Today we look more in detail about next generation firewalls such as Juniper SRX firewall and Fortinet firewalls, how they are different from each other, and their features. 

Juniper SRX Firewall

Juniper SRX is a single appliance having NGFW functionality, unified threat management (UTM) capability, and secure switching and routing. The SRX firewalls provide network wide threat visibility.

• It provides NGFW capabilities such as full packet inspection, appliance aware, UTM.
• It has inbuilt intrusion prevention to understand application behaviour and weaknesses.
• It defends the network from viruses, phishing attacks, malware, and intrusion.
• Adaptive threat intelligence is performed using spotlight secure to consolidate threat feeds from various sources to provide actionable insights into SRX gateway.
• Role of router and firewall into one appliance with switching capabilities.
• Juniper uses Junos Services Redundancy Protocol (JSRP) to enable it to set up two SRX gateways for high availability. 

Fortinet Firewall

Fortinet NGFW works at high speed and inspects encrypted traffic, identifies, isolates, and defuses live threats and protection from threats. Fortinet also provides web filtering, sandboxing, anti-virus, and intrusion prevention system (IPS) capabilities. Performing high speed secure socket layer (SSL) or transport layer (TLS) inspection. Consistent enforcement policies using central policy and device management having zero touch deployments. 

What is common between Juniper SRX firewall and Fortinet Firewall?

• Secure routing where inspection happens to analyze if traffic is legitimate before being forwarded across network 

Comparison: Juniper SRX firewall vs Fortinet Firewall

Download: Juniper SRX firewall vs Fortinet Firewall Comparison table

Continue Reading:

Palo Alto vs Fortinet Firewall: Detailed Comparison

Juniper SRX Firewall vs Palo alto Firewall

Today we look more in detail about comparison – FortiAnalyzer vs Panorama, understand their purpose, capabilities, and key differences.   

What is FortiAnalyzer?

FortiAnalyzer is a centralized network security management solution having logging and reporting capabilities for Fortinet network devices at network security fabric layer. It performs functions such as viewing and filtering individual event logs, security reports generation, event logs management, alerting based on suspicious behaviour, and investigation activity via drill down feature. 

FortiAnalyzer can orchestrate security tools, people, and processes to have streamlined execution, incident analysis and response. It can automate workflows and trigger actions with playbooks, connectors, and event handlers. Response in real time for network security attacks, vulnerabilities, and warnings of compromise suspicion.

What is Panorama?

Palo Alto Panorama is a centralized management platform to have insight into network wide traffic logs and threats. Reduction in complexity by simplification of configuration, management, and deployment of Palo Alto network security devices. Panorama provides a graphical summary of applications on the network, users, and potential security impact.

You can deploy enterprise-wide policies along with local policies to bring in flexibility. Delegation of appropriate levels of administrative control at network device level and role-based access management is available. Central analysis of logs, investigation and reporting on network traffic, security incidents and notifications is available.

Comparison: FortiAnalyzer vs Panorama

Download: FortiAnalyzer vs Panorama Comparison Table

Continue Reading:

Cisco SD-WAN vs Palo Alto Prisma: Detailed Comparison

Fundamentals of FortiGate Firewall: Essential Guide

Are You Preparing For Your Next Interview

If you want to learn more about Palo Alto or Fortigate (Fortinet), then check our e-book on Palo Alto Interview Questions & Answers and Fortinet Interview questions & Answers in easy to understand PDF Format explained with relevant Diagrams (where required) for better ease of understanding.

Firewalls sit on the boundary of the network entry point and provide protection against malicious threats originating from the public net or Internet. A traditional or simple firewall is a stateful filter security device which simply scans incoming packets and rejects or accepts data packets. 

Next generation firewalls (NGFW) are advanced cousins of traditional firewalls, which not just scan data entering into the network but also provide additional features which a traditional firewall will not have. They integrate with other security features such as malware protection, intrusion prevention, URL filtering etc. due to their capability to operate at application layer. 

Unified threat management (UTM) is a well-advanced security system having the capability to unify security features of a traditional firewall, instruction prevention, Anti-malware protection, content filtering and VPN – all delivered from a single platform. 

What is a Firewall

Traditional firewalls operate at layer 3 (network layer) of OSI model and provide IP address, protocol and port number-based filtering services. Firewall is a basic network security device which sits at the network perimeter and provides protection against malicious traffic trying to enter an organization network. It has a basic functionality where a set of rules on firewall determine whether traffic will be accepted, rejected or dropped.

What is a  NGFW

NGFW are the successor of traditional firewalls and designed to handle advanced security threats in addition to features of a traditional firewall by operating at network + application layer (layer 3-7)  of OSI model. Stateful inspection and packet filtering is something it borrowed and carried forwarded along with enhanced capability to filter traffic based on applications and perform deep inspection of packets. 

What is UTM

Unified threat management (UTM) is a comprehensive threat management solution and its need arose due to the expanding threat landscape over the years. As the severity of cyber threats increased the need was felt for a single defense system which under its umbrella manages complete network security including  hardware, virtual and cloud devices and services. UTM devices are placed at key positions in the network to monitor, manage and nullify threats. UTM devices have capabilities of anti-malware, instruction detection and prevention, spam filtering, VPN and URL filtering. 

Comparison: Firewall vs NGFW vs UTM

Download the comparison table: Firewall vs NGFW vs UTM

Constant threats and vulnerabilities are permanent companions in the IT landscape. Various security solutions have emerged to protect perimeter, digital assets. As the cyber threat landscape is very vast and complex and requires specialized tools and technologies to effectively handle cyber threats and which are constantly evolving to reduce the threat landscape. 

In today’s article we understand the difference between endpoint detection and response (EDR) and Network detection and response (NDR) tools and technologies, their key features, key differences and use cases. 

What is Endpoint Detection and Response (EDR)

Endpoint detection and response tools focus on endpoints as the name suggests. They work on endpoints such as workstations, servers, mobiles, laptops and other mobile assets. They provide real time monitoring, detection and blocking of threats with advanced threat detection capabilities. It can identify malware and other malicious activities on devices and provide rapid incident response. EDR solutions provide threat hunting, malicious activity discovery and its containment to prevent incidents and reduce the attack surface. 

