Posts by: Trevor Butler

First Line of Security: Physical Security

When we think of security the image of firewalls, anti-malware protection, and the latest and greatest in network access control pops in our head. With Cisco ISE servers providing NAC services, ASAs providing firewalling on our network edge, and AMP for Endpoints providing malware protection on our laptops we think we are secure. But are we? Have we forgotten the very first line of security?

Continue reading  

AWS re:Invent 2017 Recap

This year’s AWS re:Invent has come and gone. This year 45,000 people from around the world descended on Las Vegas for one week. Participants were treated to a myriad of breakout sessions, labs, certification exams, and parties (it is Vegas after all). For the first time re:Invent spanned multiple convention centers. The Sands Convention Center was the main center with the Mirage, Aria, and MGM acting as secondary centers.

Continue reading  

Release the Kraken! How the KRACK Attack vulnerability may affect your wireless network


On Monday Mathy Vanhoef and Frank Piessens, from the University of Leuven, published a paper disclosing a series of vulnerabilities that affect the Wi-Fi Protected Access (WPA) and the Wi-Fi Protected Access II (WPA2) protocols. These vulnerabilities described a set of scenarios where a malicious user can perform a man-in-the-middle replay attack on wireless users connected to the network using the WPA and WPA2 wireless protocols. By spoofing the address of an access point and replaying the authentication 4-way handshake the malicious user can force the supplicant end device to reinstall an old key-pair, which is why it is being referred to as “KRACK” (Key Reinstallation AttaCK).

Continue reading  

How Optimized is your Network? Maybe it’s time for a Network Assessment

You have been working as a network administrator for your company for a few years now. In that time you have been asked to complete a handful of network projects; a new office turn up here, replace some switches or a router there. The whole time you work from old templates or, in the case of replacement gear, just copy and paste the old config. Have you ever really stepped back and looked at the network as a whole, or more importantly do you have time?

Continue reading  

AMP for Endpoints: Deployment to your Users

Recently I deployed Cisco’s AMP for Endpoints for a 50-user organization. For the uninitiated, AMP for Endpoints is Cisco’s cloud based, enterprise grade, advanced malware protection software that is deployed to each end device in the network. Each endpoint reports back to the central cloud controller and is managed by the controller. Cisco integrated AMP for Endpoints with Cisco’s ThreatGRID to provide deep threat analytics; analyzing millions of files and correlating them against hundreds of millions of malware samples. The controller can then push these new signatures to each endpoint automatically, protecting the device.

Continue reading  

Redundancy in the Cloud: The Need for Well-Designed Applications

Both Amazon AWS and Microsoft Azure sell the idea of inherent high-availability and scalability within their cloud services. Many companies bought into that idea and dove head-first thinking that, once in the cloud, the provider will provide the redundancy natively. With the recent AWS S3 outage many customers learned the hard way that this is not the case. There is still a need for customers to design redundancy into their applications when moving to the cloud. Companies like AWS and Azure provide the platform to use, but it is still up to the customer to design their systems to utilize that platform.

For many AWS customers, their workloads are located in one region, and in many cases their applications are utilizing only one availability zone within a region. To use the S3 outage as an example, the Simple Storage Service (S3) outage was localized to only the US East Region. Had customers replicated their S3 data to an additional region and utilized Amazons failover platform the outage would have gone unnoticed to all but the operators at AWS.

Continue reading  

AWS for the Enterprise - Datacenter in the Sky

By now I am sure most of us have heard of Amazon’s AWS, or Amazon Web Services, but how many of us know of its full potential. The biggest myth around AWS is that it is a cloud service for developers and doesn’t have a place for the enterprise environment however, while AWS offers a lot of platform services aimed at the developer, at its core, it offers a set of rich infrastructure services. Let’s look at these core services and how they relate to the enterprise customer.

Continue reading  

Access Control List Optimization: Common Mistakes When Deploying an ACL

Currently I am working on a project where I am going through and optimizing a large set of Access Control Lists (ACL) on a set of 5585 Firewalls.  While going through each ACL I have noticed a few mistakes other engineers have made while configuring these rules.  I have compiled a list of these common mistakes.  The focus of this blog will be around ACLs on Cisco ASA’s; however these rules still apply to other devices as well.

Continue reading  
Subscribe to Our Blog

Subscribe to the informative Newsletter to be Notified Updates in the Technology world.

subscribe to our blog


Phone Number: 925-566-3480


391 Taylor Blvd. Suite 120
Pleasant Hill, California 94523
Join our mailing list to stay up to date and get notices about our new releases!

© 2016 Lookingpoint - ALL RIGHTS RESERVED