Check Point vsec for Microsoft Azure
|
|
- Blanche Russell
- 6 years ago
- Views:
Transcription
1 Check Point vsec for Microsoft Azure Test Drive User Guide 2017 Check Point Software Technologies Ltd. All rights reserved Page 1 Learn More: checkpoint.com
2 Content 1 INTRODUCTION TEST DRIVE OVERVIEW TEST DRIVE REVIEW THE VSEC PRODUCT INFORMATION AND USE CASES INFORMATION FOR ACCESSING THE TEST DRIVE ENVIRONMENT CONNECTING TO THE TEST DRIVE ENVIRONMENT Using the Windows Remote Desktop Client Using an Existing Check Point R77.30 SmartConsole Client REVIEW THE SECURITY POLICY VERIFY NORMAL WEB TRAFFIC BLOCK AN SQL INJECTION ATTACK BLOCK ACCESS TO SOCIAL NETWORKS VSEC FOR AZURE USE CASES OVERVIEW SUPPORT Figures Figure 1 Check Point vsec for Microsoft Azure Test Drive Environment Check Point Software Technologies Ltd. All rights reserved Page 2
3 1 Introduction Welcome to Check Point vsec for Microsoft Azure test drive! Check Point vsec test drive for Microsoft Azure enables customers to rapidly try out vsec enterprise security gateway features deployed on a virtual instance inside a Microsoft Azure IaaS (Infrastructure as a Service) virtual cloud. This test drive will allow you to experience the capabilities of the vsec gateway in action using a real web server app, simulated attack vectors, and verification of activity in event logs. Why do I need vsec for Azure when the cloud is already secure? Check Point vsec allows you to protect your apps and data deployed in Azure. As you may well know, when you deploy a server in Azure configured with a public facing IP (even a private IP with NAT allowing for Internet access), it is exposed to cyber-attacks from the Internet, just like any server deployed in an on premise environment. Cloud providers provide cost efficient computing resources but only secure the infrastructure layer. Check Point vsec allows you to secure the higher layers (network layer up to application layer) with advanced multi-layer security in order to gain visibility into traffic and threats as well as detect and prevent attacks inside and outside your cloud network and demonstrate compliance. Additionally, a perimeter based security gateway approach makes it easier to protect multiple virtual machine instances (with unknown security posture, software, and patch levels) in a highly dynamic cloud environment where VMs are spun up and removed constantly. It is the customer s responsibility to protect his data and apps in the cloud. Activities included in this Test Drive At the end of the test drive, you will have accomplished the following: Remotely access and navigate the SmartConsole management user interface (UI) to provision and monitor the vsec security gateway Enable internet/public facing app (web server) by provisioning a security policy and verify correct operation of the web server Simulate an SQL attack, watch it succeed, and then block the attack by provisioning Intrusion Prevention (IPS) functionality and verify correct operation in the SmartEvent logs Block all access to social networks (i.e. Facebook/LinkedIn/Twitter) by enabling Application and URL Filtering and verify correct operation using SmartEvent logs If you wish to purchase and deploy vsec for Azure immediately in either PAY as you Go (PAYG) or Bring Your Own License (BYOL) licensing model, please visit the vsec listing on Azure Marketplace which contains ARM templates for rapid single click provisioning and deployment. A reference architecture is available at: ils=&solutionid=sk109360&partition=general&product=vsec Please note that Check Point vsec is fully integrated with Azure Security Center as well, to automate and orchestrate the deployment. Follow the instructions below to begin your test drive. Enjoy your journey! 2017 Check Point Software Technologies Ltd. All rights reserved Page 3
4 2 Test Drive Overview This test drive will have you working on securing a single tier app environment where tier one is a web server deployed inside Azure cloud behind the Azure load balancer. This simulates a realworld scenario where the web server hosts dynamic content from the cloud but needs to be secured with advance threat protection using a virtual enterprise security gateway. In this scenario, all inbound/outbound (i.e. North/South) traffic to the web server is secured by the vsec gateway. The test drive environment consists of the following components: Figure 1 Check Point vsec for Microsoft Azure Test Drive Environment An Azure Virtual Network with the following subnets: A Gateway external subnet ( /24) A Gateway internal subnet ( /24) A Web Server Subnet ( /24) The test drive has 3 virtual machines: A Linux machine A Windows machine A Check Point vsec gateway 2017 Check Point Software Technologies Ltd. All rights reserved Page 4
5 The Linux machine is pre-configured as a web server listening on TCP port 80. The Windows machine is pre-installed with the Check Point SmartConsole (R77.30) Graphical User Interface clients. The Check Point vsec gateway has two interfaces attached to external and internal subnets. The Windows machine is attached to external subnet. The Web Server is attached to the web server subnet. In addition, an Azure load balancer is set up to receive HTTP traffic on a dedicated public address and forward it to the Check Point vsec security gateway. The Check Point vsec Security gateway is pre-configured with security and Network Address Translation (NAT) policies to receive and forward this traffic. 3 Test Drive Note: It can take up to 15 minutes for your environment to be built. 3.1 Review the vsec Product Information and Use Cases While your test drive environment is being built, you can: Read the short Check Point vsec for Microsoft Azure Solution Brief Visit the Check Point vsec for Microsoft Azure page Review the key use cases described in section 4 vsec for Azure Use Cases Overview at the end of this guide. 3.2 Information for Accessing the Test Drive Environment When you launch the test drive, you will receive an containing information that will allow you to connect to your environment. This includes: The user names and password needed to authenticate to the Windows machine and the Check Point vsec Gateway The public address of the gateway The public address of the Windows machine The URL of the protected web application The same access information is also available in the Test Drive page. In this Test Drive, we will be using Check Point SmartConsole, a group of Windows based graphical user interface (GUI) clients, to manage and monitor the security policy of the Check Point vsec gateway Check Point Software Technologies Ltd. All rights reserved Page 5
