Details: Written by: Meena; Category: Cybersecurity PRISM

What is Ethernet Switching?

As you know that most corporate networks use a combination of switches, routers, hubs, and wired & wireless-technologies. In this post, I am revisiting the ethernet switching...

Ethernet switching is about connecting your wired devices, e.g., computers, laptops, servers, printers, etc. to your LAN. Since ethernet switches offer you multiple ports, you can easily establish a faster connectivity and smooth access to multiple devices simultaneously.

You won't find a single corporate network where ethernet switches have not been installed. They are essential to create your networks.

However, ethernet switches are fundamentally very different from routers. Routers connect 'networks' and primarily use only a single LAN and WAN port. Routers connect networks to other networks, most commonly connecting LANs to WANs. Routers are usually placed at the gateway between networks and route data packets along the network. Right?

A network administrator, is expected to provide you fully wired and Wi-Fi connectivity using a right combination of devices, switches and access-points.

Hubs are almost gone, and not seen very frequently in corporate networks. Reason of their decline was that they were there to SHARE the bandwidth equally among ports. Contrarily, you can use ethernet switches to devote more bandwidth to certain ports without degrading the performance of your network. Experienced IT guys know that when many devices are active on a LAN, ethernet switching provides more robust performance.

You can connect dozens of devices to a network using an Ethernet switch. Ethernet switches allows you to monitor traffic, to control communications among machines, to securely manage access of network users, and rapidly troubleshoot.

You can easily find a right solution (switches) which is best fit for your network, as you can select from wide variety of switches. You can buy plug-n-play switches to feature-rich Gigabit Ethernet switches that actually perform at higher speeds than wireless options.

How Do Ethernet Switches Work?

Details: Written by: Meena; Category: Cybersecurity PRISM

You need to recall that ...

Everything that is sent from one computer to the another computer that is there on the network, is divided into smaller pieces. These smaller pieces of data in any form, are called 'Packets'.

Whether you are sending an email, or opening a web-page in your browser, or watching a movie on Netflix, or uploading a video on YouTube, everything is being sent or received in a series of Packets. At the destination terminals or systems, these packets are then re-assembled and then displayed on the screen or stored at the system.

Each packet has an attached header that contains all the information about -- where the packet is from and where it is going, including its destination IP address (like the address on a piece of mail). In order to make a packet to reach its intended destination, ROUTERS have to forward it from one network to the next until it finally arrives at the network that contains its destination IP address. That network will then forward the packet to that address and the associated device. It is the jobs of routers throughout the journey of packets, to forward them to next router in the next network.

Before routers can forward a packet to its final IP address, they must first determine where the packet needs to go. Routers do this by referencing and maintaining a 'ROUTING TABLE,' which tells them how to forward each packet. Each router examines the packet's headers, consults its internal routing table, and forwards the packet to the next network. A router in the next network goes through the same process, and the process is repeated until the packet arrives at its destination.

This approach to routing works so very well for most purposes. In fact, the most of the Internet actually runs using IP addresses and routing tables. However, your users or your organization may want their data to travel FASTER over paths you can directly control, especially in case of enterprise-wide Branch-to-HQ connectivity. And MPLS does this job beautifully...

What is MPLS?

Details: Written by: Meena; Category: Cybersecurity PRISM

What is RADIUS protocol?

RADIUS stands for Remote Authentication Dial-In User Service. It is networking protocol that authorizes and authenticates users who access a remote network.

It is a de facto industry standard for controlling the remote access of users to your network.

RADIUS performs three basic functions:

Details: Written by: Meena; Category: Cybersecurity PRISM

You have been deploying NGFWs as appliances to protect your computers, systems and the network. You might have been using physical and virtual versions of these firewalls in most cases and deployed on premises or cloud. However, you were to support these during the entire life-cycle of these appliances.

If you had distributed networks spread over distributed locations then you needed dedicated appliances that have to be sized and upgraded to accommodate your business growth. You had been doing the upgradation or patching of those yourself and you had to do 'policy management' for each devices.

Now a days, most security vendors have come up a new and revolutionary way of delivering firewall and other network security capabilities as a cloud service, viz., Firewall as a service (FWaaS).

What is a FWaaS?

Details: Written by: Meena; Category: Cybersecurity PRISM

What is Data Integrity?

In the hindsight, it is a very simple concept. You always want to your data accurately describe (something) as it is intended to.

Thus, the data integrity is about the accuracy and consistent 'validity' of your data over its entire lifecycle. If at any point your data loses its accuracy and validity, then what is the use of this data? Nothing, it's junk!

There have been 2-ways of looking at data integrity:

Details: Written by: Meena; Category: Cybersecurity PRISM

What is a SSL Certificate?

An Secure Sockets Layer (SLL) certificate is a digital certificate that authenticates the identity of a website and encrypts information sent to the webserver using SSL technology.

