CheckPoint Firewall Correlation Rule Pack - Part 1. Ok, so I am not sure if folks really liked my previous attempt to do a write up about VPN correlation rule pack, but I am going to continue nonetheless. My next...
Scanning your external perimeter Being in the blue corner of the ring is always tough. Red and Black teams are usually less restricted, more bold and better equipped. This guide is for the compact security teams that do not have...
AnyConnect VPN Correlation Rule Pack - Part 3. OK. So far we were trying to set rules and correlate proper evetns. This final part of the VPN rule pack will deal with the dashboard and some reporting. One of the...
AnyConnect VPN Correlation Rule Pack - Part 2. OK. Lets proceed further. The part 2 of the write up will dig into the correlating more information. In my setup ASA is giving out the internal IP addresses to the successfully...
AnyConnect VPN Correlation Rule Pack - Part 1. I have been away from this blog for some time now, which I was spending learning ArcSight besides other stuff. So I decided to kick off this year with the post that...