- HLD (High Level Design) vs LLD (Low Level Design)
- Network Professional Services/Consultancies
- Common Network Architectures/Designs/Topologies
- ************CCNA/CCNP Enterprise************
- Subnetting and TCP/IP
- EtherChannel L2 and L3
- *************Palo Alto*************
- Complete Guide to Upgrading Palo Alto Firewalls and Panorama
- How to perform PANOS upgrade from CLI?
- CLI Cheat Sheet: User-ID
- How to check Status, Clear, Restore, and Monitor an IPSEC VPN Tunnel
- CLI Cheat Sheet: HA
- CLI Cheat Sheet: Device Management
- CLI Cheat Sheet: Networking
- How to Configure DNS Sinkhole
- How to Import and Export Address and Address Objects (CLI) (Creating objects from a file of IPs)
- *************Fortigate*************
- Configure the management interface for initial access
- Fortigate Commands Cheat Sheet
Important Links
- Network Consultant’s Handbook
- Palo Alto ACE/PCNSE
- Cisco CCNA/CCNP/CCIE Security
- Cisco CCNA/CCNP/CCIE Enterprise
- Checkpoint CCSA/CCSE
- Fortinet NSE4/NSE5
- Juniper SRX
- Cisco Meraki and Aruba APs
- VmWare
- CompTIA Linux+/LPIC1
- Microsoft MCSA
- HPE Switches
- CISA (Certified Information Systems Auditor)
- CISSP (Certified Information Systems Security Professional)
- Cisco CCNA/CCNP CyberOps
- SD-WAN Basics
- Useful Tools
- Professional Services (PS)/Consultancies (Private)
IT Compliance, Standards, Guidelines, Frameworks and Industry Best Practices:
- https://www.itgovernance.co.uk/standards
- ITIL4 (Information Technology Infrastructure Library) (ITSM (IT Service Management) Standard)
- ISACA ITAF (IT Assurance Framework) (IS Audit Standards, Guidelines and Code of Ethics)
- GDPR (General Data Protection Regulation)
International Standards:
ISO/IEC 27001 and 27002
National Standards:
NIST Cybersecurity Framework (National Institute of Standards and Technology)
Cyber Essentials Plus (National Cyber Security Centre (NCSC))(Cyber Essentials is a UK Government-backed, industry-supported scheme to help organisations protect themselves against common online threats.)
Industry-Specific Standards:
PCI DSS (Payment Card Industry Data Security Standard)
HIPAA (Health Insurance Portability and Accountability Act)
Security Advisories:
US-CERT:
https://www.us-cert.gov/ncas/current-activity
Palo Alto: https://securityadvisories.paloaltonetworks.com
Checkpoint: https://www.checkpoint.com/advisories/
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsecurityalerts=#severity=&type=Security+Alerts&product=&version=
Cisco: https://tools.cisco.com/security/center/publicationListing.x
Meraki: https://meraki.cisco.com/blog/cisco-meraki-customer-advisories
Juniper: https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES
EoL links:
Cisco: https://www.cisco.com/c/en/us/products/security/asa-5500-series-next-generation-firewalls/eos-eol-notice-listing.html
https://www.curvature.com/resources/cisco-end-of-life-guide
Palo Alto: https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-summary
https://www.paloaltonetworks.com/services/support/end-of-life-announcements/hardware-end-of-life-dates
Meraki: https://documentation.meraki.com/zGeneral_Administration/Other_Topics/Product_End-of-Life_(EOL)_Policies
Checkpoint: https://www.checkpoint.com/support-services/support-life-cycle-policy/
CVE (Common Vulnerabilities and Exposures) and CVSS (Common Vulnerability Scoring System):
https://www.cvedetails.com/cvss-score-distribution.php
https://nvd.nist.gov/vuln-metrics/cvss
https://cve.mitre.org/
Important Organizations:
- United States Computer Emergency Readiness Team (US-CERT)
- National Cybersecurity and Communications Integration Center (NCCIC)
- Cybersecurity and Infrastructure Security Agency (CISA)
- National Institute of Standards and Technology (NIST)
- National Cyber Security Centre (NCSC)
- National Security Agency (NSA)
- Government Communications Headquarters (GCHQ)
- Cybersecurity and Infrastructure Security Agency (CISA)
- The Council for Registered Ethical Security Testers (CREST)
Gartner Magic Quadrant: NGFWs and SD-WAN:
Protected: Etherchannel L2 and L3
Protected: Subnetting and TCP/IP
Protected: Common Network Architectures
HP Switches
Cisco CCNA/CCNP CyberOps
Fortinet NSE4/NSE5
SD-WAN Basics
ISO/IEC 27001 and 27002
ISO/IEC 27001 and 27002 (International Standards Organization/International Electrotechnical Commission)(International standards for ISMS (Information Security Management Systems))(10 sections known as clauses and 4.0 to 10.0 are mandatory)(Clause 6.0 requirements are also called Annex A which has 14 sections and 114 clauses)
https://www.itgovernance.co.uk/blog/iso-27001-the-14-control-sets-of-annex-a-explained
https://www.isms.online/iso-27001/requirements-controls/
SNMP Configuration Cisco
Switches
ip access-list standard SNMP-Permitted
10 permit 192.168.130.242
1.3.6.1.2.1.4.21 – ipRouteTable (IP route table)
1.3.6.1.2.1.4.22 – ipNetToMediaTable (IPv4 ARP table) (deprecated by ipNetToPhysicalTable)
1.3.6.1.2.1.4.35 – ipNetToPhysicalTable (combined IPv4/IPv6 translation table)
1.3.6.1.2.1.3 – atTable (layer two address table)
and
snmpUsmMIB, snmpVacmMIB, and snmpCommunityMIB Objects excluded below
snmp-server view Company-RO iso included
snmp-server view Company-RO 1.3.6.1.2.1.4.21 excluded
snmp-server view Company-RO 1.3.6.1.2.1.4.22 excluded
snmp-server view Company-RO 1.3.6.1.2.1.4.35 excluded
snmp-server view Company-RO 1.3.6.1.2.1.3 excluded
snmp-server view Company-RO 1.3.6.1.6.3.15 excluded
snmp-server view Company-RO 1.3.6.1.6.3.16 excluded
snmp-server view Company-RO 1.3.6.1.6.3.18 excluded
snmp-server enable traps
snmp-server ifindex persist
snmp-server engineID local 8000000903005C710DE1D280
snmp-server location London
snmp-server contact support@Company.com
snmp-server group Company_snmp_mon_grp v3 priv read Company-RO access SNMP-Permitted
snmp-server user Company_snmp_mon Company_snmp_mon_grp v3 auth sha 3ZU50CjGs56ikZwxVLLy-5bm07WEQo priv aes 128 09pxfF-HTIJnhxZvL_vJ-VBKZawXqN
snmp-server host 192.168.130.242
snmp-server host 192.168.130.242 version 3 priv Company_snmp_mon
Network and Security Consultant 