Practical documentation and technical guides on network security, firewalls, Linux systems, monitoring, and automation.
We feature technical articles across the entire IT spectrum - Built from real-world experience and continuously updated.
NETCONF combined with YANG data models gives engineers a structured, programmatic alternative to screen-scraping CLI output.This article walks through using Python’s ncclient library to connect to Cisco IOS-XE and Juniper Junos devices, retrieve operational state, and push configuration changes using proper YANG-modeled payloads. What You Need Before Starting This guide assumes you have: Python 3.8+ … Read more
How to Configure Your Next-Generation Firewall (NGFW) Next-generation firewalls offer far more than packet filtering, but most production deployments underutilize them — relying on port-based rules while leaving TLS inspection disabled and application control unconfigured. This walkthrough covers the three controls that matter most: zone-based segmentation, TLS/SSL deep inspection, and layer-7 application filtering. Examples use … Read more
Default SSH configurations ship with settings that expose systems to brute-force attacks, weak cipher negotiation, and credential stuffing. This guide walks through a complete Linux SSH hardening process covering key-based authentication, cipher suite restriction, Fail2ban integration, and sshd_config best practices. 1. Switch to Key-Based Authentication Password authentication is the primary attack vector for SSH brute-force … Read more
Accurate time synchronization is a foundational requirement for any network equipment as it ensures reliable logging, correct event correlation, and proper operation of security mechanisms. FortiGate supports NTP configuration via GUI and CLI. Below provides the basic commands for configuring the date, time and NTP on your Fortinet Firewall using CLI. Configure NTP using FortiGuard … Read more
Introduction Within this article, we will configure a BIND server within Ubuntu. The advantages of having a local DNS server include: Reduced latency to DNS requests/responses Ability to add private addresses and full flexibility of zone names. Especially useful for VMware installations. It is important to note that the steps provided, are based on a quick setup. Due … Read more
Confederations By its true definition, a confederation is an organization which consists of a number of parties or groups united in an alliance or league. But what is a BGP confederation? BGP Confederation A BGP confederation is an alternative method to route reflectors, used to reduce the number of BGP peerings within a single AS. … Read more
What is ORF? Outbound Route Filtering (ORF) is a Cisco proprietary feature that prevents the unnecessary exchanging of routes that are subject to inbound filtering. This, in turn, minimizes bandwidth across the links and reduces CPU cycles upon the router during the processing of the neighbor UPDATE. ORF works by the router transmitting its inbound filters … Read more
BGP Path Selection Process BGP exchanges routes (prefixes) between BGP peers. Each of these announcements from a peer for a prefix is called a path. [1] The routes within these UPDATE messages are stored within the BGP Table and kept separate from the Routing Information Base (RIB). The BGP process then selects the “best” path from … Read more
Introduction When the BGP routing policy is amended the BGP neighbor session must be reset in order for the changes to take effect. Of course in a production environment performing a hard reset i.e clear ip bgp … , isn’t something that is recommended. Within this article, we will look at the various options available … Read more