Features of EDR

• Real time visibility into activities happening on endpoints 
• Wide range of threat detection techniques being used such as anomaly detection, heuristics and scans based on threat signatures
• Rapid incident response to isolate suspected endpoints , malicious content blocking and threat remediation with minimal or no impact on operations
• Proactive threat hunting is supported to identify hidden threats and potential vulnerabilities on endpoints 

What is Network Detection and Response (NDR)

Network detection and response or NDR as the name suggests focus is network perimeter / network traffic. Continuous monitoring of network traffic is performed to create a baseline for normal network behaviour patterns. When any pattern outside the baseline is detected then potential threat presence is recorded and notified. NDR tools collect and analyze network data using machine learning techniques to detect potential threats. It detects unusual traffic based on baseline derived by network analysts which might get missed out due to unknown or new signatures. 

Features of NDR

• Capturing network packets and analyzing them for their content for unusual behaviour detection, threat identification with deep packet inspections
• Behaviour analytics to establish normal network traffic baseline
• Continuous monitoring of network traffic for anomaly detection such as unusual high data transfers, multiple login attempts and suspected breach indicated with data flows
• It is integrated with threat intelligence feeds to detect unknown threats from dark web
• Network traffic analysis in real time using machine learning and AI algorithms
• On detection of suspicious activity real time threat alerts are generated 

Comparison: EDR vs NDR

Below table summarizes the differences between the two:

Download the comparison table: Endpoint Detection and Response vs Network Detection and Response

Artificial intelligence is reshaping organizations and redefining the work culture. With Artificial intelligence (AI) emerged two more terms Generative AI and responsible AI. These two terms are closely linked to Artificial intelligence and address different aspects of AI. AI based solutions are deployed in high stake domains such as healthcare, hiring, criminal justice, education etc. which makes it more challenging to address issues related to undue discrimination against minority groups, biases, data manipulation etc. 

In today’s topic we will learn about Responsible AI and Generative AI, key principles of both, key features of both, and key differences. 

What is Responsible AI

Responsible AI refers to ethical and responsible development and use of artificial intelligent systems which emphasize on ensuring use of AI technologies in a way that it aligns to human values, privacy respect, promoting fairness, non-biases and avoidance of negative consequences. 

Ethical considerations are essential while dealing with AI and businesses can promote responsible AI usage with: 

• Establish data governance to ensure data accuracy, preventing bias, and protection of sensitive information 
• Algorithm transparency to foster trust among stakeholders
• Identifying and mitigating ethical risks associated in AI usage such as discrimination and bias
• Human expertise to monitor and validate AI output, alignment to business objectives and meeting regulatory requirements

What is Generative AI

Generative AI systems create any type of new content basis of patterns and existing content. Generative AI can reveal valuable insight but businesses need to be vigilant about bias and misleading outcomes. Generative AI is a subset of AI technologies which are capable of generating new data instances such as text, images, music etc. having resemblance to training data. These technologies leverage patterns learned from larger data sets and create content which is indistinguishable from what is produced by humans. 

Key Technologies in Generative AI

• Generative Adversarial Networks (GANs) involve two neutral networks having the generator and discriminator which compete against each other for generation of new, synthetic data instances which are indistinguishable from what is produced by humans. 
• Variational Autoencoders (VAEs) are meant to compress data into a latent space and reconstruct to allow generation of new data instances by sampling 
• Transformers are meant for natural language processing, and can also be used for generative tasks such as creation of coherent and contextually relevant text or content.

Uses of Generative AI

• Generative AI is used in content creation such as art, music and text 
• Data augmentation and machine models training 
• Modelling and simulation in scientific research 

Comparison: Responsible AI vs Generative AI

Download the comparison table: Responsible AI vs Generative AI

Data Warehouse

The data warehouse is devised to perform the reporting and analysis functions. The warehouse gathers data from varied databases of an organization to carry out data analysis. It is a database where data is gathered, but, is additionally optimized to handle the analytics. The reports drawn from this analysis through a data warehouse helps to land on business decisions.

Data warehouse is an integrated view of all kinds of data drawn from a range of other databases to be scrutinized and examined. It helps to establish the relation between different data that is stored in an organization to further build new business strategies. Analysis or data processing in a warehouse is done by intricate interrogation and questions. It is an Online analytical processing (OLAP) that takes use of standard languages to handle relational data where the data is stored in a tabular form only including rows and columns, indexes, etc. The data stored in a warehouse is applicable to many functions and databases.

The data warehouse is well developed and optimized for amassing and collecting large quantities of data for analyzing it. Data in a warehouse is standardized for boosting the response time for analytical queries and making the data normalized to be used by businessmen. Data analysis and business reporting in a warehouse can be done in many different ways like diagnostic, predictive, descriptive or prescriptive. Since warehouse includes related data all in one place, it uses lesser disk space than databases for those related data. A data warehouse can also store historical data while also real time or current data for handing over most recent information.

Database

Database includes information or data in a tabular form arranged in rows and columns or chronologically indexed data to make access easy. All, whether small or large enterprises require databases to store their information and a database management system that handles and manages the large sets of data stored. For instance, customer information database or product information or inventory database are all different databases for storing information about the customers and products respectively.

The data in a database is stored only for access, storage and data retrieving purposes. There are different kinds of databases available like CSV files, XML files, Excel Spread sheets, etc. Databases are often used for online transaction processing which allows adding, updating or deleting the data from a database by the users. Database makes the task of accessing a specific data very easy and hassle free to carry out other tasks properly. They are like day to day transaction system of data for any organization.

Such transactional databases are not responsible for carrying out analytics or reporting tasks, but, are only optimized for transactional purposes. Database only have a single application of carrying one kind of data in an organized tabular format. Real-time transactions are also applicable in a database which is developed for speedy recording of a new data, e.g. name of a new product category in the product inventory database. Only read and write operation can be carried out in a database and response time is optimized for a few seconds. No analytical task can be initiated in a database as it blocks all other users out of it and slows down the entire performance of a database.

Related – Data Warehousing and Data Mining

Comparison Table: Database vs Data Warehouse

Below table summarizes the differences between Database and Data Warehouse:

BASIS	DATA WAREHOUSE	DATABASE
Definition	A kind of database optimized for gathering information from different sources for analysis and business reporting.	Data storage or collection in an organized manner for storage, updating, accessing and recovering a data.
Data Structure	Denormalized data structure is used for enhanced analytical response time.	Normalized data structure is there in a database in separate tables.
Data timeline	Historical data is stored for analytics while current data can also be used for real-time analysis.	Day to day processing and transaction of data is done in a database.
Optimization	Warehouse is optimized to perform analytical processing on large data through complex queries.	Optimized for speedy updating of data to maximize enhanced data access.
Analysis	Dynamic and quick analysis of data is done.	Transactional function is carried out, though analytic is possible but are difficult to perform due to complexity of normalized data.

