Skip to main content

Security

Open forum dedicated to network security, governance, compliance, and risk management

  • 18 Topics
  • 10 Replies
18 Topics
Y
yumisikCadet
Asked in Security
Frontier Airlines DFW Terminal

Travelers at Frontier Airlines DFW Terminal enjoy a well-structured environment with quick check-in, organized gates, and helpful amenities. From dining choices to shopping stores, every detail supports convenience. Frontier Airlines DFW Terminal guarantees efficiency, comfort, and service quality, making it a reliable choice for smooth air travel at Dallas/Fort Worth.   

90
Y
H
hazellouisCadet
posted in Security
Delta Airlines Lima Office

For travelers in Peru, the Delta Airlines Lima Office serves as a one-stop destination for air travel assistance. From booking tickets to making modifications and handling baggage queries, the office provides reliable service at every step. Passengers can also get support with SkyMiles loyalty programs, including enrollment and rewards redemption. The Lima office ensures that travelers with unique needs, such as children, elderly passengers, or those requiring medical care, receive the necessary support. With customer satisfaction as its top priority, the Delta Airlines guarantees travelers enjoy a smooth, convenient, and enjoyable journey with Delta Airlines. 

160
H
H
hazellouisCadet
posted in Security
Delta Airlines Singapore Office

For both business and leisure travelers, the Delta Airlines Singapore Office offers professional support to meet all travel needs. From ticket booking and flight rebooking to baggage inquiries and flight status updates, the staff ensures all queries are handled efficiently. Delta Airlines is known for connecting passengers to destinations worldwide, and the Singapore office enhances this connectivity by offering on-ground customer assistance. Passengers can also learn more about SkyMiles, Delta’s loyalty program, and access services tailored to their individual needs. Whether it’s leisure or business travel, the Delta Singapore Office guarantees reliable, efficient, and personalized customer service for every traveler. 

60
H
H
hazellouisCadet
posted in Security
Delta Airlines Pittsburgh Office in united states

For travelers seeking reliable assistance, the Delta Airlines Pittsburgh Office is a convenient destination. It provides comprehensive support for reservations, cancellations, rebooking, baggage queries, and travel policies. Frequent flyers can also use the office to manage their SkyMiles accounts and access exclusive rewards. The Pittsburgh office is known for offering accurate information and resolving issues promptly, making it a trusted choice for Delta passengers. With staff dedicated to delivering excellent customer service, it helps reduce travel stress and enhances overall experiences. Whether planning a domestic trip or an international journey, the Pittsburgh Office ensures smooth and efficient travel.  

50
H
N
naayoonCadet
posted in Security
Virgin Australia Wheelchair Assistance

Virgin Australia Wheelchair Assistance provides personalized mobility support for passengers needing help at airports and onboard. This service ensures safety, dignity, and timely boarding. From check-in to arrival, Virgin Australia Wheelchair Assistance staff are trained to assist with comfort and care. Whether traveling alone or with a companion, passengers can request this service in advance for a seamless journey. Virgin Australia Wheelchair Assistance is designed to make air travel accessible to everyone, removing barriers and prioritizing customer satisfaction. Ensure a smoother airport experience with Virgin Australia Wheelchair Assistance by contacting their support team or indicating your needs during booking. 

2050
N
Zaw
ZawCadet
Asked in Security
Deep Dive about the Smart Group

Hi all: Currently we are creating the smart group in our environment. I would like to know about how smart group distributed to the gateway. If we create a rule with smart group with specific vpc via copilot, what will be in the gateway. will it create all gateways or only on create on specific gateway by copilot ?

451
MohammedBanabila
F
Faizan_MustafaCadet
posted in Security
Aviatrix's Role in Empowering Zero Trust Security in Manufacturing

 In the manufacturing industry, where the protection of intellectual property, sensitive data, and operational integrity are paramount, the implementation of a Zero Trust security model is crucial. Aviatrix's cloud network solutions are uniquely positioned to support manufacturers in adopting this rigorous security framework, ensuring robust protection against evolving cyber threats.Secure Network Access and Segmentation In manufacturing, the network often spans across various operational and administrative zones, each with its distinct security needs. Aviatrix facilitates fine-grained network segmentation, which is a cornerstone of the Zero Trust model. This capability allows manufacturers to control access precisely, ensuring that users and devices only connect to network segments essential for their specific tasks. By segmenting the network, Aviatrix helps prevent lateral movement of threats across production and IT environments, significantly enhancing security​ (Aviatrix Docs)​.Id

