Practical documentation and technical guides on network security, firewalls, Linux systems, monitoring, and automation.
We feature technical articles across the entire IT spectrum - Built from real-world experience and continuously updated.
NETCONF combined with YANG data models gives engineers a structured, programmatic alternative to screen-scraping CLI output. This article walks through using Python’s ncclient library to connect to Ci
How to Configure Your Next-Generation Firewall (NGFW) Next-generation firewalls offer far more than packet filtering, but most production deployments underutilize them — relying on port-based rules while leaving TLS inspection disabled and application control unconfigured. This walkthrough covers the three controls that matter most: zone-based segmentation, TLS/SSL deep inspection, and layer-7 application filtering. Examples use … Read more
Accurate time synchronization is a foundational requirement for any network equipment as it ensures reliable logging, correct event correlation, and proper operation of security mechanisms. FortiGate supports NTP configuration via GUI and CLI. Below provides the basic commands for configuring the date, time and NTP on your Fortinet Firewall using CLI. Configure NTP using FortiGuard … Read more
Introduction Within this article, we will configure a BIND server within Ubuntu. The advantages of having a local DNS server include: Reduced latency to DNS requests/responses Ability to add private addresses and full flexibility of zone names. Especially useful for VMware installations. It is important to note that the steps provided, are based on a quick setup. Due … Read more
Confederations By its true definition, a confederation is an organization which consists of a number of parties or groups united in an alliance or league. But what is a BGP confederation? BGP Confederation A BGP confederation is an alternative method to route reflectors, used to reduce the number of BGP peerings within a single AS. … Read more
What is ORF? Outbound Route Filtering (ORF) is a Cisco proprietary feature that prevents the unnecessary exchanging of routes that are subject to inbound filtering. This, in turn, minimizes bandwidth across the links and reduces CPU cycles upon the router during the processing of the neighbor UPDATE. ORF works by the router transmitting its inbound filters … Read more
BGP Path Selection Process BGP exchanges routes (prefixes) between BGP peers. Each of these announcements from a peer for a prefix is called a path. [1] The routes within these UPDATE messages are stored within the BGP Table and kept separate from the Routing Information Base (RIB). The BGP process then selects the “best” path from … Read more
Introduction When the BGP routing policy is amended the BGP neighbor session must be reset in order for the changes to take effect. Of course in a production environment performing a hard reset i.e clear ip bgp … , isn’t something that is recommended. Within this article, we will look at the various options available … Read more
Introduction Reverse path forwarding (RPF) is a technique used in modern routers for the purposes of ensuring loop-free forwarding of multicast packets in multicast routing and to help prevent IP address spoofing in unicast routing. [1] Within this article, we will look at multicast RPF, and look into why it is needed along with how it … Read more