An IT admin cohort used a Cisco employee, who was moonlighting, to help configure and manage firewalls. This person was located overseas and trusted by my colleague, but concerns about availability and liability turned me off the idea.Have any of you...
Hi all. Beyond port security configurations... I always thought it was important to update firmwares and (now) would enable MFA to access switches. I also improved physical security so that random people couldn't walk up and plug into ports.What do y...
Hello my friends (and you are my friends),You may have noticed a recent post about integrating SSO and zero trust security with Fortinet. I loved my Fortis are my last job, but realize that some organizations operate within very different budgetary p...
It was a productive day. My primary focus was setting up a SAML/SSO integration with WarpSpeed WireGuard VPN. WireGuard is a modern alternative to IPsec VPNs, simpler, faster, and very affordable for SMEs that need strong perimeter security. Let's fa...
What VPN software / hardware do you use for your office?We were previously using just a plain Ubuntu server with ppp, ipsec, and strongswan. It worked well, but I couldn't get RADIUS authentication working with it so I had to manually add / remove ac...
Got a Fortinet SSL VPN? That's how most of my users accessed our fileserver at my last company. That fileserver was core to how engineer, QA, and manufacturing collaborated and wasn't going anywhere. I didn't have the budget to use FortiTokens and th...
We've been using (even before I got there) Unifi routers, switches, and wifi access points at both of our local offices. It's been great for the most part, and I can manage the networks from home. VPN to each of the offices using JumpCloud's radius w...
Some things are too cool not to share. I've recently published articles about how to authenticate into network hardware using RADIUS + TOTP multi-factor authentication (MFA). It works by appending a code to your password after comma, i.e., "Password,...
Helping on a project that has a simple requirement — to lock down our switches and routers to have 2FA for administrator access. But, we’re out of our element on implementing this – and could use advice. We do not have any sort of directory right no...
It's no secret that setting up SSO can be challenging. SAML is 'all or nothing', so having an IdP that provides open access for testing and tools such as this helps make what could otherwise be a bumpy rollout more seamless. Here's a great free tool ...
Recent events have compelled The Department of Homeland Security's CISA office to declare "shields up" for cyber defenses. It's published a handy list of free CISO tools to protect your devices, data, and network as part of that effort. My former ZDN...