6 3.3 Connecting to the Test Drive Environment You have two options to access the Test Drive: You can use the Windows machine with the pre-installed clients. o Go to section Using the Windows Remote Desktop Client. Alternatively, if you already have Check Point SmartConsole R77.30 installed on your computer, you can use it to directly connect to the public address of the Check Point vsec gateway. o Go to section Using an Existing Check Point R77.30 SmartConsole Client Using the Windows Remote Desktop Client If you do not have the Check Point R77.30 SmartConsole client installed, you can use the Windows machine in the Test Drive environment where it is already pre-installed. To connect to the Windows machine in the Test Drive environment: Open a Remote Desktop Connection client (Start -> mstsc in Windows). Click on For Computer, use the Windows server address from your My Test Drives section or the Windows IP address you received in your Test Drive . For User name, use \vsec (note the leading \ to avoid the use of your corporate domain). Click Connect Check Point Software Technologies Ltd. All rights reserved Page 6
7 Under password, enter the Windows server password from your My Test Drives section or the password you received in your Test Drive . They are the same. Click OK. After you login to the Windows machine, locate, and launch the SmartDashboard R77.30 client in the top left: Log in with the Gateway password from your My Test Drives section or the password you received via . o The Gateway username is admin as stated in your My Test Drives section and the you received. o The IP address is (the external private address). o Click on Login, and approve the fingerprint: Proceed to section 3.4 Review the Security Policy Check Point Software Technologies Ltd. All rights reserved Page 7
8 3.3.2 Using an Existing Check Point R77.30 SmartConsole Client If you already have the Check Point R77.30 SmartConsole client pre-installed on your computer, you can use it to directly connect to the Check Point vsec Gateway. Open Check Point R77.30 SmartDashboard. Log in with the Gateway password from your My Test Drives section or the password you received via . o The Gateway username is admin as stated in your My Test Drives section and the you received. o Use the public gateway IP address from your My Test Drives section or the you received. o Click on Login, and approve the fingerprint: 3.4 Review the Security Policy Now that you are connected to the Check Point vsec Security Gateway for Azure, let s examine the security policy. Go to the Firewall Tab, and click Policy Check Point Software Technologies Ltd. All rights reserved Page 8
9 Review the firewall security policy. The table below details the purpose of the security policy rules from above: Rule Purpose 1 Allow HTTP connections to the web server 2 Allow any connection originating from the web subnet 3 Allow SSH connections to the gateway 4 Allow SmartConsole connections to the gateway 5 Allow HTTPS connections to the gateway 6 Allow pings 7 Drop all other traffic Note: All rules have logs enabled. Now let s examine the NAT rules. Go to the Firewall tab and click NAT Check Point Software Technologies Ltd. All rights reserved Page 9
10 Review the firewall Network Address Translation (NAT) policy: The table below details the purpose of the NAT policy rules from above: Rules Purpose 1-2 Automatic rules, can be ignored 3-4 Hide connections originating from the web subnet behind the gateway s address 5 Translate health check connections arriving to the gateway on port 8081 to the private address of the web server while hiding to source behind the gateway to ensure that returning packets are sent to the gateway 6 Translate connections arriving from the Internet to the gateway on port 8081 to the private address of the internal load balancer Review the automatically created network objects: 2017 Check Point Software Technologies Ltd. All rights reserved Page 10
11 Open the SmartView Tracker client application. We will be using this application to view logs. You can do this directly from the SmartDashboard application as shown below. In the next sections, you ll complete tasks related to cloud security management activities. 3.5 Verify Normal Web Traffic In this scenario, you will verify normal web traffic. Use a browser to connect to the URL in your My Test Drives Access information Step 1 and that you received via (Web Server URL). Click on the first Test button Check Point Software Technologies Ltd. All rights reserved Page 11
12 This will generate a standard web request to the following URL: This connection should be allowed and the status should change to Success as shown above. (Optional) You can verify this manually by adding /vsec.jpg to the URL in your My Test Drives Access information Step 1 (or from the you received (Web Server URL)) and browsing to it. 3.6 Block an SQL Injection Attack Now you will simulate an SQL Injection Attack, configure the Intrusion Prevention (IPS) functionality in order to block the attack, and then view the generated logs. Click on the 2 nd Test button (Block SQL injection attack). This will simulate an SQL injection attack by requesting the following URL: Since we have not set up the Intrusion Prevention (IPS) functionality, this attack will not be blocked Check Point Software Technologies Ltd. All rights reserved Page 12
13 (Optional) Verify this manually by adding /cgi-bin/sql-injection/id=concat to the URL in your My Test Drives Access information Step 1 (or from the you received (Web Server URL)) and browsing to it. In order to block the above attack, you need to configure IPS (Intrusion Prevention System) functionality. In SmartDashboard: Click on the IPS tab at the top of the window. Click on Protections in the left column In the Protections pane, type sql in the Look for box Check Point Software Technologies Ltd. All rights reserved Page 13
