Info Sharing Blog

Saturday, July 6, 2019

1 Minute Reference : Google Cloud App-Engine

July 06, 2019 Posted by jaacostan

GCP App Engine consist of services, versions, and instances. Services usually provide a single function. Versions means different versions of code running in the App Engine environment. Instances are managed instances running the specific service.
How to Deploy?
Deploy App Engine using gcloud app deploy command. Also includes configuring the App Engine environment using the app.yaml file. Keep in mind that a project can have only one App Engine app at a time.
How to Scale?
There are three scaling options. auto-scaling, basic scaling, and manual scaling. Only auto-scaling and basic scaling are dynamic. Manual scaling creates resident instances. Auto-scaling allows for more configuration options than basic scaling.
How to Split the traffic?
This can be done using gcloud app services set-traffic command. Use ––splits parameter, to specify the percent of traffic to route to each version.
How to Migrate the traffic?
This can be achieved from the Versions page of the App Engine console or using the ––migrate parameter with the gcloud app services set-traffic command.

Wednesday, June 26, 2019

Kubernetes in Google Cloud : Basics Series

June 26, 2019 Posted by jaacostan
Kubernetes Engine is a container orchestration system for deploying applications to run in clusters.
Kubernetes uses pods as instances running a container.Multiple containers in a pod is also possible.

1) Set the Zone
gcloud config set compute/zone [ZONE_NAME]
2) Create a Kubernetes Cluster
gcloud container clusters create [CLUSTER-NAME]

3) After creating your cluster, need to get authentication credentials to interact with the cluster.
gcloud container clusters get-credentials [CLUSTER-NAME]
4) Deployment of Service/Applciation : kubectl run command in Cloud Shell to create a new deployment "hello-server" from the hello-app container image:
kubectl run hello-server --image=gcr.io/google-samples/hello-app:1.0 --port 8080
In Kubernetes, all containers run in pods. kubectl run command made Kubernetes to create a deployment consisting of a single pod containing the nginx container. A Kubernetes deployment keeps a given number of pods up and running even in the event of failures.
5) Expose the application to the internet.
kubectl expose deployment hello-server --type="LoadBalancer"
6) Verify the running pods
kubectl get pods
7) View the running service.
kubectl get services
8) Scale up the number of pods running the services.
kubectl scale deployment hello-server --replicas 3
Scaling up a deployment is useful when you want to increase available resources for an application

For Google Cloud : Basic Cloud Shell commands , follow here.⏬⏬

Tuesday, June 25, 2019

Google Cloud : Basic Cloud Shell commands

June 25, 2019 Posted by jaacostan
Google Cloud resources can be managed in multiple ways. It can be done using Cloud Console, SDK or by using Cloud Shell.
A few basic Google Cloud shell commands are listed below.

1)    List the active account name
gcloud auth list
2)    List the project ID
gcloud config list project
3)    Create a new instance using Gcloud shell
gcloud compute instances create [INSTANCE_NAME] --machine-type n1-standard-2 --zone [ZONE_NAME]

Use gcloud compute machine-types list to view a list of machine types available in particular zone. If the additional parameters, such as a zone is not specified, Google Cloud will use the information from your default project. To view the default project information, use gcloud compute project-info describe

4)    SSH in to the machine
gcloud compute ssh [INSTANCE_NAME] --zone [YOUR_ZONE]
5)    RDP a windows server
gcloud compute instances get-serial-port-output [INSTANCE_NAME] --zone [ZONE_NAME]
6)    Command to check whether the server is ready for an RDP connection
gcloud compute instances get-serial-port-output
7)    Create a Storage bucket
gsutil mb gs://[BUCKET_NAME]
8)    Copy a file in to the bucket
gsutil cp [FILE_NAME] gs://[BUCKET_NAME]
9)    Setting up default compute zone
gcloud config set compute/zone [ZONE_NAME]
10)    Set the default region:
gcloud config set compute/region [REGION_NAME]
11)    List the compute engine instances created: 
gcloud compute instances list
12)    Create Kubernetes Cluster
gcloud container clusters create [CLUSTER-NAME]
13)    Get authentication credentials for the cluster
gcloud container clusters get-credentials [CLUSTER-NAME]
14)    Expose the Kubernetes resource to the internet
kubectl expose deployment hello-server --type="LoadBalancer"
!----- Passing in type="LoadBalancer" creates a Compute Engine load balancer for your container-----!
15)    Inspect the service running in Kubernetes
kubectl get service [SERVICE_NAME] 
16)    Stop an Compute Instance.
gcloud compute instances stop [INSTANCE-NAME]

About Serverless Computing Offering by Google Cloud, Continue reading here  


Thursday, June 20, 2019

Serverless Computing in Google Cloud.

