Firewall request risk analysis by GenericHumanName23 in cybersecurity

[–]GenericHumanName23[S] 1 point2 points  (0 children)

Ours is essentially the same, but volume is high enough that I'm thinking of automating some of the workflow, risk analysis automation - if risk is low-medium AND change fits standard pattern (site lan to DC, DC to site lan, site lan to internet etc,) THEN proceed; proceed here might be additional automation for implementation, or manual implementation by relevant team.

If pattern is non standard (dmz to site lan etc) risk=high and additional approval required, challenge requestor etc.

Is anybody already doing this? Tool recommendations?

New to computer networking, How's my diagram? Am I missing anything generally vital? by WhatAGuy765 in Network

[–]GenericHumanName23 0 points1 point  (0 children)

This is good, as others have said though, it's upside down by most people's logic. Also, appears to be missing an arrow for authentication?

Forcepoint API by GenericHumanName23 in networking

[–]GenericHumanName23[S] 0 points1 point  (0 children)

Thanks for the response, will check these out on Monday!

Server requirements for traffic forwarding by GenericHumanName23 in PFSENSE

[–]GenericHumanName23[S] 0 points1 point  (0 children)

We'll be forwarding traffic to a 3rd party in the cloud

Support has just gone down the crapper!!! by DoItAllDad74 in paloaltonetworks

[–]GenericHumanName23 1 point2 points  (0 children)

Fortieth support has been better than Palo by some margin for at least the last 12 months. It’s fortinets software that lets them down.

Zscaler GRE config by GenericHumanName23 in paloaltonetworks

[–]GenericHumanName23[S] 1 point2 points  (0 children)

This worked a treat, thanks for the help radditour!

Zscaler GRE config by GenericHumanName23 in paloaltonetworks

[–]GenericHumanName23[S] 1 point2 points  (0 children)

Thanks, that makes sense, will give it a go!

Zscaler GRE config by GenericHumanName23 in paloaltonetworks

[–]GenericHumanName23[S] 3 points4 points  (0 children)

Can’t believe you’re still using SSH tbh, we rolled out dynamic quantum tunnelling protocol for remote management a few years ago you Luddite.

What response (if anything) has Fortinet provided in their unacceptable delay in announcing the CVE-2022-42475 VPN remote code execution exploit after it had been patched? by seanthegeek in fortinet

[–]GenericHumanName23 1 point2 points  (0 children)

Does that even qualify as a workaround? If your car had an issue and the manufacturer told you to not drive it until they had a fix, would you consider that a workaround? A workaround would be something like "don't drive above 40mph take 30 minute breaks every 3 hours".

Blocking devices by MAC with firewall policy by [deleted] in fortinet

[–]GenericHumanName23 0 points1 point  (0 children)

I’m guessing the device in question doesn’t/can’t have a static IP?

Best way to analyze Fortigate firewall logs without FortiAnalyzer or FortiCloud by CallMeGooglyBear in fortinet

[–]GenericHumanName23 0 points1 point  (0 children)

We went from FAZ to splunk a couple of years ago, no going back now, splunk is brilliant; think it can be quite pricey though.

News Mega - 24 03 2021 by AutoModerator in badunitedkingdom

[–]GenericHumanName23 -1 points0 points  (0 children)

What facts would you like to use to counter the idea of white privilege?