14 Click on the SQL Injection protection at the bottom of the table. Double click on Inactive in the Default_Protection column. In the Protection Settings windows, select the Override IPS Policy with button, select Prevent from the pull-down menu, select Apply to all HTTP Traffic, and click OK Check Point Software Technologies Ltd. All rights reserved Page 14
15 Click on Install Policy in the top menu bar to install the newly modified policy. Click on OK to install the IPS policy on the vsec gateway. Wait for the policy installation to complete and click Close. Launch the SQL attack again to verify IPS functionality. On the Web Server page: Click on the 2 nd Test button again (Block SQL injection attack) Check Point Software Technologies Ltd. All rights reserved Page 15
16 This time, the attack should be blocked. (Optional) Test this manually by adding /cgi-bin/sql-injection/id=concat to the URL in your My Test Drives Access information Step 1 (or from the you received (Web Server URL)) and browsing to it. In SmartView Tracker: View the generated log by navigating to the IPS blade view under Network Security Blades and double-clicking All. You should see an SQL attack log similar to this: 2017 Check Point Software Technologies Ltd. All rights reserved Page 16
17 Double click on the log record to see more information. 3.7 Block Access to Social Networks In this activity, you will simulate access to social networks, configure Application & URL Filtering functionality in order to block access to social networks, and then view the generated logs. On the Web Server page: Click on the 3 rd Test button (Block access to social networks). This will cause the web server to communicate with various social networks web sites. Since we have not yet set up Application Control & URL Filtering, this traffic will not be blocked Check Point Software Technologies Ltd. All rights reserved Page 17
18 In SmartDashboard: Go to Application & URL Filtering tab and click on Policy in the left column. Add a new rule by clicking on the Add bottom button. This will add an automatically created rule. In the Application/Sites column, click on the + to use the widget. Type social networking in the box, check the Social Networking category, and click OK Check Point Software Technologies Ltd. All rights reserved Page 18
19 In the Track column, change the option to Complete Log The final rule should look like the following: Click on Install Policy in the top menu bar to install the newly modified policy. Click on OK to install the Application & URL Filtering policy Check Point Software Technologies Ltd. All rights reserved Page 19
20 Wait for the policy installation to complete and click Close. On the Web Server page: Click on the 3 rd Test button again to simulate access to social networks. This time, access to social networks should be blocked: In SmartView Tracker: View the generated log by navigating to the Application and URL Filtering view under Network Security Blades and double-clicking All Check Point Software Technologies Ltd. All rights reserved Page 20
21 You should see several logs indicating that a connection was opened from the web subnet to social network web sites similar to this: Double click on one of these log record to see more information Check Point Software Technologies Ltd. All rights reserved Page 21
22 Congratulations! You have completed the activities in the Check Point vsec for Microsoft Azure Test Drive. Feel free to keep exploring this environment. Thank you! 4 vsec for Azure Use Cases Overview Key use cases of vsec for Azure include: Advanced security protection of your internet/public facing apps hosted in Azure using perimeter gateway Hybrid cloud by creating site-to-site secure VPN tunnel between your on premise network and cloud network allowing secured communications between on premise users & applications and cloud applications & infrastructure Secure remote access to the cloud apps for mobile users using point-to-point secure tunnel allowing mobile users to talk to your cloud apps Intersegment security protection between app tiers inside your cloud preventing the lateral spread of threats between servers inside your cloud Achieve high availability using multiple gateways deployed in a cluster Auto-scaling by automatically deploying multiple instances of security gateway using an elastic load balancer Provision security policy using Azure cloud objects like VM instance names and network security groups/tags Review event logs with cloud objects like VM instance names and network security groups 5 Support Please contact your Check Point or Microsoft Azure sales team for more information about this Test Drive and Check Point vsec for Azure Check Point Software Technologies Ltd. All rights reserved Page 22
Connectra Virtual Appliance Evaluation Guide
Connectra Virtual Appliance Evaluation Guide This document is intended for users who are new to Check Point products and would like to evaluate and review Connectra Virtual Appliance. We recommend reading
More informationHow to Deploy the Barracuda Security Gateway in the New Microsoft Azure Management Portal
How to Deploy the Barracuda Email Security Gateway in the New Microsoft Azure Management Portal This guide walks you through the steps to deploy and provision the Barracuda Email Security Gateway on Microsoft
More informationHow-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018
How-to Guide: Tenable.io for Microsoft Azure Last Updated: November 16, 2018 Table of Contents How-to Guide: Tenable.io for Microsoft Azure 1 Introduction 3 Auditing the Microsoft Azure Cloud Environment
More informationHow-to Guide: Tenable Nessus for Microsoft Azure. Last Updated: April 03, 2018
How-to Guide: Tenable Nessus for Microsoft Azure Last Updated: April 03, 2018 Table of Contents How-to Guide: Tenable Nessus for Microsoft Azure 1 Introduction 3 Auditing the Microsoft Azure Cloud Environment
More informationNGF0502 AWS Student Slides
NextGen Firewall AWS Use Cases Barracuda NextGen Firewall F Implementation Guide Architectures and Deployments Based on four use cases Edge Firewall Secure Remote Access Office to Cloud / Hybrid Cloud
More informationDeploying and Provisioning the Barracuda Web Application Firewall in the New Microsoft Azure Management Portal