Download the difference table: Database vs Datawarehouse

Continue Reading:

Business Intelligence vs Data Warehouse

Top 10 Data Mining Tools

Data storage has been an integral part of the IT ecosystem since the earliest emergence of computer systems in mid-20 century. Initial days data storage was simpler, a basic file storage system housed inside the physical data centers. As technologies evolved the need for more refined methods of managing and information access grew. As the need for flexibility and scalability grew cloud storage took the precedence to handle structured data for analytical purposes and non-structured data such as NoSQL databases to accommodate flexibility required around images and audio files type of data. 

In today’s article we understand and compare the difference between database and data storage, how databases and data storage work? Where to use a database or data storage and understand their key characteristics. 

What is Database

Database is a structured data repository to provide storage, management and retrieval. Databases support various functions such as querying, indexing and transactions handling and are meant for applications which require organized and structured data which is quickly and easily accessible. 

Some examples of databases are relational databases (MySQL, PostgreSQL) which use structured query language (SQL) for data management. Data is organized into tables and has a schema to ensure data integrity and relationships. 

NoSQL databases (MongoDB, Cassandra) handle unstructured data efficiently with flexibility and scalability. MongoDB uses JSON to store documents and Cassandra uses a wide column store model. 

Graph databases (Neo4J, Dgraph) store data as edges and nodes to represent entities and their relationships. Efficient queries with complex relationships and patterns are supported by them. 

Characteristics of a Database

• Efficient management of storage 
• Data integrity with enforced consistency and eliminating data duplication
• Handling large volumes of data 
• Strong security features to support data integrity and protection  

Related: Database and Data Warehouse

What is Data Storage

Data storage is meant for data retrieval and persistence. It is a repository to store, manage and retrieve data. There could be different types of data stores such as databases, file systems, key value stores and object stores. The choice of data storage type is determined by its performance, scalability and data structure. Data can be in structured format and organized into tables or an unstructured format such as NoSQL to handle large scale applications. 

Characteristics of a Data Storage

• A digital repository to store and manage information.
• Datastore can be a network connected storage, distributed cloud storage, or virtual storage
• Can store both structured and unstructured data types 
• Data distribution efficiently with high availability and fault tolerance 

Comparison: Database vs Data Storage

Below table summarizes the difference between the two:

Download the comparison table: Database vs Data Storage

Nowadays you often hear buzz words such as artificial intelligence, machine learning and deep learning all related to the assumption that one day machines will think and act like humans. Many people think these words are interchangeable but that does not hold true. One of the popular google search requests goes as follows “are artificial intelligence and machine learning the same thing?”

What is Deep Learning

Deep learning is a subset of machine learning which makes use of neural networks to analyse various factors. Deep learning algorithms use complex multi-layered neural networks where the abstraction level gradually increases by non-linear transformations of data input. To train such neural networks a vast number of parameters have to be considered to ensure the end solution is accurate. Some examples of Deep learning systems are speech recognition systems such as Google Assistant and Amazon Alexa. 

What is Machine Learning (ML)

ML is a subset of artificial intelligence (AI) that focuses on making computers learn without the need to be programmed for certain tasks. To educate machines three components are required – datasets, features, and algorithms.

• Datasets are used to train machines on a special collection of samples. The samples include numbers, images, text, or any other form of data. Creating a good dataset is critical and takes a lot of time and effort. 
• Features are important pieces of data that work as the key to the solution of the specific task. They determine when machines need to pay attention and on what. During the learning process the program learns to get the right solution during supervised learning. In the case of an unsupervised learning machine it will learn to notice patterns by itself.
• Algorithm is a mathematical model mapping method to learn the patterns in datasets. It could be as simple as a decision tree, linear regression. 

Artificial Intelligence (AI)

AI is like a discipline such as Maths or Biology. It is the study of ways to build intelligent programs and machines which can solve problems , think like humans, and make decisions on their own. Artificial intelligence is expected to be a $3 billion industry by year 2024. When artificial intelligence and human capabilities are combined, they provide reasoning capability which is always thought as human prerogative.  The AI term was coined in 1956 at a computer science conference in Dartmouth. AI was described as an attempt to model how the human brain works and based on this know-how creating more advanced computers. 

Comparison: Deep Learning vs Machine Learning vs AI

Download the comparison table: Deep Learning vs Machine Learning vs AI

Today we look more in detail about two important terms, widely used data science and artificial intelligence and understand the difference between them, the purpose for which they are deployed and how they work etc.

What is Data Science?

Data science is the analysis and study of data. Data science is instrumental in bringing the 4th industrial revolution in the world today. This has resulted in data explosion and growing need for industries to rely on data to make informed decisions. Data science involves various fields like statistics, mathematics, and programming.

Data science involves various steps and procedures such as data extraction, manipulation, visualization and maintenance of data for forecasting future events occurrence. Industries require data scientists which help them to make informed decisions which are data driven. They help product development teams to tailor their products which appeal to customers by analysing their behaviours.

What is Artificial Intelligence?

Artificial Intelligence (AI) is a broad field and quite modern. However, some ideas do exist in older times and the discipline was born a way back in 1956 in a workshop at Dartmouth College. It is presented in contact with intelligence displayed by humans, and other animals. Artificial intelligence is modelled after natural intelligence and talks about intelligent systems. It makes use of algorithms to perform autonomous decisions and actions.

Traditional AI systems are goal driven however contemporary AI algorithms like deep learning understand the patterns and locate the goal embedded in data. It also makes use of several software engineering principles to develop solutions to existing problems. Major technology giants like Google, Amazon and Facebook are leveraging AI to develop autonomous systems using neural networks which are modelled after human neurons which learn over time and execute actions.

Comparison Table: Data Science vs Artificial Intelligence

Below table summarizes the differences between the two terms:

Parameter	Data Science	Artificial Intelligence
Definition	Comprehensive process which comprises of pre-processing, analysis, visualization and prediction It is a discipline which performs analysis of data	Implementation of a predictive model used in forecasting future events It is a tool which helps in creating better products and impart them with autonomy
Techniques	Various statistical techniques are used here	This is based on computer algorithms
Tools size	The tools subset is quite large	AI used a limited tool set
Purpose	Finding hidden patterns in data Building models which use statistical insights	Imparting autonomy to data model Building models that emulate cognitive ability and human like understanding
Processing	Not so much processing requirement	High degree of scientific processing requirements
Applicability	Applicable to wide range of business problems and issues	Applicable to replace humans in specific tasks and workflows only
Tools used	Python and R	TensorFlow, Kaffee, Scikit-learn

Download the comparison table: Data Science vs Artificial Intelligence

Where to use Data Science?

