CatalystTech

The SonicWALL TZ190 network security appliance offers advanced features and Internet access backup all in one device. Designed for the small office security in mind, the TZ190 protects against worms, viruses, Trojans, spy-ware and malicious code. By enabling Deep Inspection you can be certain your organization will be protected against web, FTP, email and various other attack methods.

(continue reading… [on ConfigTool])

DEFCON 16 and Black Hat are security centric conferences recently held in Las Vegas where Aruba Networks provided the wireless infrastructure.  In a self descriptive FAQ of the environment to be expected (quoting from the FAQ site)

Q: Is there a free network at DEFCON?
A: Yes. It would be fair to describe the network as ‘hostile’. It has been described as ‘the worlds most hostile network’, but such descriptions are just attempts at flattery. It is recommended that if you want to connect to the DEFCON network pretend that you are sharing out your entire hard drive to 5,000 hackers. You may want to bring a ‘clean’ computer that you don’t mind being infected/hacked/etc…

In light of the environment Aruba reported some statistics:

(continue reading…)

This morning Aruba issued a press release announcing that it is the first wireless LAN supplier to be awarded a Common Criteria certificate for its Wi-Fi solutions.  Common Criteria – also known as ISO standard 15408 – addresses the protection of assets from unauthorized disclosure, modification, or loss of use arising from both intentional and unintentional causes.  High security users typically require a combination of Common Criteria certification, Federal Information Processing Standard (FIPS) 140-2 validation for cryptographic security, and compliance with Department of Defense (DoD) Directive 8100.2 security policies for wireless technologies. Aruba now satisfies all three criteria, allowing the company to meet a wide range of new domestic and international government, financial, and commercial applications.

(continue reading…)

With the new proliferation of Vista on desktops in the marketplace, some traditional practices like fixing firewall permissions can get hung up.  The easiest way to ensure that firewall permissions are correct is the AvayaFW.bat script.  The script checks the registry to see what programs are installed then writes the ports associated into the exceptions in the firewall.  On Windows XP, this batch file runs with a double click.  On Vista and Server 2008 the batch file requires elevation to run properly.  Right click on the AvayaFW.bat icon and choose ‘Run as Administrator…’.  This action will require administrator level access or password.

FIPS compliant solutions require certification of the hardware and software.  One portion of FIPS requires ability to handle AES 256 encryption. All Juniper SSG Firewalls handle this TAA/FIPS level encryption right out of the box, no additional licenes needed.  This, along with Junipers practices on the SSG line, make every SSG/ISG firewall FIPS compliant.

Picking the correct VPN solution can be a time consuming and frustrating task at times.   Below are the Firewall/VPN vendors that CatalystTelecom carries and what they have to offer.

(continue reading…)

Route based simple VPNs are simple 4 step process in the Juniper Firewalls.

1. Make a new tunnel interface under Interfaces -> New and make it unnumbered.
2. Configure Phase 1 under AutoKey Advanced -> Gateway and set up the basics of the tunnel.
3. Configure Phase 2 under AutoKey IKE set up the phase 2 and associate it with the tunnel interface.
4. Configure IP Route the network should be the network on the far end of the tunnel, the gateway should be the IP Address of the far end trust interface, and the Interface should be the tunnel interface.