Deploying and Provisioning the Barracuda Web Application Firewall in the New Microsoft Azure Management Deploying and Provisioning the Barracuda Web Application Firewall Using the Azure Resource Manager
More informationDeploying and Provisioning the Barracuda CloudGen WAF in the Classic Microsoft Azure Management Portal
Deploying and Provisioning the Barracuda CloudGen WAF in the Classic Microsoft Azure Management Portal Before you proceed, it is recommended that you go through the Deployment Best Practices article. Before
More informationEdgeConnect for Amazon Web Services (AWS)
Silver Peak Systems EdgeConnect for Amazon Web Services (AWS) Dinesh Fernando 2-22-2018 Contents EdgeConnect for Amazon Web Services (AWS) Overview... 1 Deploying EC-V Router Mode... 2 Topology... 2 Assumptions
More informationSilver Peak EC-V and Microsoft Azure Deployment Guide
Silver Peak EC-V and Microsoft Azure Deployment Guide How to deploy an EC-V in Microsoft Azure 201422-001 Rev. A September 2018 2 Table of Contents Table of Contents 3 Copyright and Trademarks 5 Support
More information1. Click on "IaaS" to advance to the Windows Azure Scenario. 2. Click to configure the "CloudNet" Virtual Network
Introduction to the Virtual Network Lab Scenario Steps Description 1. Click on "IaaS" to advance to the Windows Azure Scenario Windows Azure Infrastructure Services ( IaaS ) provides us with the capability
More informationThe Balabit s Privileged Session Management 5 F5 Azure Reference Guide
The Balabit s Privileged Session Management 5 F5 Azure Reference Guide March 12, 2018 Abstract Administrator Guide for Balabit s Privileged Session Management (PSM) Copyright 1996-2018 Balabit, a One Identity
More informationDeploy and Secure an Internet Facing Application with the Barracuda Web Application Firewall in Amazon Web Services
Deploy and Secure an Internet Facing Application with the in Amazon Web In this lab, you will deploy an unsecure web application into Amazon Web (AWS), and then secure the application using the. To create
More informationVPN Solutions for Zerto Virtual Replication to Azure. SoftEther Installation Guide
VPN Solutions for Zerto Virtual Replication to Azure SoftEther Installation Guide VERSION 1.0 JULY 2017 Table of Contents 1. Overview... 2 1.1 Use Cases... 2 2. Proofs of Concept and Lab Usage... 2 2.1
More informationApp Gateway Deployment Guide
C E N T R I F Y D E P L O Y M E N T G U I D E App Gateway Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as a critical
More informationWeb Cloud Solution. User Guide. Issue 01. Date
Issue 01 Date 2017-05-30 Contents Contents 1 Overview... 3 1.1 What Is Web (CCE+RDS)?... 3 1.2 Why You Should Choose Web (CCE+RDS)... 3 1.3 Concept and Principle... 4... 5 2.1 Required Services... 5 2.2
More informationExam : Implementing Microsoft Azure Infrastructure Solutions
Exam 70-533: Implementing Microsoft Azure Infrastructure Solutions Objective Domain Note: This document shows tracked changes that are effective as of January 18, 2018. Design and Implement Azure App Service
More informationCisco Virtual Application Container Services 2.0 Lab v1
Cisco Virtual Application Container Services 2.0 Lab v1 Last Updated: 02-SEP-2015 About This Solution Cisco Virtual Application Container Services (VACS) enables simplified deployment of Secure Application
More informationTable of Contents HOL-HBD-1301
Table of Contents Lab Overview... 2 - vcloud Hybrid Service Jump Start for vsphere Admins...3 Module 1 - vcloud Hybrid Service: Architecture and Consumption Principles...5 vcloud Hybrid Service... 6 vcloud
More informationHow-to Guide: Tenable Core Web Application Scanner for Microsoft Azure. Last Updated: May 16, 2018
How-to Guide: Tenable Core Web Application Scanner for Microsoft Azure Last Updated: May 16, 2018 Table of Contents How-to Guide: Tenable Core Web Application Scanner for Microsoft Azure 1 Introduction
More informationLoad Balancing Microsoft Remote Desktop Services. Deployment Guide v Copyright Loadbalancer.org
Load Balancing Microsoft Remote Desktop Services Deployment Guide v2.0.2 Copyright Loadbalancer.org Table of Contents About this Guide...4 2. Loadbalancer.org Appliances Supported...4 3. Loadbalancer.org
More informationMarkLogic Server. MarkLogic Server on Microsoft Azure Guide. MarkLogic 9 January, 2018
MarkLogic Server on Microsoft Azure Guide 1 MarkLogic 9 January, 2018 Last Revised: 9.0-4, January, 2018 2018 MarkLogic Corporation. MarkLogic and the MarkLogic logo are trademarks or registered trademarks
More informationHikCentral V.1.1.x for Windows Hardening Guide
HikCentral V.1.1.x for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1 Strict Password Policy... 2 1.2 Turn Off Windows Remote
More informationIntroduction. The Safe-T Solution
Secure Application Access Product Brief Contents Introduction 2 The Safe-T Solution 3 How It Works 3 Capabilities 4 Benefits 5 Feature List 6 6 Introduction As the world becomes much more digital and global,
More informationLab Guide. Barracuda NextGen Firewall F-Series Microsoft Azure - NGF0501
Barracuda NextGen Firewall F-Series Microsoft Azure - NGF0501 Lab Guide Official training material for Barracuda certified trainings and Authorized Training Centers. Edition 2018 Revision 1.0 campus.barracuda.com
More informationData Sheet Gigamon Visibility Platform for AWS
Data Sheet Gigamon Visibility Platform for Overview The rapid evolution of Infrastructure-as-a-Service (IaaS), or public clouds, brings instant advantages of economies of scale, elasticity, and agility
More informationAzure Marketplace Getting Started Tutorial. Community Edition
Azure Marketplace Getting Started Tutorial Community Edition Introduction NooBaa software provides a distributed storage solution for unstructured data such as analytics data, multi-media, backup, and
More informationForeScout CounterACT. (AWS) Plugin. Configuration Guide. Version 1.3
ForeScout CounterACT Hybrid Cloud Module: Amazon Web Services (AWS) Plugin Version 1.3 Table of Contents Amazon Web Services Plugin Overview... 4 Use Cases... 5 Providing Consolidated Visibility... 5 Dynamic
More informationFortiGate. on OCB FE Configuration Guide. 6 th December 2018 Version 1.0
on OCB FE 6 th December 2018 Version 1.0 document control date version no. author change/addition 6 th December 2018 1.00 Ahmad Samak Creation Internal Use Only 2 of 24 table of contents 1 References...