Data science should be used when:

• Identification of patterns and trends required
• Requirement for statistical insight
• Need for exploratory data analysis
• Requirement of fast mathematical processing
• Use of predictive analytics required

Where to use Artificial Intelligence?

Artificial intelligence should be used when:

• Precision is the requirement
• Fast decision making is needed
• Logical decision making without emotional intelligence is needed
• Repetitive tasks are required
• Need to perform risk analysis

Continue Reading:

Artificial Intelligence vs Machine Learning

Top 10 Networking technology trends 

Automation has been among humans for a long time though Artificial Intelligence has been developed in recent years. In this article, we are going to see the difference between these two. Yes, though we consider both as the robots or machines that work on their own there is a pretty big difference between them.

So without ado let’s get started with the an introduction to automation and AI before discussing Automation vs Artificial Intelligence.

What is Automation?

Automation refers to a technique or process that makes a machine or system operate on its own or with minimum human inputs. Implementing automation in a process improves efficiency, reduces cost, and gives more reliability.

The history of automation starts from mechanization which is connected to the great industrial revolution. Now automation is everywhere in the modern economy.

Examples of Automation

The examples of automation are:

• Automatic payment system in your banks,
• automatic lights, and
• even automatic or self-driving cars.

To explain it technically, automation is software that acts according to the way it is pre-programmed to act in a given situation. For example, let’s take the example of copy-pasting or moving data from one place to another. Moving data from one place to another can be a tedious repetitive task for humans, but automation software makes it simple.

All you need to do is program the computer or machines how to transfer files from, and when to do it. After that, the machine itself will transfer or move files automatically from one place to another. In this way, automation saves both money and time spent on these monotonous, large tasks. The employees and human resources can be used in something more creative.

What is Artificial Intelligence?

Artificial Intelligence is the further advanced form of automation, where the machines or mostly systems mimic human thinking and make decisions of their own. AI is software that simulates human thinking and processing in machines.

Artificial Intelligence is achieved by combining various automation technologies like data analysis, data prediction, etc… In Artificial Intelligence you don’t need to write any program for a particular process…all you need to do is give the past data to the system, it will analyze the decisions made in the past and make decisions for the current problem like a human being.

As automation can only be applied for repetitive tasks, artificial intelligence has been invented to do more variable processes where there is a need for human decisions. It learns from experience and involves self-correction to give a proper solution to a problem.

Examples of Artificial Intelligence

Good examples of Artificial Intelligence are

• Chatbots,
• Digital assistants,
• Social media recommendations,
• Text or grammar editors,
• Facial detection,
• maps,
• navigation, etc…

Let’s explain it with maps and navigation, Google maps show you the quickest way to go to a place. As it is not a repetitive process the navigation software should adopt artificial intelligence and guide users in a way an ordinary human would do.

Comparison Table: Automation vs Artificial Intelligence

Now as you got the basic idea about what automation and artificial intelligence is let’s see the major difference between them i.e. Automation vs Artificial Intelligence:

Continue Reading:

RPA – Robotic Process Automation

What is AIML (Artificial Intelligence Markup Language)

Today we look more in detail about Artificial intelligence or cognitive technologies and its types, and usage.

What is Artificial Intelligence?

The term Artificial intelligence term was coined in the year 1956 by John McCarthy. The definition of Artificial intelligence (AI) is ‘Science of engineering of making intelligent machines’. Artificial intelligence (AI) is also defined as development of systems which are capable of performing tasks which require human intelligence such as decision making, rational thinking, object detection,  solving complex problems and so on. 

Related: Artificial Intelligence vs Machine Learning

Artificial Intelligence Types

Artificial intelligence can be categorized into 3 main types based on its capabilities. 

Artificial Narrow Intelligence (ANI)  – Stage I Machine Learning 

It is also called weak AI/Narrow AI. It is able to perform dedicated tasks intelligently. The most commonly available AI is narrow AI. It cannot perform beyond its field as it is trained only to perform a specific task. One commonly used example of this AI is Apple Siri, Alexa and Google Assistant. 

Common use cases of narrow AI are playing chess, purchase decisions on e-commerce websites,  self-driving cars, speech, and image recognition. Narrow AI is also used in the medical field, for analyzing MRI or computed tomography images and in the manufacturing industry for car production or management of warehouses. 

Narrow AI is not able to reason independently or learn from new situations unlike humans or perform tasks which require creativity and intuition. 

Artificial General Intelligence (AGI) – Stage II Machine Intelligence

It can perform any intellectual task with human-like efficiency. There is no such system that could think and act like humans and perform tasks with perfection just like humans. It is a theoretical concept having human level cognitive function, across a wide variety of domains such as processing of languages, images, computational functioning, and reasoning. 

To have a system like this would require Artificial narrow systems working together, communicating with each other like human beings. Even the most advanced computing systems in the world such as IBM Watson takes approximately 40 minutes to simulate a single second of neuronal activity. 

Artificial Super Intelligence (ASI) – Stage I Machine Consciousness

It is one level ahead of human intelligence which means machines could perform tasks with more accuracy than humans with cognitive properties. It includes capabilities such as ability to think, reason, solve, make judgements. plan, learn and communicate on its own.

Super AI is a hypothetical concept and development of such systems in the real world is yet a dream come true. 

Comparison Table: ANI vs AGI vs ASI

Download the comparison table: ANI vs AGI vs ASI

Artificial Intelligence – Based on Functionality

In addition, based on functionality, the AI can be further divided as:

• Reactive Machines – basic types of artificial intelligence which do not store memories or past experiences for any future actions. They focus only on the current scenario and react as per possible best action. IBM Deep Blue and Google AlphaGo are examples of reactive machines.
• Limited Memory – Limited data and past experiences can be stored for a short period. These systems use stored data for a limited time only. Self-driving cars are one of the ideal examples of this type of systems which store recent speed of nearby cars, distance to other cars, speed limit etc.
• Theory of Mind – understanding of human emotions, people, beliefs and being able to interact socially with human beings. These machines are still in theory and not developed yet. 
• Self-Awareness – is the future of artificial intelligence. These machines will be super intelligent and will have their own consciousness, sentiments, and self-awareness and smarter than human beings. 

Technology advancements are crucial to the dynamic IT landscape in today’s times. Cloud computing has been crucial which presents excellent opportunities to business for the future. SysOps and DevOps are commonly used terminologies in cloud computing.

