ISO/OSI Model; Open Systems Interconnection OSI stands for Open Systems Interconnection, it is a model which tells us how the application communicates over a network. Basically, seven marvelous layers that IT systems use to communicate and disseminate data over network, established in 1983 by the International Organization for Standardization (ISO) and became a working product […]
In this post, I am going to explain how the location-identity mapping database populates using MP-BGP. Consider the image below where VTEP01 takes the original ARP L2 frame from the HOST01. VTEP01 learns IP-MAC binding of the end host. BGP Update sends the information to the Route-Reflector (iBGP), which in turn forwards this update message to […]
Today, malware is one of the biggest threats to our organizations and assets. Identifying and hunting this malware is one of the most important issues in the field of security. In this article, we are going to talk about 10 commonly used tools for identifying and analyzing malware. What Is Malware Analysis? Malware analysis refers […]
In the last post, we talk about F&L with Ingress Replication (AKA head-end replication) to handle multi-destination traffic. In this section, we are going to discuss F&L with PIM to handle multi-destination traffic. So, your complete bipartite graph must support PIM. This is why in this post, we happened to choose loopback 254 on the […]
SIGMA format is one of the common languages ​​of security systems such as EDR and SIEM. According to this format, we can create rules to identify threats. Note that SOC engineers are constantly dealing with security equipment, including SIEM. SIEMs have different languages, each of which follows a specific format. For example, to detect the […]
Today, one of the attackers’ most widely used techniques is the Fileless Malware. Fileless Malware refers to malware that does not use a specific code or binary on the disk to execute and does not execute certain content on the disk, which is malicious code related to the attacker’s malware. Fileless Malware can take many […]
In this post, I am going to explain how the location-identity mapping database populates using Flood and Learn method. Consider the image below where VTEP01 takes the original ARP L2 frame from the HOST01 and then adds VXLAN header which includes L2VNI 20100 (think of it as an overlay L2 interface between VTEPs). VTEP01 will forward […]
Today, there are many defense types of equipment, techniques and tactics, tools, and laws that security organizations and engineers use. All of these are far from aimed at preventing attacks and threats, but the question always arises: Are the techniques and methods we use resistant to the attacks we want and can prevent them? We […]
Underlay Transport for VXLAN In the first section of our VXLAN course we talked about overlay, underlay, and some terminologies with this technology. By now, you know what an underlay is. Within our datacenter context the underlay is our Clos network which includes the leafs and spines and their interconnections. To get rid of STP, […]
Routing Information Protocol (RIP) Basic Description We can remember we configured a static route for VPC2 with 10.2.0.50 that said to the FW1 that if you want to go to that VPC2 forward lower to FW2, and then FW2 makes a routing decision because it is directly connected to that client. For example, if we […]
Elissa Garlin
Think of a news blog that’s filled with content hourly on the day of going live.