More informationAzure Marketplace. Getting Started Tutorial. Community Edition
Azure Marketplace Getting Started Tutorial Community Edition Introduction NooBaa software provides a distributed storage solution for unstructured data such as analytics data, multi-media, backup, and
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
MMC1532BE Using VMware NSX Cloud for Enhanced Networking and Security for AWS Native Workloads Percy Wadia Amol Tipnis VMworld 2017 Content: Not for publication #VMworld #MMC1532BE Disclaimer This presentation
More informationSonicWALL Security Appliances. SonicWALL SSL-VPN 200 Getting Started Guide
SonicWALL Security Appliances SonicWALL SSL-VPN 200 Getting Started Guide SonicWALL SSL-VPN 200 Appliance Getting Started Guide This Getting Started Guide contains installation procedures and configuration
More informationAWS Reference Design Document
AWS Reference Design Document Contents Overview... 1 Amazon Web Services (AWS), Public Cloud and the New Security Challenges... 1 Security at the Speed of DevOps... 2 Securing East-West and North-South
More informationPexip Infinity and Amazon Web Services Deployment Guide
Pexip Infinity and Amazon Web Services Deployment Guide Contents Introduction 1 Deployment guidelines 2 Configuring AWS security groups 4 Deploying a Management Node in AWS 6 Deploying a Conferencing Node
More informationLoad Balancing For Clustered Barracuda CloudGen WAF Instances in the New Microsoft Azure Management Portal
Load Balancing For Clustered Barracuda CloudGen WAF Instances in the New Microsoft Azure Management This guide will walk you through the steps to load balance traffic across multiple instances of the Barracuda
More informationAmazon AppStream 2.0: SOLIDWORKS Deployment Guide
2018 Amazon AppStream 2.0: SOLIDWORKS Deployment Guide Build an Amazon AppStream 2.0 environment to stream SOLIDWORKS to your users June 2018 https://aws.amazon.com/appstream2/ 1 Welcome This guide describes
More informationSIOS DataKeeper Cluster Edition on the AWS Cloud
SIOS DataKeeper Cluster Edition on the AWS Cloud Quick Start Reference Deployment April 2017 Last update: May 2017 (revisions) SIOS Technology Corp. AWS Quick Start Reference Team Contents Overview...
More informationRead the following information carefully, before you begin an upgrade.
Read the following information carefully, before you begin an upgrade. Review Supported Upgrade Paths, page 1 Review Time Taken for Upgrade, page 1 Review Available Cisco APIC-EM Ports, page 2 Securing
More informationData Sheet GigaSECURE Cloud
Data Sheet GigaSECURE Cloud Intelligent network traffic visibility that enables enterprises to extend their security posture to Microsoft The rapid evolution of Infrastructure-as-a-Service (IaaS) brings
More informationMicrosoft Azure Course Content
Cloud Computing Trainings @ STUCORNER & SHARPENCLOUD Microsoft Azure Course Content Lesson 1: Introduction to Azure 1. Overview of On-premise infrastructure 2. Transition from On-premise to datacenter
More informationConfiguring a Palo Alto Firewall in AWS
Configuring a Palo Alto Firewall in AWS Version 1.0 10/19/2015 GRANT CARMICHAEL, MBA, CISSP, RHCA, ITIL For contact information visit Table of Contents The Network Design... 2 Step 1 Building the AWS network...