In the past times organizations hired multiple personnel to perform different set of activities however as the cloud computing came into existence the job role become simpler and administrators have flexibility to support developers in the process of building applications without or lesser defects which otherwise got missed or ignored due to lower weightage in terms of application functionality. Similar way SysOps also found a recognition for business to align with certain standards or frameworks.

Today we look more in depth about DevOps and SysOps terminologies and understand how they could help businesses in bringing agility in delivery and time to market.

About DevOps

DevOps is the commonly used terminology in Cloud computing world. The focus of DevOps is tasks such as development, testing, integration, and monitoring. DevOps uses opensource and cross platform tools like Chef and Puppet for delivery of system configuration and automation. The administrators deal with infrastructure building tasks in DevOps as well as developers have access to the concerns of continuous deployment through automation of build tools.

Features of DevOps

• Reduction in implementation time of new services
• Productivity increase for enterprise and IT teams
• Saves costs on maintenance and upgrades
• Standardization of strategies for easy replication and quick deliveries
• Improves quality, reliability, and reusability of system components
• Rate of success is increased with digitization and transformation projects

About SysOps

SysOps generally deals with monitoring and justifying the right cloud services with best practises. The SysOps is a modern approach that supports monitoring, management and operations of infrastructure systems. SysOps is useful in troubleshooting of issues emerging during operations. SysOps is based on IT service management (ITIL) framework which concentrates on aligning business goals to IT services. ITIL enables organizations to form a baseline from which they can design, execute and measure the effectiveness. It shows compliance and estimated improvement.

Comparison Table: DevOps vs SysOps

Below given table summarizes the difference between DevOps and SysOps:

FUNCTION	DevOps	SysOps
Definition	DevOps is a collaboration between software development and IT teams	SysOps is an administrator of cloud services which handle some or most of the tasks relayed to software development environment
Approach	Adaptive approach by breaking down complex problems in small iterative steps	Consistent approach to identify and implement changes to systems
Aim	Acceleration of software development process by bringing development and IT teams together	SysOps aim is to manage all key responsibilities of the IT operations in a multi user environment
Delivery Methodology	Compliance with principles for seamless and stable collaboration and coordination between development and operations team	Compliance with ITIL for services delivery and focuses on alignment of business objectives with IT services
Code development approach	Unpredictable rate of changes in code deployment	Predictable changes in code and deployment at specified intervals with the support of SysOps professionals
Responsiveness to change	Adaptive approach to code change	Consistency in approach with de-risking factor in the event of new changes are introduced
Implementation of changes	Changes are applied to code	Changes are applied to servers
Value for business	Value improvement for customers henceforth improvement in business	Smooth functioning of system processes ensure improvement in value for organization
Infrastructure management approach	Depends on usage of best automation tools	Drive by focused attention on each server

Download the comparison table: DevOps vs SysOps

Conclusion

Every organization faces tough decision when it comes to choose between DevOps and SysOps so a clear understanding is required in terms of business need for speed of execution, significance of predictions and traffic rate determination for an application – highs and lows of traffic, businesses also need to know speed of scaling based on change in traffic, frequency of performing releases to the applications.

DevOps and SysOps are two major areas of cloud computing and both are used to manage infrastructure. If choice is to be made between the two than we need to look deeper into the requirements so as to build an application as under:

• Load predictability estimation
• Traffic trends (Highs and lows)
• Clear idea of execution speed requirements
• Rapid application change requirements
• Rapid scaling requirements of applications
• Business nature global or local
• Frequency of application releases

Continue Reading:

DevOps vs NetOps

DevOps vs NetDevOps

The tremendous technical development in the IT and other digital fields started the popular trend of creating acronyms with the Suffix Ops. And the word DevOps, NetOps, and SecOps are confusing IT and Tech communities further as they are more interrelated. Here in this article, you will get a clear differentiation between them.

To put it simply, DevOps, NetOps and SecOps are the different stages and process involved in an Application and Software production and implementation. Here is a further explanation about it.

 What is DevOps?

DevOps is expanded as Development Operations. It is the development framework that uses a different combination of tools to make the organizations the Application development faster and continuous.  It covers the whole Software Development Life Cycle (SDLC) from planning to final testing.

When the customer makes a request the DevOps team starts working on them and aim to make fast and quick delivery. They practice many automation techniques like machine learning and Artificial Intelligence to make create a continuous and qualified delivery.

DevOps is a direct successor of Agile Software Development involving many iterative software development methodologies like –

• Scrum
• Kanban
• Scaled Agile Framework (SAF)
• Lean Development
• Extreme Programming (XP)

In short, DevOps is the practice whose prime motive is to reduce the barriers the traditional development operations. You can learn more about DevOps through devops courses.

What is NetOps?

NetOps is expanded as the Network Operations. Former organizations didn’t focus on NetOps, but since the recent development of cloud technology, NetOps are given more importance. NetOps is classified into two types as NetOps 1.0 and NetOps 2.0.

After the DevOps team deliver the tested application, NetOps teams start working on them. They design the network connections and infrastructure and ensure the responsiveness and scalability of the application. NetOps 1.0 is a traditional approach where most of the operations are processed manually and delayed delivery.

Thus the NetOps 2.0 integrated DevOps major characteristics including automation, virtualization, and Orchestration, etc… This made the Networking Operations fast ad easily accessible.

Still today there is no clear definition for NetOps. Here is our view about it -NetOps refers to the implementation of some DevOps and other network techniques to satisfy the business needs and goals.

Difference between NetOps and DevOps

Though both of them are interrelated and have many similarities, there are some differences to understand them better they are here –

PARAMETER	DevOps	NetOps
Meaning	Development Operations	Network Operations
Scope of work	DevOps includes development, remodeling, and fast delivery of Applications	NetOps involves the maintenance and upgrading of the network infrastructure of applications.
Goal	Continuous and fast App Development	Robust-Network Infrastructure
Focus	Focused on implementation of new automation tools and meeting the final customer requirement.	Addresses the limitations in the network and makes them more responsive and scalable
Stage	DevOps is the first stage of the production process. External environment needs.	As a second stage, it follows the DevOps.
Types of Approaches	Simple DevOps and DevSecOps (Integration with Security Operations)	NetOps 1.0 and NetOps 2.0
Dependency	DevOps is a Semi-Dependent on SecOps and independent of NetOps	NetOps is a dependent of DevOps and SecOps
Way of processing	Mostly automated an AI-driven	Involves both manual and automated processes.
Knowledge Requirements	Wide knowledge of different Script languages and specialization anyone (preferably Python)	Deep knowledge of Network Security, Troubleshooting, configuration, etc…

Download the difference table here.