When your website has a SSL Certificate, every interaction the people and companies have with your website, remain PRIVATE. For example, your customers may be sharing their 'Personal Info' such as names, addresses, etc. when its demanded by your website. Your customers may also be sharing other transactional details such as credit card numbers, or other financial details, etc with you via your website. The SSL Certificate of your website will help you and them to keep this information secure, and private between them and your website.

Details: Written by: Meena; Category: Cybersecurity PRISM

What is Datacenter Security?

Datacenter security is an assortment of technological and physical measures which are used to protect a datacenter's assets and resources, thereby shielding it from all sorts of internal and external threats.

You should always design a comprehensive security plan that covers all important aspects of your datacenter, e.g., the networks, servers, power-systems, and the DATA and the PROCESSES they support.

You should take full cognition of 'specific' security threats that are usually faced by datacenters, because your datacenter, in fact all datacenters, are highly lucrative targets for most cyber-criminals.

Your datacenter is always the backbone of your business. It does not matter, if you use your datacenter for storage, or disaster-recovery, or for supporting business applications, the vast computational workloads of your datacenter is THE MOST critical resource of whole IT infrastructure your company operates with.

In the hindsight, your company's sensitive information and business-critical applications are a treasure trove of opportunity for hackers and other threats.

Whether you believe or not, your datacenter is a trusted component of your organization’s infrastructure. Your company is depending upon your datacenter assets to provide a SAFETY NET when everything else goes wrong. That's why the security of your datacenter is extremely vital.

In a way, a secure data center ensures the 'Business Continuity' and gives your company a confidence that you can focus on growing your businesses without worrying about the safety of your digital assets.

How Can You Secure Your Datacenter?

Details: Written by: Meena; Category: Cybersecurity PRISM

What is ICS?

ICS is actually a class of some digital devices....

There are number of digital devices which are used in modern 'INDUSTRIAL' processes.

Whether it is your Critical Infrastructure at nation-level (e.g., Power Grid, Water Treatment, Dams, Railways, etc) or your own manufacturing unit or many other large applications, they are using the following types of devices:

Details: Written by: Meena; Category: Cybersecurity PRISM

If you ask me, What is Hacking...

I would say that it is possibly an act of 'compromising' networks and digital devices though UNAUTHORIZED access to a computer system or an user account. But it does not necessarily need to be malicious only.

The general impression of the word is that it is illegal activity and results in data theft by cyber criminals, as they misuse devices, e.g., computers, smartphones, tablets and networks to cause damage to organisations, or to corrupt systems, gather users information, steal data and documents, or to disrupt data-related activities. This makes people imagine that there is a lone rouge programmer who is highly skilled in coding and modifying computer hardware/software.

However, this view is too narrow. Because it does not let them think of the true technical nature of hacking as a SKILL. There is a very high degree of skills involved into it, as hackers are capable of launching highly sophisticated attacks using various stealthy methods which are designed to go completely unnoticed by network security software and IT professionals. Hacking by it very nature, is a multibillion-dollar industry with extremely sophisticated and successful techniques.

Sometimes, there are politically motivated hackers—or hacktivists too, who aim to raise public attention by leaking sensitive information, such as Anonymous, LulzSec, and WikiLeaks.

Here are 2-strange facts about illegal hacking (Source: Fortinet):

Details: Written by: Meena; Category: Cybersecurity PRISM

Just suppose you join a new company and they provide you a username and password (plus, MFA) to access their dashboard. When you enter your login credentials, you are presented with a dashboard. What you see at your dashboard is an assortment of so many applications which you can use, e.g., Salesforce, Gmail, Box, Expensify, Jira, AWS, etc.

You would know by your own experience that each of those applications should require you to enter separate user login credentials. But here in your dashboard, when you click on any application, you access it directly and the corresponding interface opens right in front of your eyes, without asking you to enter any login username or password of sorts of things.

You would be wondering, "What's the hack?"

Nothing. It's SAML in action...

What is SAML?

Details: Written by: Meena; Category: Cybersecurity PRISM

Very much like our world where some people strive for peace and others who strive for chaos around, our cyber world 'Internet' is also a grave battle-field. So many parties, nation-states, and people are constantly engaged in cyber-warfare against each other.

The ever-persistent cyber-warfare, forced Information Security guys to hunt for some ideas and they picked one idea from 'Military' terminology, i.e., DMZ (Demilitarized Zone). The demilitarized zone is an area that sits between two areas controlled by opposing forces or nations.

In military terms, a DMZ is a place in which two competing factions agree to put conflicts aside to do meaningful work. For example, a land strip like this, separates the Korean Peninsula, keeping North and South factions at bay.

What is DMZ Network?

Page 4 of 29

Knowledge Center

Popular Blog Posts

Management Consulting

Blog Feed