Where Do I Start With SASE Evaluations?

Gartner® Report: Where Do I Start With SASE Evaluations?

Where to start with SASE

Secure access service edge (SASE) is revolutionizing the way organizations manage their network and security infrastructure. By converging security and WAN edge technologies, SASE offers a unified, streamlined approach to network and security management. But where do organizations start in evaluating SASE vendors?

This Gartner report provides security and risk management leaders with the essential steps to begin their SASE evaluations. Whether you're considering SD-WAN, SSE, single-vendor SASE, or managed SASE solutions, this resource will help you prioritize your requirements and shortlist the right vendors.

Download this report now to learn:

• The importance of establishing a long-term SASE strategy before considering vendors
• The importance of automation and orchestration for cyber resilience
• How to evaluate vendors based on your organization's specific needs
• The key differences between SASE implementation options: SD-WAN, SSE, single-vendor, and managed SASE

 Visit Cisco Official Page

Explore SASE

Read More

The Ping Utility - Basics

PING BASICS

What Is a Ping ?

A ping, according to the dictionary, is a sharp, high-pitched, and somewhat musical tone. You might associate it with the sound you hear when you tap a spoon against a crystal glass.

But in the IT world, it has a very different meaning……

In a Simple language – A ping is a Command Prompt command that can be used to test a connection between one computer and another. Think of it in terms of sonar on a submarine. You’ve probably seen in the movies when the “ping” in the background as an audible signal is sent out to check a sub’s surroundings. When the ping strikes a nearby object, it will echo back. Operators can determine an object’s distance by the length of time it takes to return the echo.

Ping stands for - Packet InterNet Groper.

Ping (Packet Internet Groper) is a method for determining communication latency between two devices/networks. Simply put, ping is a method of determining latency or the amount of time it takes for data to travel between two devices or across a network. As communication latency decreases, communication effectiveness improves.

A low ping time is critical in situations where the timely delivery of data is more important than the quantity and quality of the desired information.

Relating ping with a real-world example :

1- Let’s say two people are 100 meters apart and first one greets other. The first person’s greeting takes one second to reach second person, who is 100 meters away. The second person then responds to greeting of first person, which takes one second to reach the first person standing there. We can deduce from this that both of people standing there are getting a 1-second ping with a total latency of 2 seconds.

2-  Let’s say you have wireless security cameras in your home that allow you to see the exact real-time frame of your home from anywhere in the world. However, main issue here is latency, because if the ping is very high, viewer will see robbery in his or her phone after some time, causing problems. As a result, prompt feedback is essential; any lag or delay is unacceptable.

It’s also worth noticing that the speed of the internet connection you’re using to connect two networks has no bearing on ping. If you’re streaming a game on YouTube, for example, you’ll want the latency to be as low as possible so that viewers can watch in real-time.

As a result, we can define ping as a type of protocol that is used to determine a computer system’s latency and network strength.

The ping command in Windows :

To use the ping command in Windows, access the command prompt. On the command prompt, type "ping" and specify the IP address, hostname, or URL of the remote system and press the Enter key.

For example, to test whether Google is up and accessible from the local Windows system, use the following command.

ping www.google.com

To view all options that the ping command supports in Windows, use the following command.

ping /?

The ping command in Linux :

To use the ping command in Linux, access the shell prompt, and use the following syntax.

$ ping [IP address, hostname, or URL of the remote system]

For example, to ping www.google.com, use the following command.

$ ping www.google.com

The ping command in Linux sends

messages continuously. To stop the ping command from sending more messages,

press the ctrl+c keys.

To view a complete list of allsupported options, use the following command.

$ ping --help

Why Would I Use Ping ?

Pings are useful for a variety of reasons, including troubleshooting connectivity, devices, and networks.

 Troubleshooting Connectivity:-

Most commonly, it’s used to verify the connection between two machines. You might use ping to test a network printer or copier connection to determine whether a device is offline or to verify you can connect to a router. If you’re having trouble with an application hosted over a network on a server, one of the first things you want to do is check the connection using a series of ping commands to help you narrow down the problem. If a ping comes back with fast response times, your connection is good so the problem likely lies with the server or application.

 Troubleshooting Networking Issues:-

Almost any network-connected device will respond to a ping which makes it incredibly valuable to check networking connections. Ping can be used to test routers or servers for throughput and speed. You can also ping across a range of addresses to find each attached device in a particular range. You can test computer names and addresses of computers. When you can ping an IP address, but not a computer name, there’s likely a name resolution issue.

If a ping comes back showing a successful connection but has long response times, you’re likely facing a routing, congestion, or networking issue.

A ping command can be run manually or automated as a scheduled task for monitor network reliability. When a ping fails, there’s a problem

Proper Ping Syntax

The order in which you use these switches is important. Here’s is the proper syntax to use:

ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r count] [-s count] [-w timeout] [-R] [-S srcaddr] [-p] [-4] [-6] target [/?]

 

 

 

Read More

Cisco Packet Tracer

Cisco Packet Tracer

Practice networking, IoT, and cybersecurity skills virtually with Cisco Packet Tracer, Cisco’s powerful simulation and visualization tool. 

Cisco Packet Tracer is an exciting network design, simulation, and modelling tool that can be used to help support preparation for many certification exams, particularly for CCNA. Packet Tracer is available free of charge to all Cisco Networking Academy instructors, students, and alumni.