What is SecOps?

Like the previous two, it is expanded as “Security Operations”. After the development and network channeling of the application or product, it is important to ensure that it doesn’t expose any vulnerabilities. The process or practices involved in ensuring the security of the product is called SecOps.

The clash between DevOps, NetOps, and SecOps:

There is always a never-ending clash between the DevOps and NetOps team. As the DevOps focus more on fast delivery, they finish the development and throw them to the NetOps team. But NetOps team needs to ensure that the application satisfies all the users and organization goals.

DevOps team has been complaining about the NetOps manual delay whereas the NetOps team complains about the DevOps team’s core concepts. And this clash is fired when the SecOps demand the inbuilt security in App development and networking.

However, this clash has been smoothened by the incorporation of the three teams, and this lead to the creation of new acronyms like DevSecOps, Super-NetOps, etc…

The recent survey by the F5 shows that nearly 75% of the NetOps acceptance over DevOps concepts and 60% of DevOps approves the NetOps view.  Irrespective of the disputes at the end of the day they are the reason for the quick, quality, and secure app development.

What is the difference between the Cloud Architect and DevOps Engineer? These new roles with growth of Cloud technologies has increased the confusion about roles? In this article, we will try to demystify some of concepts related to both job roles and try to provide clarity about the Cloud Architect and DevOps Engineer and the difference between them. Let’s start with a short introduction to both.

Who is a Cloud Architect?

A Cloud Architect is a technical expert who designs the infrastructure of cloud-based servers and systems by taking the customer or business requirements in the mind.

People often mistake Cloud Administrator and Cloud Engineer for Cloud Architect. The Cloud Administrator manages and oversees the Cloud Operations whereas the Cloud Architect design and remodels them.

They are reflective in the approach. They overlook the problems in the existing infrastructure and designs and reflect the mistakes and create a new infrastructure for the business.

Roles & Responsibilities of Cloud Architect

Here are the roles and responsibilities of the Cloud Architect –

• They decide the operating procedures, data migration, development operations, etc…
• Deep knowledge of programming knowledge like Java, PHP, Python, etc… And they should also have experience or a strong understanding of cloud-based platforms like Azure, AWS, and GCP, etc…
• They should have a futuristic approach and record the designs for future use.
• Communicates the designs to the other staff, engineers, and technicians and guides them.
• He/she determines how the cloud infrastructure should be designed and how it should be used to meet the final customers’ needs.
• The Cloud Architect has to communicate with the major stakeholders and other third parties and convince them to initiate new and innovative methods.

What is DevOps Engineer?

DevOps is expanded as the Development Operations. It is the framework of Software development that acts as a bridge between the development team and the Operations team. The role acts as the bridge between Cloud Operations and Cloud Development.

The prime motive of DevOps is to reduce the barriers in traditional software development and make the process fast and efficient. DevOps team includes the cloud Engineers, cloud technicians, Data managers, Cloud administrators, etc…

In small organizations, there will be only two positions like Cloud Architect and Cloud engineer, but if the organizations were large then they should adopt a DevOps team consisting of various personalities.

Difference between the Cloud Architect and DevOps Engineer

From the above definition, you should have got a basic idea of what we are talking about. From the table given below, you can understand the difference between Architect and DevOps team in a Cloud Platform.

PARAMETER	CLOUD ARCHITECT	DEVOPS ENGINEER
Organizational position	Leader, decision-maker, and organizer of the Cloud Computing	A Mediator – Acts as a bridge between the development team and operation team.
Focus	Focus on the organizational goals and ensure all the needs and requirements are fulfilled in the design.	The DevOps Engineer mainly focuses on the developmental process. He tries to make it fast and reliable.
Area of Work	Planning and Designing – look for new upgrades and involve in innovation.	A DevOps engineer is responsible for various Development operations and Software application in the cloud platform (Cluster)
Qualifications	Bachelor or master degree in computer engineering and cloud-based certifications, or in any related field	Bachelor’s degree or basic knowledge in Cloud platforms and deep practical skills.
Duties	Communicates with high authorities like the CEO, CTO, business vendors, and suggests to them about new Cloud technologies and methods to adopt them.	The DevOps engineer communicates with both the operation and development team and forms a perfect development plan thinking of both sides.
Ranking	He/she ranks above all the technical Personals involved in cloud-based solutions.	His/her ranking may differ from the organization. He/she might be equal or sub-ordinate to the Cloud Architect.
Alternative	Replaces the place of Cloud Administrator	In short firms, the role is replaced with Cloud Engineer, tech-consultant, and programmers.

Download the difference table here.

Are you still confused? Okay, let me explain this to you in an understandable way.

Assume DevOps Engineer as a builder and Cloud Architect as an Engineer. A builder will know how to build, how to put the bricks, and how to efficiently use the building tools. The Engineer designs the plan including the ventilation, wire connections details.

The same applied to software development. If you have any further questions please leave them in the comment section.

Continue Reading:

Cloud Engineer vs DevOps Engineer

DevOps vs NetOps

Are you preparing for your next interview?

Please check our e-store for Cloud Technologies Combo e-books on Interview Q&A on Cloud technologies. All the e-books are in easy to understand PDF Format, explained with relevant Diagrams (where required) for better ease of understanding.

Various forms of cyber attacks are prevailing these days and method of attack sophistication has reached new levels where now attackers are not limited only to fake websites, messages or emails but also focus is on theft of data from social media platforms and failure of security systems. Social engineering attacks are on rise which trick victims into disclosing confidential, personal or sensitive information and then use it for financial gains or to bother cybercrimes. 

Today we look more in detail about two cyber attack techniques: phishing and spam, how these attacks are carried out, how to identify such attacks, steps that can be taken to avoid not being a victim of such attacks and so on.

What is Phishing?

Cybercriminal’s cheat and obtain confidential information in deceiving ways such as passwords, or information about credit cards or other banking details, which could lead to financial loss. Social engineering techniques such as obtaining necessary information by manipulating legitimate users is on the rise. Cybercriminal or attacker poses as a person or business of trust in an official communication usually via an email or instant message, social networks, or even using phone calls. 

Related: Spear Phishing vs Phishing

Such emails usually contain a malicious link which when clicked lead to false web pages letting users believe that they are at a trusted website and provide requested information which goes into spammer hand.