June 20, 2019 Posted by jaacostan
Google Cloud Platform offers two server-less computing options and they are App Engine and Cloud Functions.

App Engine is used for applications and containers that run for extended periods of time, such as a website back-end or a custom application for some specific functions/requirements.

Cloud Functions is a platform for running code in response to an event, such as uploading a file or adding a message to a message queue. This server-less option works well when you need to respond to an event by running a short process coded in a function or by calling a longer-running application that might be running on a Virtual Machine, managed cluster, or App Engine.

And what is a Managed Cluster?
A cluster consists of at least one cluster master machine and multiple worker machines called nodes. Nodes are Compute Engine virtual machine (VM) instances that run the Kubernetes processes necessary to make them part of the cluster.

Wednesday, March 13, 2019

Cisco Firepower Threat Defense NGFW made it to the Best New Firewall Books 2019

March 13, 2019 Posted by jaacostan , , , , ,

Cisco Firepower Threat Defense NGFW made it to the Best New Firewall Books 2019

BookAuthority Best New Firewall Books
I'm happy to announce that my book, "Cisco Firepower Threat Defense(FTD) NGFW: An Administrator's Handbook : A 100% practical guide on configuring and managing CiscoFTD using Cisco FMC and FDM.", made it to BookAuthority's Best New Firewall Books:
https://bookauthority.org/books/new-firewall-books?t=bku9fw&s=award&book=1726830187
BookAuthority collects and ranks the best books in the world, and it is a great honor to get this kind of recognition. Thank you for all your support!
The book is available for purchase on Amazon.

An Overview on Cisco Viptela SD-WAN

March 13, 2019 Posted by jaacostan ,
Cisco SDWAN Viptela solution comprises of the following components:
vManage Network Management System (NMS)
Image source https://sdwan-docs.cisco.com
 The vManage NMS is a centralized network management system that lets you configure and manage the entire overlay network from a simple graphical dashboard. vManage provides a single pane of glass for configuration and monitoring the SDWAN network. If vManage is offline, traffic forwarding continues on the SDWAN fabric due to separation of control and data plane in the SDWAN fabric.
vSmart Controller
The vSmart controller is the centralized brain of the SDWAN solution, controlling the flow of data traffic throughout the network. The vSmart controller works with the vBond orchestrator to authenticate SDWAN devices as they join the network and to orchestrate connectivity among the SDWAN routers.The vSmart controllers are the central orchestrators of the control plane. They have permanent communication channels with all the SDWAN devices in the network. Over the DTLS connections between the vSmart controllers and vBond orchestrators and between vSmart controllers, the devices regularly exchange their views of the network, to ensure that their route tables remain synchronized.If the vSmart controllers go offline, the SDWAN routers will continue forwarding traffic based on last known configuration state up to a configurable graceful period timer expiry.
vBond Orchestrator
The vBond orchestrator automatically orchestrates connectivity between SDWAN routers and vSmart controllers. If any SDWAN router or vSmart controller is behind a NAT, the vBond orchestrator also serves as an initial NAT-traversal orchestrator.
The vBond orchestrator automatically coordinates the initial bring-up of vSmart controllers and vEdge routers, and it facilities connectivity between vSmart controllers and vEdge routers. During the bringup processes, the vBond orchestrator authenticates and validates the devices wishing to join the overlay network. This automatic orchestration process prevents tedious and error-prone manual bringup.
vBond is required when:
• a new vEdge router (SDWAN router) joins the network
• A vEdge loses WAN connectivity completely and then regains WAN connectivity
• A vEdge reboots
If vBond is absent in any of the 3 cases above, the vEdge will not be able to join the network.
High availability for vBond is provided by FQDN where a single FQDN is mapped to several IP addresses. The SDWAN router will attempt to reach the IP addresses mapped to the FQDN in the order by which the IP addresses are specified.
ZTP Server
The ZTP server is the 1st point of contact for any new SDWAN router being provisioned into the network. It provides the SDWAN router with the FQDN of the vBond and also helps to provision the enterprise root CA chain into a new SDWAN router that is attempting to join the network.
When setting up the ZTP server, it has to be configured with a list of valid SDWAN router serial numbers, as well as the associated organization names and path to the Enterprise root CA chain (which is uploaded into the ZTP server).
By default, new SDWAN routers are configured with a factory default configuration to look for ZTP server at ztp.viptela.com which is a Cloud based ZTP offering from Cisco. When the SDWAN router initially boots up with the factory default configuration, it attempts to obtain IP/mask on its WAN interface and also DNS server IP via DHCP. In the absence of DHCP, an alternate method of auto-IP is used, where the SDWAN router looks into the physical media between its WAN interface and the upstream provider router and it configures itself with an IP/mask. When autoIP is used, the default DNS settings will be that of Google DNS.
High availability for ZTP is provided by FQDN where a single FQDN is mapped to several IP addresses. The SDWAN router will attempt to reach the IP addresses mapped to the FQDN in the order by which the IP addresses are specified.
SDWAN Routers
The SDWAN routers sit at the perimeter of a site (such as remote offices, branches, campuses, data centers) and provide connectivity among the sites.They are either hardware devices or software that runs as a virtual machine. SDWAN routers handle the transmission of data traffic.

