The Discard Route
When we summarise a route, Cisco IOS will inject a discard route. It is all nice to understand what Cisco IOS does. However, we ought to ask the question: Why? This blog answers this question.
Category: SECURITY
The ICMP Redirect
You will not find this very often though, you may come across a network where there are two routers on the same broadcast segment, each responsible for different networks. So how do you get your hosts to know which gateway should they use? You could setup two default gateways – both Windows and Linux allow that. However, you could also rely on ICMP Redirects. In this blog, I will show you what ICMP redirect is and in what circumstances it can be useful. I will be working on the following topology: The routing table on HOST1 and ROUTER1 look like…
ISP Network Design
I have been reading recently quite a bit in regards to ISP core network designs and quickly realised that ISP network design is a serious undertaking indeed. In this blog, I wanted to add some structure to notes I have been taking for the past few days on this topic.
Cisco ISE Deployment Notes
As with any deployment, having a good design in place is the foundation of achieving a successful deployment. In this blog I will be putting together a few notes to keep in mind when designing and deploying Cisco ISE appliance. COMMUNICATION Whilst communication is not strictly part of the actual design, it is nonetheless an important area to address. Deploying access controls in any network is a risky business indeed. Why? Well … access control here should be a good clue! Furthermore, prior to even starting the design, you must fully understand what the requirements are and communicate the limitation within…
The ICMP Redirect
You will not find this very often though, you may come across a network where there are two routers on the same broadcast segment, each responsible for different networks. So how do you get your hosts to know which gateway should they use? You could setup two default gateways – both Windows and Linux allow that. However, you could also rely on ICMP Redirects. In this blog, I will show you what ICMP redirect is and in what circumstances it can be useful. I will be working on the following topology: The routing table on HOST1 and ROUTER1 look like…
ISP Network Design
I have been reading recently quite a bit in regards to ISP core network designs and quickly realised that ISP network design is a serious undertaking indeed. In this blog, I wanted to add some structure to notes I have been taking for the past few days on this topic.
Cisco ISE Deployment Notes
As with any deployment, having a good design in place is the foundation of achieving a successful deployment. In this blog I will be putting together a few notes to keep in mind when designing and deploying Cisco ISE appliance. COMMUNICATION Whilst communication is not strictly part of the actual design, it is nonetheless an important area to address. Deploying access controls in any network is a risky business indeed. Why? Well … access control here should be a good clue! Furthermore, prior to even starting the design, you must fully understand what the requirements are and communicate the limitation within…