• The SMS based phishing attack which is also known as smishing is the one in which a user receives a text message to visit a malicious link or 
• A vishing kind of phishing attack is the one where user receives a call from a bank or some other financial institution asking for verification of personal details which attacker could use to steal money. 

What is Spam?

Spam is nothing but a flooding of mailboxes or systems with unwanted messages sent by unknown senders, which you have not requested or desired are sent in large numbers. The nature of most of the spam mail is to advertise a product or service. Spammers buy databases which include thousands of email addresses and often mask the origin of message or sender information with the intent to damage or choke systems. 

Spams are also used by hackers to create problems for network administrators but flooding systems, taxed bandwidth, unwanted use of storage space etc. 

How to protect from Phishing and Spam?

• Don’t click on unsolicited emails or links 
• Don’t enter your personal sensitive information on unsecured sites if the site URL not starting with HTTPS and a padlock symbol don’t enter any sensitive information or download any files from such sites
• Rotate your passwords regularly and enablement of multi factor authentication is a good strategy to secure passwords
• Make sure your system has latest security patches and updates are installed 

Comparison Table: Phishing vs Spam

Below table summarizes the differences between the two cyber attack technologies:

Download the comparison table here: Phishing vs Spam

Continue Reading:

What is Spoofing? Detailed Explanation

Top 10 Cybersecurity trends

Today we look more in detail about their features, use cases and comparison Cisco ASA vs Cisco FTD, i.e. how they are different from each other. 

What is  Cisco ASA? 

Cisco ASA is a network security appliance which gives firewall, VPN, and Intrusion prevention functionality. It has extra layers of security feature by application of advanced threat protection and behaviour analysis. It can detect threats in real time and block them before they cause damage to the network. Well suite for small and large enterprises as well as wired and wireless networks both. It has high throughput and low latency. 

Cisco ASA firewalls were designed to prevent all external traffic from entering into the network. ASA allows stateful inspection by saving session information so that when a valid response comes back, it can recognize and permit traffic. In addition, they provide network address translation or port address translation for network protection. 

Features of Cisco ASA

• Cisco ASA provides stateful tracking of packet if it is generated from higher security level to low security level
• It can perform static routing, default routing and dynamic routing using EIGRP, OSPF and RIP protocols
• It can operate in routed mode where it acts like a layer 3 device and need to have 2 different IP addresses on its interface and in transparent mode where it operates at layer 2 and need only single IP address
• It supports AAA services using local database or using an external server like ACS 
• VPN support is also given by Cisco ASA firewall like Point to Point, IPSec VPN and SSL based VPNs
• It new version supports IPv6 protocol routing (Static and dynamic)
• It provides high availability for pair of ASA firewalls 
• Advanced Malware protection 
• Modular policy framework supports policy definitions at traffic flow levels 

Use cases of Cisco ASA

• VPN logging
• Startup and running configuration change
• TCP port scanning
• Permitted / denied blacklisted source management 
• Permitted/ denied blacklisted destination management 

What is Cisco FTD?

Cisco FTD is a high end firewall appliance which is used to protect networks from intrusion attacks. It offers an extra layer of security to data centers and enterprises. Cisco FTD enables service level agreements (SLAs) to support real time in service monitoring, analysis and control of the network for optimization of performance on mobile applications. 

Features of Cisco FTD

• Continuous visibility across attack landscape 
• Maintains data integrity and confidentiality of enterprise network with out of band segmentation
• Includes advanced threat prevention from malware, ransomware, phishing attacks, and other exploits. 
• Architecture to support multi-tenant deployments
• Network protection from insider attack using Cisco Identity services engine (ISE). 

Use cases of Cisco FTD

• Logging security events
• Intrusion detection and prevention 
• URL filtering
• Malware protection 

Comparison: Cisco ASA and Cisco FTD

Below table summarizes the differences between the two types of Network Security Appliances:

Download the comparison table: Cisco ASA vs Cisco FTD

Final Words

The primary dissimilarity between Cisco FTD and ASA is that while ASA allows users to access VPN, IDS, IPS, anti-malware, and anti-virus facilities, these amenities are absent in Cisco FTD. However, when it comes to performance, FTD is capable of replacing ASA with ease.

Continue Reading:

Cisco PIX vs Cisco ASA Firewall

Intro to Cisco FTD Firewall (Firepower Threat Defense)

Are you preparing for your next interview?

Please check our e-store for e-book on Cisco ASA Interview Q&A. All the e-books are in easy to understand PDF Format, explained with relevant Diagrams (where required) for better ease of understanding.

• IPSec
• IKE
• Site to Site VPN between two FortiGate Sites
• Phase I and Phase II Parameters
• Tunnel Configuration
• Troubleshooting Commands

IPSec VPN Configuration: Fortigate Firewall

IPsec: It is a vendor neutral security protocol which is used to link two different networks over a secure tunnel. IPsec supports Encryption, data Integrity, confidentiality.

IPsec contains suits of protocols which includes IKE.

IKE is used to authenticate both remote parties, exchange keys, negotiate the encryption and checksum that is used in VPN Tunnel. IKE uses port 500 and USP 4500 when crossing NAT device.

IKE allows two remote parties involved in a transaction to set up Security Association.

Security Association are basis for building security functions into IPsec. IPsec parameters like encryption algorithm, authentication methods, Hash value, pre-shared keys must be identical to build a security association between two remote parties.

Site To Site VPN Between FortiGate FWs

Phase I and Phase II Parameters are:

Firewall -1, check internal interface IP addresses and External IP addresses

IPSec VPN Configuration Site-I

Follow below steps to Create VPN Tunnel -> SITE-I

1. Go to VPN > IPSec WiZard

2. Select VPN Setup, set Template type Site to Site

3. Name – Specify VPN Tunnel Name (Firewall-1)

4. Set address of remote gateway public Interface (10.30.1.20)

5. Egress Interface (Port 5)

6. Enter Pre-shared Key, Pre-shared key is used to authenticate the integrity of both parties. It must be same on both sides.

7. Select IKE version to communicate over Phase I and Phase II

8. Mode of VPN – Main mode/Aggressive Mode. Main mode is the suggested key-exchange method because it hides the identities of the peer sites during the key exchange.

9. Encryption Method, it must be identical with remote parties. Encryption method provides end-to-end confidentiality to the VPN traffic.

10. Authentication method – it must be identical with remote site. Authentication methods verify the identity of peer user which means traffic is coming from correct user and there is no man-in-middle attack.

11. DH Group- Must be identical with remote peer (DH-5). Diffie-Helliman is a key exchange protocol and creates a secure channel by exchanging public key /master key.