Tuesday, October 2, 2018

Facebook Bullying : What to do?

October 02, 2018 Posted by jaacostan
In the light of recent cyber bullying incidents, i thought of writing an article that might help some of you on how to respond and what to do when you face such incidents.

First of all, let's understand what is a cyber bullying? It is the act of harassing someone using the electronic medium especially Internet. Many of us may already experienced this in one way or another. Some argue it as freedom of expression but at most of the times, it crosses all the boundaries of tolerance and patience. Bullying can happen due to ideological differences, opinions, political or even religious reasons. Now, i will get in to details of these reasons.

Most of the bullying may seems as an individual opinion or comment. But there are many groups and organizations who get paid for bullying someone. Yes, it may seems odd but it is a reality. The political parties, religious groups or organizations, ideological movements, fan groups etc have their own IT groups who are assigned to work on social media and sharing, publishing their own propaganda, opinions and last but not the least, they do cyber bullying.

For example, assume there is a political party PARTY X, and they have a a number of volunteers working at their IT cell. Their major job is to share PARTY X's political ideologies , achievements, failures as posts or even as fake news. When thousands of volunteers share something, to the more people it reach, the more impact it has in the common viewer's mind. Let's assume a person named Bob wrote a post about a fake news made by this PARTY X, then the party's IT volunteers role will be changed to Cyber Bullies. They , in groups starts writing bad and vulgar comments about Bob on his Facebook wall or even on his friends wall, eventually Bob feels frustrated and may delete the post or his profile. When these IT cell/group report abuse Bob's profile, even Facebook might think that there is something inappropriate on Bob's profile. And Facebook may send a notice to Bob instead of identifying the real culprit. Well it hard for Facebook also to identify what is right and wrong over internet, and hence they heavily depends on their users. When their users report abuse, then they may check it. Otherwise, nothing happens. Similar behaviors happens from other celebrity fan groups, religious groups, propaganda groups etc. They all works like an online mafia.

Recently , there are some cases reported on Cyber bullying against women and children. It also happened in the same way as political parties do. Some people, in groups posts many vulgar comments and harassing them on social media. Most of the victims eventually lose their peace and mental health in long term.

So if you are facing Cyber bullying, what to do? How to respond?
Well Facebook has provided their own guidelines on cyber bullying. I am sharing those links at the end of this article. This is what Facebook policy says, whenever you face or notice a cyber bullying,
  • Document and report it. Help your friend report the post to Facebook. You may also want to take screenshots of any abusive posts, comments or messages in case there's an ongoing issue or you need to show them to someone later. Your friend may also want to unfriend or block this person.
  • Offer support. Ask your friend what you can do to support them, but don’t speak for your friend unless they ask you to.
  • Stay calm. Try to help your friend avoid escalating the problem or acting aggressively. If you and your friend agree that the incident wasn’t a big deal, suggest they let it go. Bullies are often just looking for a reaction, so not giving them one may discourage this kind of behavior in the future.
  • Remind your friend they're not alone. Let your friend know that you want to help them handle this. Remind your friend that they haven’t done anything to deserve this and that bullying can happen to anyone.
  • Don’t keep it a secret. If your friend needs additional support, encourage them to reach out to someone they trust to talk about the situation. If you’re worried about your friend’s safety, tell someone immediately.
But to what extend this will help you? well the answer is, it depends on various factors. If you are living in a Country that has a good law on Cyber security and IT crime, then legally documenting and reporting may help you to stop the act to some extend. But the mental torture and stress caused by this , for that there may not have a solution.

