RouteMyPacket's CyberSecurity Blog

The intentions of this blog are to provide myself with a means of documenting and sharing the various technology based solutions that I am working on or have worked on. It is my hope that taking the time to document my findings in this blog will help strengthen both my practical and soft skills on the various technologies and topics. Understanding the various technology offerings from the ground up, the "how" and "why" if you will of implementing that technology is extremely beneficial for those Engineers that fill a services or delivery role, as well as those that fill a Pre-Sales Engineering role. Some technologies I want to cover that I have come across or am currently working on are Internet Edge Security Solutions Cisco ASA and FTD Offerings Palo Alto Networks NGFW L2L VPN's SSL VPN's SSL Offloading and Decryption Endpoint Security Solutions (e.g. EPP and EDR) Cloud Access Security Brokers (CASB) Offerings ZBFW Solutions Client Identi...

I have a customer who has multiple remote sites that require Internet connectivity. The current solution is very hands on in that someone must re-IP devices as they are moved site to site. This was a perfect opportunity to introduce DMVPN to this customer. The proposed DMVPN Solution for remote site connectivity is a multi-facet DMVPN configuration that utilizes multiple ISP connections, VRF Lite, and Zone Based Firewall technologies.  It is always my goal when developing a design strategy for a customer to stick to the basics, to provide a solution that not only provides scalability but one that is manageable. I always point out a familiar line from an architecture design book: " Think of the 2:00AM test, if you were awakened in the middle of the night because of a network problem and had to figure out the traffic flows in your network while you were half asleep, could you do it? " So many Engineers fall into the pattern of designing and configuring networks...