More informationElasterStack 3.2 User Administration Guide - Advanced Zone
ElasterStack 3.2 User Administration Guide - Advanced Zone With Advance Zone Configuration TCloud Computing Inc. 6/22/2012 Copyright 2012 by TCloud Computing, Inc. All rights reserved. This document is
More informationLet s say that hosting a cloudbased application is like car ownership
Let s say that hosting a cloudbased application is like car ownership Azure App Service App Service Features & Capabilities All features and capabilities are shared across all of App Service application
More informationLeveraging Azure Services for a Scalable Windows Remote Desktop Deployment
WEBINAR Leveraging Azure Services for a Scalable Windows Remote Desktop Deployment May 16 2018 About Me 18+ years in IT Blog at www.ciraltos.com, Twitter @ciraltos Work at Bowman and Brooke LLP as IT Infrastructure
More informationUsing the Terminal Services Gateway Lesson 10
Using the Terminal Services Gateway Lesson 10 Skills Matrix Technology Skill Objective Domain Objective # Deploying a TS Gateway Server Configure Terminal Services Gateway 2.2 Terminal Services (TS) Web
More informationDeploying the Cisco Tetration Analytics Virtual Appliance in Microsoft Azure
Deploying the Cisco Tetration Analytics Virtual Appliance in Microsoft Azure About, on page 1 Prerequisites for, on page 1, on page 3 AboutDeployingtheCiscoTetrationAnalyticsVirtualAppliance in Microsoft
More informationForeScout Extended Module for MobileIron
Version 1.8 Table of Contents About MobileIron Integration... 4 Additional MobileIron Documentation... 4 About this Module... 4 How it Works... 5 Continuous Query Refresh... 5 Offsite Device Management...
More informationIaaS Integration for Multi- Machine Services. vrealize Automation 6.2
IaaS Integration for Multi- Machine Services vrealize Automation 6.2 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about
More informationHikCentral V1.3 for Windows Hardening Guide
HikCentral V1.3 for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1Strict Password Policy... 2 1.2Turn Off Windows Remote
More informationCPM. Quick Start Guide V2.4.0
CPM Quick Start Guide V2.4.0 1 Content 1 Introduction... 3 Launching the instance... 3 CloudFormation... 3 CPM Server Instance Connectivity... 3 2 CPM Server Instance Configuration... 4 CPM Server Configuration...
More informationAWS Reference Architecture - CloudGen Firewall Auto Scaling Cluster
AWS Reference Architecture - CloudGen Firewall Auto Scaling Cluster Protecting highly dynamic AWS resources with a static firewall setup is neither efficient nor economical. A CloudGen Firewall Auto Scaling
More informationCisco ACI vcenter Plugin
This chapter contains the following sections: About Cisco ACI with VMware vsphere Web Client, page 1 Getting Started with, page 2 Features and Limitations, page 7 GUI, page 12 Performing ACI Object Configurations,
More informationWelcome to the. Migrating SQL Server Databases to Azure
Welcome to the 1 Migrating SQL Server Databases to Azure Migrating SQL Server Databases to Azure Agenda Overview of SQL Server in Microsoft Azure Getting started with SQL Server in an Azure virtual machine
More informationMyCloud Computing Business computing in the cloud, ready to go in minutes
MyCloud Computing Business computing in the cloud, ready to go in minutes In today s dynamic environment, businesses need to be able to respond quickly to changing demands. Using virtualised computing
More informationIBM Smart Cloud Entry Hosted Trial Guide 3.2
IBM Smart Cloud Entry Hosted Trial Guide 3.2 SmartCloud Entry Team: Cloud Solutions Beta cloudbta@us.ibm.com Page 1 Table of Contents Chapter 1: Introduction...3 Chapter 2: Getting Started...4 Request
More informationIntroduction With the move to the digital enterprise, all organizations regulated or not, are required to provide customers and anonymous users alike
Anonymous Application Access Product Brief Contents Introduction 1 The Safe-T Solution 1 How It Works 2-3 Capabilities 4 Benefits 4 List 5-11 Introduction With the move to the digital enterprise, all organizations
More informationEASYHA SQL SERVER V1.0
EASYHA SQL SERVER V1.0 CONTENTS 1 Introduction... 2 2 Install SQL 2016 in Azure... 3 3 Windows Failover Cluster Feature Installation... 7 4 Windows Failover Clustering Configuration... 9 4.1 Configure
More informationImplementing DVN. directpacket Product Guide
Implementing DVN directpacket Product Guide directpacket Research www.directpacket.com 2 1 DVN and the IPC Community The Secure Dedicated Versatile Network (DVN) Server is a hardened internet facing device
More informationSAFE JOURNEY TO THE CLOUD. Eric Meadows Cloud Security Team
SAFE JOURNEY TO THE CLOUD Eric Meadows Cloud Security Team 2017 Check Point Software Technologies Ltd. 1 Who is this guy? Eric Meadows Cloud Security Team 770-704-0512 emeadows@checkpoint.com Current Cloud
More informationNetScaler Analysis and Reporting. Goliath for NetScaler Installation Guide v4.0 For Deployment on VMware ESX/ESXi
NetScaler Analysis and Reporting Goliath for NetScaler Installation Guide v4.0 For Deployment on VMware ESX/ESXi (v4.0) Document Date: October 2016 www.goliathtechnologies.com 1 Legal Notices Goliath for
More informationITCorporation HOW DO I INSTALL A FRESH INSTANCE OF ANALYZER? DESCRIPTION RESOLUTION. Knowledge Database KNOWLEDGE DATABASE
KNOWLEDGE DATABASE HOW DO I INSTALL A FRESH INSTANCE OF ANALYZER? 3. Click on GMS/Analyzer - Virtual Appliance or GMS/Analyzer - Virtual Appliance 950GB under GMS - Virtual Appliance. Note: It is not recommended
More informationSonicWall Web Application Firewall 2.0. AWS Deployment Guide
SonicWall Web Application Firewall 2.0 AWS Deployment Guide Contents 1 Overview..........................................................................3 Before You Begin....................................................................4
More informationDocker Container Access Reference Design
Docker Container Access Reference Design Version 06-18-2016 Copyright 2014-2016 Aviatrix Systems, Inc. All rights reserved. Introduction Project Skyhook by Aviatrix enables VPN users to access remote Docker
More informationQuick Start Guide for Vmware. Version 2.5 Vmware vsphere Instance
Quick Start Guide for Vmware Version 2.5 Vmware vsphere Instance CONTENTS 1. Introduction 1.1 Running Gemini appliance on Vmware vsphere 1.1.1 Supported Versions 1.1.2 System Requirement 1.1.3 Note on
More informationVMware vcloud Director Evaluator s Guide TECHNICAL WHITE PAPER
VMware vcloud Director Evaluator s Guide TECHNICAL WHITE PAPER Table of Contents 1. Getting Started.... 4 1.1 About This Guide... 4 1.2 Intended Audience.... 4 1.3 Help and Support During the Evaluation....
