I got caught out by Check Point’s “Install On” column recently. Most people don’t need this setting any more, but it’s still there for legacy reasons. Time to re-evaluate.
When you create a firewall policy using Check Point, you define the set of possible installation targets. That is, the firewalls that this policy may be installed on. When you compile & install policy, you can choose from this list of targets, and only this list.
Most organisations will only have one installation target per policy. But sometimes you want to have the same policy on multiple firewalls. This is pretty easy to do, and might make sense if you have many common rules.
But then you say “What if I had 30 common rules, 50 that only applied to firewall A, and another 50 that only applied to firewall B?” That’s where people start using the “Install On” column. This lets you define at a Continue reading
One of the topics I discussed in the IPv6 High Availability webinar is the problem of dual-stack deployments – what do you do when the end-to-end path for one of the protocol stacks breaks down. Happy eyeballs is one of the solutions, as is IPv6-only data center (Facebook is moving in that direction really fast). For more details, watch the short End-to-End High Availability in Dual Stack Networks demo video.
Software Defined Wide Area Networking (SD-WAN) is bubbling up to be one of the prime use cases of SDN. The vendors that fall into the SD-WAN bucket often include Glue Networks, Nuage, Viptela, CloudGenix, VeloCloud, etc. As you dive into each of the solutions from the vendors, you may realize that some are truly unique technologically and some may just be offering a better way to manage existing wide area networking equipment (which is still a huge value add).
In this post, I’m going to give some background on what is driving me to deploy an SD-WAN solution. Follow up posts will cover the deployment a bit more technically.
Since I now have equipment in a colo, moved into a new office, and of course, have the home office, I figured it may be a good idea to look at some of these SD-WAN technologies. In reality, my requirements have a mobile 4th site too that will be used when doing consulting and training onsite at customers to give dynamic site to site access just back to the colo.
To be perfectly honest, I didn’t have strict requirements – they are probably equivalent to those of a small IT Continue reading
First Mission: Just get something done!
We’re excited to announce the full-scale launch of our CCIE Collaboration 8-Hour Mock Lab Workbook (Vol. 2)! Written and tested by the world’s best Collaboration Instructor – Andy Vassar CCIE #22042 (Collaboration, Voice, and R&S), it’s a must have solution for any student that’s preparing for their Cisco Collaboration Certification.
Five Complete 8-hour Mock Lab Scenarios
Detailed Solution Guide (DSG):
Web-based access to our workbooks
Pathway to success:
After you’ve purchased your CCIE Collaboration 8-Hour Mock Lab Workbook (Vol.2), don’t forget to reserve rack time with our CCIE Collaboration Rack Rental Vouchers – time slots book fast. Purchase your vouchers today!