Sadly , most of the Countries doesn't have a strong Cyber crime laws in place. So even if the police identify the cyber bullies and caught them, there is no way to give a appropriate punishment to them. First of all, weighing the effect of a cyber crime might be very hard. Though act of writing some comments or posting some photos may not seems as harmful as stealing some thing or killing someone. But since the entire world is connected over internet, writing such comments or photos may end in much wider consequences and there are cases where people even did suicide because of such bullies. This weakness in law act as a catalyst agent to those bullies because they are almost confident that nothing bad can happens to them legally.

Even though, most of the social community websites like Facebook has their own guidelines on do and don't, but those things never acts as a deterrent to the cyber bullies. They will continue to write in a vulgar and abusive way. Even Facebook cant find a way to control this. Also note that retaliating and responding to bullies never going to help you as they comes with an agenda and they are so many in numbers as well.

So control your activities in the Internet. Be sure about what you are writing and what you are sharing. Always keep in mind that, what you are going to do on sites like Facebook is going to the public. Be sure yourself. And as of now, there is no way to prevent the cyber bullying completely. But as individuals, you can keep your personal space on the internet safe and clear. Recheck your privacy settings and have a control on your profile and its content. And be vigilant and if you want to move legally against cyber bullies, all you can do is follow the Facebook guidelines and cyber crime laws in your country.

Facebook Cyber bullying Help: Links.
https://www.facebook.com/help/420576171311103/
https://www.facebook.com/safety/bullying/

Monday, September 24, 2018

How to Install Netmiko on Windows?

September 24, 2018 Posted by jaacostan , ,
Netmiko, developed by kirk Byers is an open source python library  based on Paramiko which simplifies SSH management to network devices and is primarily used for network automation tasks.
Installing Netmiko in linux is a matter of one single command but if you need to use Netmiko in your Windows PC, follow this process.
1) Install the latest version of Python.
2) Install Anaconda, which is an opensource distribution platform that you can install in Windows and other OS's (https://www.anaconda.com/download/)
3) From the Anaconda Shell, run “conda install paramiko”.

4) From the Anaconda Shell, run “pip install scp”.
5) Now Install the Git for Windows.(https://www.git-scm.com/downloads).
Git is required for downloading and cloning all the Netmiko library files from Github.
6) From Git Bash window, Clone Netmiko using the following command
git clone https://github.com/ktbyers/netmiko&#8221

       
7) Once the installation is completed, change the directory to Netmiko using cd netmiko command.
8) execute python setup.py install from Git Bash Window. Once the installation is completed, go to your Windows Command prompt or Anaconda shell and check Netmiko from Python Interpreter shell.
9) Finally import paramiko and import netmiko, and start using it for python coding.

Friday, September 21, 2018

Cisco FTD error : This device does not support local management.

September 21, 2018 Posted by jaacostan , ,
Issue: Cisco FTDv is not allowing the administrator to add a local manager and throwing the following error.
"This device does not support local management."
Solution/Explanation:
Because virtual devices do not have web interfaces, you must use the CLI to register a virtual device to a Cisco Firepower Management Center, which can be physical or virtual.
 From your FTDv CLI, add the FMC IP and the registration key (don't forget this key)
On FMC , Add a new device. You enter the FTD IP in the host field and the same registration key.
Click on Register to add the device and start managing the device from FMC.

Sunday, September 16, 2018

BEING A FIREWALL ENGINEER : AN OPERATIONAL APPROACH

September 16, 2018 Posted by jaacostan , ,

BEING A FIREWALL ENGINEER : AN OPERATIONAL APPROACH

A Comprehensive guide on firewall management operations and best practices
Available on Amazon.
Kindle Edition : https://www.amazon.com/dp/B07HDJDG6R
Paperback : https://www.amazon.com/dp/172374297X
Understand different firewall products and the Packet-flows. Hardening and best practices of firewall management with real world example. Get familiarize with Change management and understand how to incorporate change management process in to firewall management operations.

This book give you a broad overview on Firewalls, packet flows, hardening, management & operations and the best practices followed in the industry. Though this book is mainly intended for firewall administrators who are in to operations, this book give a quick introduction and comparisons of the major firewall vendors and their products.
In this book I have covered the following topics.
•Various Job roles related to Firewalls.
•What makes you a firewall expert?
•Know the major firewall vendors and their models.
•Understand the packet flow or order of operation in each firewall.                      .Buy Now
•Understand the different types of firewalls.
•Understand the daily tasks of a firewall administrator
•Understand device hardening.
•Guidelines on hardening the firewalls.
•Explains major hardening standards and compliance.
•Understand Change Management process.
•Illustration on How to make a firewall change (incorporating Change management process) with a real world example.
Note: This book is not a configuration guide.