More informationDEPLOYING A 3SCALE API GATEWAY ON RED HAT OPENSHIFT
TUTORIAL: DEPLOYING A 3SCALE API GATEWAY ON RED HAT OPENSHIFT This tutorial describes how to deploy a dockerized version of the 3scale API Gateway 1.0 (APIcast) that is packaged for easy installation and
More informationHow to Configure Azure Route Tables (UDR) using Azure Portal and ARM
How to Configure Azure Route Tables (UDR) using Azure Portal and ARM Azure Route Tables, or User Defined Routing, allow you to create network routes so that your F-Series Firewall VM can handle the traffic
More informationProxy Protocol Support for Sophos UTM on AWS. Sophos XG Firewall How to Configure VPN Connections for Azure
Proxy Protocol Support for Sophos UTM on AWS Sophos XG Firewall How to Configure VPN Connections for Azure Document date: April 2017 1 Contents 1 Overview... 3 2 Azure Virtual Network and VPN Gateway...
More informationOracle Enterprise Manager 11g Ops Center 2.5 Hands-on Lab
Oracle Enterprise Manager 11g Ops Center 2.5 Hands-on Lab Introduction to Enterprise Manager 11g Oracle Enterprise Manager 11g is the centerpiece of Oracle's integrated IT management strategy, which rejects
More informationAndroid Mobile Single Sign-On to VMware Workspace ONE. SEP 2018 VMware Workspace ONE VMware Identity Manager VMware Identity Manager 3.
Android Mobile Single Sign-On to VMware Workspace ONE SEP 2018 VMware Workspace ONE VMware Identity Manager VMware Identity Manager 3.3 You can find the most up-to-date technical documentation on the VMware
More informationCloudEdge Deployment Guide
Hillstone Networks, Inc. CloudEdge Deployment Guide Version 5.5R3P1 Copyright 2016Hillstone Networks, Inc.. All rights reserved. Information in this document is subject to change without notice. The software
More informationF5 Azure Cloud Try User Guide. F5 Networks, Inc. Rev. September 2016
F5 Azure Cloud Try User Guide F5 Networks, Inc. Rev. September 2016 Azureinfo@f5.com Table of Contents Introduction... 3 F5 Web Application Firewall Solution, (WAF) Review... 3 Configuring SSO/Pre-authentication
More informationVNS3 Configuration. Quick Launch for first time VNS3 users in Azure
VNS3 Configuration Quick Launch for first time VNS3 users in Azure Table of Contents Setup 3 Notes 9 Create a Static IP 12 Create a Network Security Group 14 Launch VNS3 from Marketplace 19 VNS3 Unencrypted
More informationForeScout Extended Module for MaaS360
Version 1.8 Table of Contents About MaaS360 Integration... 4 Additional ForeScout MDM Documentation... 4 About this Module... 4 How it Works... 5 Continuous Query Refresh... 5 Offsite Device Management...
More informationAzure for On-Premises Administrators Practice Exercises
Azure for On-Premises Administrators Practice Exercises Overview This course includes optional practical exercises where you can try out the techniques demonstrated in the course for yourself. This guide
More informationvcloud Air - Virtual Private Cloud OnDemand Networking Guide
vcloud Air - Virtual Private Cloud OnDemand Networking Guide vcloud Air This document supports the version of each product listed and supports all subsequent versions until the document is replaced by
More information271 Waverley Oaks Rd. Telephone: Suite 206 Waltham, MA USA
Contacting Leostream Leostream Corporation http://www.leostream.com 271 Waverley Oaks Rd. Telephone: +1 781 890 2019 Suite 206 Waltham, MA 02452 USA To submit an enhancement request, email features@leostream.com.
