Protecting Your Network: CrossRealms Security Stats

Please be on the lookout for two updates:               Firewall updates to improve detection and response             Wireless updates to prevent KRACK attack                                                  […]

Palo Alto Networks – Dual Factor Authentication with O365 for Palo Alto Networks VPN users

Dual Factor Authentication with O365 for Palo Alto Networks VPN users   Today I visited a client that has been dealing with a recurring issue of failure on dual factor authentication for VPN users (Radius and O365 multi factor authentication). The signature of the failure was that initially the password was accepted, however, the Phone […]

Palo Alto Networks and High Availability | Errata: Code 8.0.3h4

Errata: Code 8.0.3h4 – Palo Alto Networks and High Availability I recently worked with a client to configure two Nexus3172 switches with vPC and VRRP in combination with dual Palo Alto Networks 3020s in HA passive-active failover. The firewalls were running Code 8.0.3h4 and the Nexus 6.0.2.           Laptop1  ==> Switch […]

Wirelurker Detection Tool from PaloAlto networks

We want to share this update from our partner Palo Alto Networks regarding malware targeting Apple’s desktop and mobile platforms. Palo Alto is among the network security companies that CrossRealms partners with to bring our clients advanced Analytics with Unified Threat Management. We share Palo Alto’s proactive approach to security threats. Please contact us if […]

MAC Address Limit on the Palo Alto 500 Firewalls

One of my clients recently suffered from continuous semi-outages with peculiar symptoms. As the number of people logging onto the internal network increased, new users were unable to access resources while existing users were completely unaffected. Initially, the two causes that came to mind were service policy limits and utilization on the data plane. I […]

Spam Email, Explained

Situation: Your mother/friend/sister emails you and wants to know why you are sending her pornography or solicitations to send money so she can be saved from the foreign country in which she’s been stranded.  Most spam like this is not coming from your account. It’s usually coming from someone else that’s using your email address.  In order to understand the […]

The 10 Things Your Next Generation Firewall Must Do

There are three different areas a firewall must preform well in – security functions, operations, and performance. The security functional elements correspond to the efficacy of the security controls, and the ability for enterprises to manage risk associated with network traffic. From an operations perspective, the big question is: “where does application policy live, and […]

Stopping Hackers In The Social Network Age

[vc_row][vc_column][vc_column_text disable_pattern=”true” align=”left” margin_bottom=”0″] We are all aware of the recent tampering of our beloved social networking site Facebook.  Hopefully none of you were the unfortunate recipients of malicious activity, including: hardcore porn, grotesque human gore, and religious degradation as reported by The Christian Post, which was one of the first to cover the event.  Current […]

Misconceptions about Palo Alto Firewalls

Recently I had lunch with a network manager from a large community hospital. As we were discussing security and the Palo Alto Network (PAN) firewalls, I realized that many people view them as only application firewalls. After reviewing Palo Alto marketing materials, I believe part of that misconception is due to their focus on their […]

TCP Split Handshake and How It Could Affect Your Firewall Configuration

For those of us who work in the security world, a recent attack called TCP Split Handshake has caused many of us to question what is considered secure and what best practices are. This attack circumvents a rudimentary firewall configuration called “established session” in which a firewall will permit a session that was initiated from […]