310
F
S
Shailendra_SuyalCadet
Asked in Security
Aviatrix edge inbound flows on management port.

Hello Team,We have one query regarding Aviatrix Secure edge.Regarding Security group flows on Mgmt interface we have created the ACL in egress directional only as per Aviatrix guideline.so further we  need to know, if any inbound flows need to allow on Mgmt interface and what are those or any reference link? Shailendra

551
W
Katie Holms
Katie HolmsCommander
posted in Security
ACE Multicloud Network Security Specialty Training

The Aviatrix Certified Engineer (ACE) Multicloud Network Security Specialty Training is starting point for your cloud security education.  This specialty training starts by discussing how to secure the access connected from an on-premises edge location (Data Center, Colocation, SD-WAN, Branch, etc.) to the public cloud. Then, it dives into how to secure the network deployed inside the cloud. The nature of the cloud is boundary-less, flexible, constantly changing, and capable of scaling as needed. Network security needs to adapt accordingly. Security is not just another add-on feature or service; it should be distributed and integrated into the network to provide a genuine zero-trust and agile environment.The ACE Network Security Specialty training covers various design patterns, including Distributed and Centralized firewalling models with Palo Alto, Check Point, Fortinet, Cisco, and more. It demonstrates the flexibility and multitude of options enterprises have, since one size does no

992
V
cheikh2023
cheikh2023Cadet
posted in Security
backbone security

Aviatrix cloud backbone security.Can we discuss Aviatrix's global backbone network?How does Aviatrix ensure the security of different cloud providers, including AWS AZUR GCP, for different customers around the world?What security providers do they use?

290
cheikh2023
J
John_GonsalvesAviatrix Employee
published in Security
Securing Cloud Networks: Strategies and Insights from a CTO

As a former Head of Network Engineering at a global financial, I have witnessed the transformative power of cloud networks. The ability to scale resources dynamically, enhance collaboration, and increase operational efficiency has made cloud networks a cornerstone of modern business infrastructure.  We’re now moving into another exciting era of cloud networking whereby the security and cost control of cloud networks is paramount - given the sensitive data and critical applications moving to cloud, and the need to lower cloud cost and spend more strategically. Balancing these factors is key to maximize the benefits of the cloud while minimizing risks and maintaining financial sustainability. In this blog, I will delve into the mindset of a CIO/CTO and explore strategies to ensure a secure cloud network and cost control measures. Whilst some of the strategies mentioned below may seem obvious, the innovative and disruptive solutions from companies like Aviatrix may not feel so to everyone

1230
J
O
Okey_ChimehCadet
Asked in Security
Security Integrations

Does Aviatrix have integration capability with WAFs (e.g. Impervia & Akamai) & Endpoint Security Solutions (e.g. Crowdstrike & Symantec) If yes, can a single set of instances in a Firenet serve VMs across multiple clouds If no, are they on the roadmap & is there a set timeline?

1090
Shahzad Ali
Mark_Noorman
Mark_NoormanFirst Officer
Asked in Security
Let's Encrypt for Controller SSL?

Hi everyone, I have an Aviatrix Controller deployed and would like to secure browser access with an SSL certificate. Let's Encrypt seems like an easy and cost effective method, however in order to use it I need SSH access to the Controller, which is disabled. If there's anyone that has successfully implemented this I'd love to hear the details! Thanks,   Mark

450
Mark_Noorman
R
Rohan_AcharekarCadet
Asked in Security
Azure Firewall

In video lectures it is mentioned that Azure native firewall do not have support for DPI, IDS or IPS but on azure website they it says it has IDS and IPS support. please refer the link below.   What should be our answer if the question comes on support of IDS and IPS feature of Azure native firewall? https://azure.microsoft.com/en-in/services/azure-firewall/

