Blog: ittavern.com Feedback is appreciated

  • 53 Posts
  • 59 Comments
Joined 1 year ago
cake
Cake day: June 16th, 2023

help-circle












  • It may be a little late, but do you enjoy cybersecurity? - Chasing ghosts, scrolling through endless lines of logs, fending off threats, responding to incidents in high-stress situations, fighting for budgets, clients and colleagues who just don’t care, being the “bad guy” in meetings, and so on.

    I’ve only been there a few months, but there’s no light at the end of the tunnel. I’m pretty sure it has something to do with my environment, but I can’t see myself doing this for a long time.




  • woptocybersecurityOff-Topic Friday
    link
    fedilink
    arrow-up
    1
    ·
    3 months ago

    I am pretty sure one of our consultants has this Osprey Comet. Looks decent! Wow, the Technonaut looks more like a travel bag than an everyday carry, and man, 400 bucks? And I thought my Veto Pro Pac was expensive.








  • So, let’s assume that you are in an international company and the first and only security person. What are your first steps and projects? It is like really vague, but I’d assume like a SIEM, inventory of the network and all devices, backup situation, maybe even honeypots?

    What are your high-prio things that every company should have? Is there even a framework for it?

    Feeling kinda lost and I hope you get some guidance in the right direction.













  • Does fortigate not have a form of DMVPN like Cisco?

    ADVPN (Auto-discovery VPN) seems to be the equivalent. https://docs.fortinet.com/document/fortimanager/7.2.0/single-datacenter-for-enterprise/282533/advpn

    Just curious why ISP/third party MPLS? Purely interest.

    I guess it was easier at some point? - Taht was way before my time there. But we are going to replace the MPLS part with simple internet-breakout points on location and the the rest with SDWAN.

    Also, did you find this purely from user complaining or have monitoring tool?

    Purely from users complaining and other departments getting frustrated about why their stuff was not working (e.g. Citrix). The new FW had to be installed in a short time and ‘everything’ worked fine at first. Problems only occurred after some load was put on the network. We failed - as in network dep - by NOT doing a stress/limit test of the network and finding this problem immediately, and NOT implementing some kind of monitoring that would have notified us of all those lost packets and connections. We caught up, but we should have done it in the first place, because it is necessary.

    I’m assuming using third party was supposed to offload the work/config from you?

    Do you mean the ISP/MPLS provider? - If so, not really.


  • woptocybersecurityWhat are You Working on Wednesday
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    I want to get into Ansible and I am building a testing env for it - home lab with various switches and routers, Fortinet, Palo, and a proxmox host server and some remote VPS. One of my goals for Q1 '24. Today I am going to prep the switches.

    Besides that, I want to host my own NFTY server and I hope that I can get it online within this week.