glenkemp

Heh, it's just an example, and YMMV

in Deep Packet Inspection - Keeping bad guys (and stuff) out Comment by glenkemp July 2014

Thanks, I'll see what I can do!

in Deep Packet Inspection - Traffic Optimisation and Troubleshooting Comment by glenkemp August 2014

Pretty much all firewalls, and most routers have some sort of ALG/Fixup/Helper for the many protocols; but in most cases I would expect packet drops to be silent these days..

in Deep Packet Analysis - Fun with Flags! Comment by glenkemp November 2014

Mmm...Good point; this time I planned things a bit better up front, which meant that there has been less opportunity to go off the the tangents that are often so interesting..I'll try and do something about that in my next piece.. To that end, what you would like to see in the next post?

in Deep Packet Analysis - What's in a Name (service)? Comment by glenkemp November 2014

Thanks, but I have to say I have been thoroughly impressed with contributions from the entire community. Nice place you've got here!

in Deep Packet Inspection - Traffic Optimisation and Troubleshooting Comment by glenkemp August 2014

Thanks, I have too!

in Deep Packet Inspection - Traffic Optimisation and Troubleshooting Comment by glenkemp August 2014

Yeah it came as a surprise to me too! Things have really gone badly wrong if you are having to refer to an RFC, but it's good that such important ones are being actively maintained to make them better!

in Deep Packet Inspection - Keeping bad guys (and stuff) out Comment by glenkemp July 2014

Don't worry, I didn't take it as criticism at all, was just curious as to what you were interested in! The difficulty for me is that I work for a Firewall vendor, so whilst I can talk about the technology in a "how and why" sense, I can't really get too specific. That said, I can write about it as part of my day job, and…

in Deep Packet Inspection - Security functions and Limitations Comment by glenkemp July 2014

Agreed, especially on the "out of the box" part. My own mantra in terms of security is "you get out what you put in"; and IMO there is a lot of chasing of the newest "shiney shiney" in the business, but very little effort put into optimising the stuff you have.

in Deep Packet Inspection - Security functions and Limitations Comment by glenkemp July 2014

There are ways of making firewall authentication transparent to end-user, and *most* UTM-grade firewalls have this kind of SSO features, but they are very much dependant on things like using Active Directory and Windows Clients to work properly. There are half-way houses, but in a mixed client environment (as almost all…

in Deep Packet Inspection - What's it for? Comment by glenkemp July 2014

Certainly "a Zero trust" model you describe is the ideal, but for most organisations, it's pretty tough sell and even tougher to implement. This trust model I've described here is probably 20 years old, but it still reflects how the majority of networks are designed and run today. The advent of server and network…

in Deep Packet Inspection - What's it for? Comment by glenkemp July 2014

Hi Tyson/Alex To be honest it's been a while since I've been involved with Extrahop; but certainly I'd consider them to be complementary products. To steal a metaphor from Tom Clancy; Solarwinds remembers; Extrahop thinks. The "Network Brain" needs to do both. In my previous life we had a service and platform monitoring…

in ExtraHop AND SolarWinds Comment by glenkemp November 2014

glenkemp

Comments