Practical documentation and technical guides on network security, firewalls, Linux systems, monitoring, and automation.
We feature technical articles across the entire IT spectrum - Built from real-world experience and continuously updated.
Issue Unable to open a file by just double-clicking on the file. But you can open the file if you go into Excel first. Solution You will need to turn off “Ignore other applications”. This can be found in “Tools / Options / General”.
Summary The Brocade ADX provides DoS protection within the hardware layer. This allows for a much greater total of DoS attacks to be processed.Such attacks that are recognised and protected against at the hardware layer are : deny-all fragments Fin-with-no-ack icmp-fragment ip-option land-attack large-icmp ping-of-death syn-and-fin-set syn-fragments TCP-no-flags unknown-ip-protocol xmas-tree At a software layer the following attacks … Read more
The Brocade ADX has a number of Load Balancing methods available. These are also known as predictors. Assignment Predictors can be assigned on a global level or on a per virtual server basis. Below shows the syntax:global – server predictor [BALANCING METHOD]virtual server – server [BALANCING METHOD] Types Below explains the various available … Read more
HealthCheck elements provides the ability to perform boolean based expressions against your healthchecks (AND, OR, and NOT).In this example we will configure a health check that bring up http on webserver1 if : the string STRING1 is matched within the content retrieved via a HTTP GET / from server 192.168.1.20 the string STRING2 is matched … Read more
A match-list provides the ability to content match string based values and mark the application (layer 7) based health-check as either up or down.When assigning a match-list health-check the match-list is assigned to a port policy. This port policy is then assigned to the virtual server. Steps 1. First we enable Layer 7 health-checks on … Read more
When disabling a service on the Brocade ADX you can either disable the port or real server. Below shows the necessary syntax: server real <NAME> <IP> disable server real <NAME> <IP> port ssl disable port http disable When either the server or port is disabled it is important to remember that new sessions are not … Read more
Port profiles provide the ability to configure custom settings for individual TCP/UDP ports. Any port that the ADX deems unknown, is in turn defined as UDP and will send any subsequent health-checks to the port via UDP. To use a unknown port a port profile must be configured. (config)# server port 8181(config-port-8181)# tcp keepalive use-master-state(config-port-8181)# … Read more
Below provides a basic example on how to configure a primary / backup setup. Traffic is only distributed to the primary server, at the point the primary node becomes offline traffic is distributed to the secondary server. server real RS_192.168.1.1 192.168.1.1 port http port http url “HEAD /” server real RS_192.168.1.2 192.168.1.2 backup port http port http url “HEAD /” … Read more
Content Switching provides the ability to distribute / rewrite traffic based upon a sessions Layer 7 payload. This feature also provides the ability to persist connections to a given server/server group. There are 4 main methods to Layer 7 switching: Cookie Switching – Uses either a server sent cookie or ADX injected cookie to direct … Read more