410
Mark_Noorman
N
Nabeeha_AliCadet
published in Security
Firewall Network (FireNet) FAQs

What is the difference between the firewall network and the Transit FireNet? The Firewall Network is when we insert the firewall in the AWS TGW. Transit FireNet is when we insert a firewall in the Aviatrix Transit VPC/VNet, which works in all clouds.  Who programs the TGW to send traffic to the appropriate FW? Aviatrix Controller will orchestrate VPC and TGW routes to send traffic to Aviatrix Gateways in the Firewall Network VPC. From there, Aviatrix Gateways will load balance traffic between available FWs.  Can you have more than one HA pair of FireNet systems sitting with the Transit Gateway for further bandwidth? Absolutely, Aviatrix supports up to 10 Firewall instances per AZ (20 per Transit FireNet VPC) in AWS, for example.  Do the Transit Gateways and FireNet systems have the ability to handle Malicious IP filtering and IDS/IPS? Yes, this is handled by the Aviatrix Gateways (Transit, Spoke, and Standalone) and part of the data plane. This is called Av

780
N
N
Nabeeha_AliCadet
posted in Security
FQDN/URL Based Egress Filtering FAQs

Is application-based filtering possible?     Aviatrix Egress FQDN can filter the traffic based on Layer 7 (L7) FQDN, IP, or even with wildcard FQDN. One can also use NGFW with Aviatrix FireNet solution to provide deeper level filtering if needed. Are there any 3rd party plug-ins for the FQDN filters?  ie. DNS filtering based on domain classification? No, but you can import your filters. Does the controller identify URLs on the basis of families? How do we redirect the DNS request to Aviatrix FQDN Engine? The Aviatrix Gateway replaces the native NAT GW and not only provides NAT but also advanced filtering capabilities using the L7 FQDN. Aviatrix Controller automatically programs all necessary VPC/VNET routes to redirect traffic towards the Egress GW for Internet bound traffic. Will the DNS get resolved with the packet dropped based on the data plane’s traffic? Yes. The DNS will be resolved the way it is today, but when traffic hits the Aviatrix Gatew

600
N
N
Nabeeha_AliCadet
posted in Security
High Performance Encryption (HPE) FAQs

In HPE environments, as you are bundling IPsec tunnels to achieve greater overall throughput, are you still limited to 1.25 Gbps per session/flow? Or do you perform some form of per packet load-sharing across the available tunnels? 1- We are building multiple IPSec tunnels.  2- We do have tech. beyond just building simple tunnels. So no, we are not limited to just 1.25 Gbps per session/flow.  Can we get 70Gbps with a single gateway? This is cumulative throughput and depends on the size of the gateway and whether you enable HPE or not. How do you accomplish high performance encryption on the Direct Connect/peering links? It is done using our technology called HPE (High Performance Encryption, AKA, Insane Mode Encryption).  For HPE, is it bundling multiple VPN's or a single VPN with 10Gbps throughput?     Check out this document for more information: https://docs.aviatrix.com/HowTos/insane_mode.html?highlight=HPE How is the Aviatrix

730
N
S
Shveta_ShahiAviatrix Employee
posted in Security
How do I overcome the 60 IP limit per Security Group in AWS?

The problem: The number of inbound or outbound rules per security group in amazon is 60. Reference. From the inbound perspective, this is not a big issue because if your instances are serving customers on the internet, then your security group is wide open; on the other hand, if you want to allow access only from a few internal IPs, then the 60 IP limit is sufficient. However, outbound or egress traffic is a different discussion. Let's say you have a production instance that needs updates from updates.ubuntu.com ( 15 IPs) and a few other repositories like GitHub (12 IPs), and perhaps a third party partner. You can quickly realize that 60 IPs are not enough. The solution: Aviatrix solution to this problem is the Secure Cloud Egress with FQDN that allows you to specify filters using Fully Qualified Domain Name of the destinations that your instances are allowed to reach. This simplifies the management as you only introduce FQDN such as update.ubuntu.com or github.com to

570
S

Recently Awarded Badges

  • Aviatrix Certified Engineer
    KamalAbazahas earned the badge Aviatrix Certified Engineer
  • Aviatrix Certified Engineer
    ktsreddy007has earned the badge Aviatrix Certified Engineer
  • Aviatrix Certified Engineer
    Sai Kyaw Zaw Htinhas earned the badge Aviatrix Certified Engineer
  • Aviatrix Certified Engineer
    michelbrunohas earned the badge Aviatrix Certified Engineer
  • Aviatrix Certified Engineer
    Vanilsonhas earned the badge Aviatrix Certified Engineer
Show all badges
Terms & Conditions