david7eagle
Member
Posts:
160
Joined:
Fri Sep 24, 2010 4:13 pm
Certs:
A+, Security+, MCP, CCENT, CCNA, and CCNA Security

Study Update - Chapter 10

Sat Jul 16, 2011 10:34 pm

Sorry for the lack of posts. I am marching forward and absolutely loving the material. Right now, I am tackling Chapter 10 which covers the bulk of the material relating to firewalls and IPS. I've been labing some ACLs, hardening routers, and reviewing/memorizing the key topics at the end of each chapter. SANs in Chapter 9 was another interesting topic I wasn't farmiliar with and am now glad to know about.

While studying Chapter 10, I got to thinking: does one ever apply an internal firewall/IPS to filter outbound traffic from the inside? I have setup ACLs that prevent inbound traffic with an inside source and vice versa to prevent IP spoofing, but I was wondering if such and idea was commonly applied in the real world.

Very soon, you can be looking for a blog post entilted "VPNs, Technologies and Options" that covers the history, technology, and available vpn solutiotions for different operating systems.

Have a great rest of the weekend. :)

eugene
New Member
Posts:
6
Joined:
Sat Jul 09, 2011 2:01 pm
Certs:
Data Comm Engineer

Re: Study Update - Chapter 10

Sun Jul 17, 2011 11:41 am

Hi David, well I guess practice is the key advantage to advancing in this interesting field, I am register for ccna academy cert and we got to touch on ACLs, I realy enjoyed the topic but bcos of lack of practice, terms like outbound and inbound still give me a hard time? because of your query, I have to review my notes once again-

I have enjoyed my wkend, definitely...

User avatar
Project2501
Post Whore
Posts:
6158
Joined:
Thu Apr 17, 2008 6:44 pm
Certs:
CCNA

Re: Study Update - Chapter 10

Sun Jul 17, 2011 2:40 pm

david7eagle wrote:While studying Chapter 10, I got to thinking: does one ever apply an internal firewall/IPS to filter outbound traffic from the inside? I have setup ACLs that prevent inbound traffic with an inside source and vice versa to prevent IP spoofing, but I was wondering if such and idea was commonly applied in the real world.


Companies restrict certain traffic going out. For example port 6667 is blocked where I work.
- Pete

User avatar
DanC
Ultimate Member
Posts:
852
Joined:
Mon Oct 06, 2008 8:01 am
Certs:
CCNA, CCNA-W, CCNP

Study Update - Chapter 10

Sun Jul 17, 2011 5:32 pm

We restrict http and https outbound, it forces users to use the proxy and be subject to monitoring.


Sent from my iPhone using Tapatalk

User avatar
swagger
Post Whore
Posts:
1395
Joined:
Mon Nov 23, 2009 7:55 pm
Certs:
CCNP, CCNA Sec

Re: Study Update - Chapter 10

Sun Jul 17, 2011 7:20 pm

DanC wrote:We restrict http and https outbound, it forces users to use the proxy and be subject to monitoring.


Sent from my iPhone using Tapatalk

How evil....

rc172
Member
Posts:
213
Joined:
Sun Apr 17, 2011 3:28 pm
Certs:
CCSP/CCNP:Security GIAC GPEN

Re: Study Update - Chapter 10

Mon Jul 18, 2011 7:47 am

Its pretty common to block outgoing SMTP from everything but an actual email server. This prevents spam malware on workstations from causing problems like putting your IPs on spam black lists.
The Cubicle Wizard
http://cubiclewizard.blogspot.com/

User avatar
burnyd
Post Whore
Posts:
3160
Joined:
Fri Nov 13, 2009 5:15 pm
Certs:
CCIE R&S/SP,CCNP-SP,JNCIA,VCP510,VCA-DCV

Re: Study Update - Chapter 10

Mon Jul 18, 2011 8:21 am

DanC wrote:We restrict http and https outbound, it forces users to use the proxy and be subject to monitoring.


Sent from my iPhone using Tapatalk


x2.

The most interesting part of ccna security for me atleast was the final chapters on site to site vpn tunnels.
http://danielhertzberg.wordpress.com - I blog about networks!

david7eagle
Member
Posts:
160
Joined:
Fri Sep 24, 2010 4:13 pm
Certs:
A+, Security+, MCP, CCENT, CCNA, and CCNA Security

Re: Study Update - Chapter 10

Tue Jul 19, 2011 10:19 am

burnyd wrote:
DanC wrote:We restrict http and https outbound, it forces users to use the proxy and be subject to monitoring.


Sent from my iPhone using Tapatalk


x2.

The most interesting part of ccna security for me atleast was the final chapters on site to site vpn tunnels.

I'm looking forward to getting to that part.

Fred
Post Whore
Posts:
2617
Joined:
Sat Jun 07, 2008 11:06 am
Certs:
CCNP, CCDP

Re: Study Update - Chapter 10

Thu Jul 21, 2011 9:47 pm

david7eagle wrote:does one ever apply an internal firewall/IPS to filter outbound traffic from the inside? I have setup ACLs that prevent inbound traffic with an inside source and vice versa to prevent IP spoofing, but I was wondering if such and idea was commonly applied in the real world.

Not only do they, but it's common at anywhere but the smaller companies. If you don't filter outbound traffic, you open yourself up to all sorts of liability, and such filters are required for many audits. Best practice is to restrict traffic to only those ports necessary for business.

'

Return to david7eagle - CCNA Security

Who is online

Users browsing this forum: No registered users and 6 guests