Getting Started with Cisco Packet Tracer - click here to visit official cisco website 

Read More

Cisco Umbrella

Simplify, streamline, and scale your security with Cisco Umbrella

    Cisco Umbrella offers flexible, cloud-delivered security. It combines multiple security functions into one solution, so you can extend data protection to devices, remote users, and distributed locations anywhere. Umbrella is the easiest way to effectively protect your users everywhere in minutes...... 

click here

Source :- www.cisco.com

Get to know the new Cisco Umbrella

    As a leading provider of recursive DNS services, we’ve helped businesses of all sizes and industries connect to the internet with confidence. We’ve built a reputation on easy deployment and powerful protection anywhere users work.
    To help organizations embrace direct internet access, in addition to DNS-layer security and interactive threat intelligence, Cisco Umbrella now includes secure web gateway, firewall, and cloud access security broker (CASB) functionality, plus integration with Cisco SD-WAN, delivered from a single cloud security service......

click here

Source :- www.cisco.com

Read More

VXLAN

 

Introduction: VXLAN

    Now a days the concept of network overlays is used and in network overlays people have gained interest in the past few years because of their potential to address some of the requirements which are beneficial for the enterprise networks. The network overlays are the different virtual networks of interconnected nodes that enable applications to be deployed without having to change any of the underlying networks.

                With time, there are lot of new encapsulation frame formats purpose-built for the data center, including Virtual Extensible LAN (VXLAN), Location/Identifier Separation Protocol (LISP). So, as we go through this post you will come to know some of the overlay transport protocols and they are.

• VXLAN: Virtual Extensible LAN
•  LISP: Locator/Identifier Separation Protocol

          Virtual Extensible LAN (VXLAN) and Location/Identifier Separation Protocol (LISP) are two new encapsulation frame types designed specifically for data centers.

 

What is VXLAN?

VXLAN is an extension to the Layer 2 VLAN. It was designed to provide the same VLAN functionality with greater extensibility and flexibility. VXLAN is an overlay encapsulation technology (network overlay and tunnelling technology) which allows us to extend Layer 2 across a Layer 3 routed infrastructure.

Main concern with VLANs is the limited address space. Each device can have around 4000 usable VLANs. This is an issue with service providers. They may have to maintain several VLANs per customer, which exhausts the address space quickly. To work around this VLAN ID’s can be reused on different switches, or technologies like Q-in-Q can be used.

VXLAN does not have this limitation. It uses a 24-bit header, which gives us about 16 million VNI’s to use. A VNI is the identifier for the LAN segment, like a VLAN ID. With an address space this large, an ID can be assigned to a customer, and it can remain unique across the entire network. VXLAN network identification (VNI) is assigned to each Layer 2 subnet to segment traffic.

In data centers, VXLAN is the most used protocol to create overlay networks that sit on top of the physical network, enabling the use of virtual networks. The VXLAN protocol supports the virtualization of the data center network while addressing the needs of multi-tenant data centers by providing the necessary segmentation on a large scale.

The VXLAN tunneling protocol that encapsulates Layer 2 Ethernet frames in Layer 3 UDP packets enables you to create virtualized Layer 2 subnets, or segments, that span physical Layer 3 networks. Each Layer 2 subnet is uniquely identified by a VXLAN network identifier (VNI) that segments traffic.

In other words, VXLAN defines a MAC-in-UDP encapsulation scheme where the original Layer 2 frame has a VXLAN header added and is then placed in a UDP-IP packet. With this MAC-in-UDP encapsulation, VXLAN tunnels the Layer 2 network over the Layer 3 network.

VXLAN has been widely adopted and is now used in many large enterprise networks for virtualization and cloud computing. It provides:

• A secure and efficient way to create virtual networks.
• Allowing for the creation of multi-tenant segmentation.
•  Efficient routing.
• Hardware-agnostic capabilities.
• With its widespread adoption, VXLAN has become an essential technology for network virtualization.

 As we have seen, VXLAN traffic is encapsulated before it is sent over the network. This creates stateless tunnels across the network, from the source switch to the destination switch. The encapsulation and decapsulation are handled by a component called a VTEP (VXLAN Tunnel End Point. a VTEP has an IP address in the underlay network. It also has one or more VNI’s associated with it. When frames from one of these VNI’s arrive at the Ingress VTEP, the VTEP encapsulates it with UDP and IP headers. The encapsulated packet is sent over the IP network to the Egress VTEP. When it arrives, the VTEP removes the IP and UDP headers, and delivers the frame as normal.

   

Read More

Cisco Networking Academy. Build your skills today, online. It’s Free!

Introduction to Cybersecurity

The world is getting more digital and having the skills to secure devices is critical to solving the challenges we face.  The number of connected devices alone is expected to grow to 50 billion sensors, objects, and
other connected ‘things’ by the year 2020.

Source :- www.cisco.com

• ClickClick Here :- It’s Free !

Read More

ARNSEC EST.

ARNSEC PAGE

Read More

Building DMVPN with mGRE, NHRP and IPSec VPN

Building DMVPN with mGRE, NHRP and IPSec VPN

Source: Link

 I – OVERVIEW

This lab will treat the design and deployment of dynamic multipoint VPN architectures by moving step by step into the configuration and explaining how mGRE (multipoint Generic Router Encapsulation), NHRP (Next-Hop Resolution Protocol) and IPsec VPN are mixed to build a dynamic secure topology over the Internet for large enterprises with hundreds of sites.

LAB: Building DMVPN with mGRE, NHRP and IPSec VPN (OSPF)

Lab configured in GNS3 and tested by me. Thanks

Read More