More informationConfigure the Cisco DNA Center Appliance
Review Cisco DNA Center Configuration Wizard Parameters, page 1 Configure Cisco DNA Center Using the Wizard, page 5 Review Cisco DNA Center Configuration Wizard Parameters When Cisco DNA Center configuration
More informationHow to Deploy the Barracuda NG Firewall in an Amazon Virtual Private Cloud
How to Deploy the Barracuda NG Firewall in an Amazon Virtual Private Cloud The Barracuda NG Firewall can run as a virtual appliance in the Amazon cloud as a gateway device for Amazon EC2 instances in an
More informationDeploying the Cisco ASA 1000V
CHAPTER 2 This chapter includes the following sections: Information About the ASA 1000V Deployment, page 2-1 Downloading the ASA 1000V OVA File, page 2-7 Deploying the ASA 1000V Using the VMware vsphere
More informationInstalling and Configuring vcloud Connector
Installing and Configuring vcloud Connector vcloud Connector 2.6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationAKAMAI WHITE PAPER. Enterprise Application Access Architecture Overview
AKAMAI WHITE PAPER Enterprise Application Access Architecture Overview Enterprise Application Access Architecture Overview 1 Providing secure remote access is a core requirement for all businesses. Though
More informationDocker on Windows Server 2016
Docker on Windows Server 2016 Friday, August 4, 2017 2:26 PM Install and configure Docker, along with deploying and managing Windows-based containers, on a Windows Server 2016 server. This is a short workshop
More informationConfiguring CloudN using ESXi 5.0 or later (EST mode)
Configuring CloudN using ESXi 5.0 or later (EST mode) This document describes the step-by-step procedures to configure CloudN and Ubuntu server that will connect to external devices in access mode. CloudN
More informationAccessing CharityMaster data from another location
Accessing CharityMaster data from another location When all of your computers are on the same Local Area Network (LAN), you can place the back end files (including your data and the Word templates) onto
More information25 Best Practice Tips for architecting Amazon VPC
25 Best Practice Tips for architecting Amazon VPC 25 Best Practice Tips for architecting Amazon VPC Amazon VPC is one of the most important feature introduced by AWS. We have been using AWS from 2008 and
More informationIntroduction to the Azure Portal
Page 1 of 17 Introduction to the Azure Portal The new Azure portal is an all-in-one, work-anywhere experience. Now you can manage App Service Apps, databases and Visual Studio Team Services projects in
More informationAvaya Check Point Certified Security Expert. Download Full Version :
Avaya 156-315-76 Check Point Certified Security Expert Download Full Version : https://killexams.com/pass4sure/exam-detail/156-315-76 A. QoS Tab B. SmartDefense Tab C. IPSec VPN Tab D. IPS Tab Answer:
More informationAT&T SD-WAN Network Based service quick start guide
AT&T SD-WAN Network Based service quick start guide After you order your AT&T SD-WAN Network Based service, you can: Create administrator accounts Log in to the SD-WAN orchestrator Configure business policy
More informationEdgeXOS Platform QuickStart Guide
EdgeXOS Platform QuickStart Guide EdgeXOS Functionality Overview The EdgeXOS platform is a Unified Bandwidth Management device, meaning that it has the ability to support multiple bandwidth management
More informationTableau Server on Microsoft Azure:
Tableau Server on Microsoft Azure: Deployment Guidelines and Best Practices April 2017 Table of Contents Abstract...3 Introduction to Tableau With Microsoft Azure...3 Option 1 Self Deployment via Azure
More informationCisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002
Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002 Agenda Joint Cisco and Microsoft Integration Efforts Introduction to CCA-MCP What is a Pattern?
More informationLoadMaster for Azure Resource Manager. Feature Description
LoadMaster for Azure Resource Manager Feature Description UPDATED: 16 October 2017 Copyright Notices Copyright 2002-2017 KEMP Technologies, Inc. All rights reserved. KEMP Technologies and the KEMP Technologies
More informationPexip Infinity and Google Cloud Platform Deployment Guide
Pexip Infinity and Google Cloud Platform Deployment Guide Contents Introduction 1 Deployment guidelines 2 Configuring your Google VPC network 4 Obtaining and preparing disk images for GCE Virtual Machines
More informationXenApp 7.x on Oracle Cloud Infrastructure
2018-032 XenApp 7.x on Oracle Cloud Infrastructure OUT OF BAND DEPLOYMENT GUIDE CITRIX SYSTEMS, INC. Citrix.com 1 Deploying Citrix Cloud XenApp and XenDesktop Service with Oracle Cloud Infrastructure Deploying
More informationAzure Application Deployment and Management: Service Fabric Create and Manage a Local and Azure hosted Service Fabric Cluster and Application
Azure Application Deployment and Management: Service Fabric Create and Manage a Local and Azure hosted Service Fabric Cluster and Application Overview This course includes optional practical exercises
More informationIntegrate Akamai Web Application Firewall EventTracker v8.x and above
Integrate Akamai Web Application Firewall EventTracker v8.x and above Publication Date: May 29, 2017 Abstract This guide helps you in configuring Akamai WAF and EventTracker to receive events. In this
More informationCato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief
Cato Cloud Software-defined and cloud-based secure enterprise network Solution Brief Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise Cato Networks: Software-defined and Cloud-based
More informationVM-SERIES ON GOOGLE CLOUD DEPLOYMENT GUIDELINES
SERIES ON GOOGLE CLOUD DEPLOYMENT GUIDELINES Organizations are adopting Google Cloud Platform to take advantage of the same technologies that drive common Google services. Many business initiatives, such
More informationForeScout Extended Module for VMware AirWatch MDM
ForeScout Extended Module for VMware AirWatch MDM Version 1.7.2 Table of Contents About the AirWatch MDM Integration... 4 Additional AirWatch Documentation... 4 About this Module... 4 How it Works... 5
More informationCisco Prime Service Catalog Virtual Appliance Quick Start Guide 2
Cisco Prime Service Catalog 11.1.1 Virtual Appliance Quick Start Guide Cisco Prime Service Catalog 11.1.1 Virtual Appliance Quick Start Guide 2 Introduction 2 Before You Begin 2 Preparing the Virtual Appliance
More information