interview Questions and Answers Some of our readers had requested for a post with some of the common questions and answers for the Palo Alto Firewall, after reading our post on PA Firewall . Following are some of the questions normally asked for PA interview. Please use the comment section if you have any questions to add . 1. Why Palo Alto is being called as next generation firewall ? Ans: Next-generation firewalls include enterprise firewall capabilities, an intrusion prevention system (IPS) and application control features. Palo Alto Networks delivers all the next generation firewall features using the  single platform ,  parallel processing  and  single management systems , unlike other vendors who use different modules or multiple management systems to offer NGFW features. Palo Alto NGFW different from other venders in terms of Platform, Process and architecture 2....

I am share with Checkpoint Firewall Interview Question and Answer . These question generally ask in interview.  its also my personal experience. Checkpoint Firewall is award winner security firewall. Every Corporate organization used Checkpoint firewall for Internal Network security purpose. Security engineer must have to aware about Checkpoint firewall for growth in their career. I am sure that below Checkpoint Firewall Interview Question and Answer will help in Interview. What is Anti-Spoofing. Ans-  Anti-Spoofing is the feature of Checkpoint Firewall. which is protect from attacker who generate IP Packet with Fake or Spoof source address. Its determine that whether traffic is legitimate or not. If traffic is not legitimate then firewall block that traffic on interface of firewall. 2. What is Asymmetric Encryption. Ans – In Asymmetric Encryption there is two different key used for encrypt and decrypt to packet. Means that one key used for Encrypt p...