12. Key Lifetime – it defines when re-negotiation of tunnels is required. Key lifetime should be identical. However, if the lifetime of key mismatched then it may lead to tunnel fluctuations.

VPN Phase-II

13. Add Phase II proposals

14. Select Encrytpion method AES256

15. Select Authentication method SH-I

16. Enable Anti-Replay Detection è Anti-replay is an IPSec security method at a packet level which helps to avoid intruder from capturing and modifying an ESP packet.

17. PFS (Enable Perfect Forward Secrecy)-Must be enabled at both peers end,

18. DH Group- Select 5

19. Key lifetime for Phase II

Phase II Selector

20. Share Local LAN subnet which will communicate once VPN is established

21. Share remote end LAN subnet

Create Static Route towards VPN Tunnel Interface

22. Static Route

23. Local LAN subnet going via Tunnel Interface To-FG-2

24. Allocate Tunnel Interface

25. Assign Administrative distance 10 (static Routes)

Create VPN- Policy for interesting traffic & allow ports according to requirement

26. Assign name to the policy in IPV4 Policy Tab

27. Traffic incoming from Inside Zone/Interface and Outgoing Interface will be Tunnel Interface

28. Source address which will be 80.25.0/24

29. Destination address will be remote site Local LAN subnet 10.100.25.0/24

30. Services/protocol – select all or you can select specific servuces like FTP/HTTP/HTTPS

31. Accept the action.

32. NAT is OFF and Protocol Options are Default

33. Basic Anti-Virus has been enabled and Basic Application Control is enabled

34. SSL Certificate is enabled to authenticate over SSL Inspection/ Its completely optional

35. Enable ALL session logs

36. Add Policy Comment and Enable the Policy

37. Select OK

**If requires,  create a reverse clone policy for the connection to enable bi-direction action.

From Step 1 to Step 37, VPN configuration has been completed for Firewall -1/Site-1.

Let’s move to Firewall -2/Site II

• Check Internal and External Interface IP address and Ports

IPSec VPN Configuration Site-II

Start following step-1 to step-22 to complete the VPN configuration in Firewall-2.

• Monitor VPN traffic status in IPSec Monitor TAB for further Troubleshooting.

Troubleshooting Commands

Run debug and basic troubleshooting commands if tunnel status in not showing or visible in IPSec Monitor TAB,

Debug commands:

Initiate the connection and try to bring up the tunnel from GUI

Disable the Debug to stop packets

Continue Reading:

Routing Configuration in FortiGate Firewall: Static, Dynamic & Policy Based

Types of Firewall: Network Security

In this blog, we will discuss the comparison, firewall vs proxy in detail.

FIREWALL

A firewall is a security tool that oversees the flow of incoming and outgoing network traffic. It uses a set of security protocols to determine whether to permit or prohibit specific traffic. Firewalls are essential components of network security and serve as the first line of defense against potential threats. Their primary function is to separate secure and regulated internal networks from untrusted external networks, such as the Internet. Firewalls can be either hardware/software/combination of both.

Types of Firewalls:

1.Packet Filtering

Fundamentally, messages are divided into packets that include the destination address and data. Packets are transmitted individually and often by different routes. Once the packet reach their destination, they are recompiled into the original messages.

Packet filtering is a firewall in its most basic form. Primarily, the purpose is to control Access to specific network segments as directed by a preconfigured set of rules, or rule base, which defines the traffic permitted Access. Packet filters usually function at layers 3 (network) and 4 (transport) of the OSI model.

In general, a typical rule base will include the following elements:

• Source address
• Destination Address
• Source port
• Destination Port
• Protocol

Packet filtering firewalls are the least secure type of firewall, because they cannot understand the context of a given communication, making them easier for intruders to attack.

2.Stateful inspection firewall

Check Point has developed and patented Stateful Inspection technology, which adds layer 4 awareness to the standard packet-filter firewall architecture.

Stateful Inspection and static packet filtering are two different methods of examining a packet. While static packet filtering only looks at the header of a packet to gather information about its source and destination, Stateful Inspection goes a step further by examining the content of the packet up through the application layer to gather more information. This involves monitoring the state of the connection and creating a state table to compile the information. The advantage of this approach is that it allows the firewall to filter packets based on the context established by previous packets that have passed through it.

For Example,

Stateful-inspection firewalls offer protection against port scanning by keeping all ports closed until a specific port is requested.

3.Unified threat management (UTM) firewall

A UTM system is a network hardware appliance, virtual appliance, or cloud service that provides businesses with simplified security protection by combining and integrating multiple security services and features. Its purpose is to safeguard businesses from potential security threats.

UTM devices are commonly available as network security appliances that offer comprehensive security to networks from multiple threats. They provide protection against malware and simultaneous attacks that can target different areas of the network.

UTM cloud services and virtual network appliances are gaining popularity for network security, particularly among small and medium-sized businesses. These solutions eliminate the need for on-premises network security appliances, while offering centralized control and simplicity in constructing a layered network security defence.

NGFWs were initially created to address the shortcomings of conventional firewalls in securing networks. They offer a wide range of security features such as application intelligence, intrusion prevention systems, and denial-of-service protection. Unified threat management devices, on the other hand, provide comprehensive network security by combining various security measures like next-generation firewalls, antivirus, VPN, spam filtering, and URL filtering for web content.

4.Next-generation firewall (NGFW)

Firewalls have come a long way from basic packet filtering and stateful inspection. Nowadays, many businesses are utilizing next-generation firewalls to thwart contemporary risks such as application-layer attacks and advanced malware.

As per Gartner, Inc.’s definition, a next-generation firewall must include:

• Standard firewall capabilities like stateful inspection
• Integrated intrusion prevention
• Application awareness & control to block the risky apps
• Upgrade paths to include future information feeds
• Techniques to address evolving security threats

PROXY

A proxy server, which is also known as an application gateway, is responsible for regulating application level traffic by scrutinizing data using header fields, message size, and content. It is a component of the firewall, as a packet firewall alone cannot differentiate between port numbers. The proxy server acts as a proxy and makes decisions on how to handle application specific traffic flow by using URLs.

How does a Proxy server work?

A proxy server is positioned between the client and original server. It operates as a server process, receiving requests from the client to access the server.

The proxy server performs a complete content check when it receives a request. If the request and its content are deemed valid, the proxy server forwards the request to the actual server as if it were a client. However, if the request is not deemed valid, the proxy server rejects the request and sends an error message to the external user.

One of the benefits of using a proxy server is its ability to cache. This means that when a request for a page is made, the server checks if the response is already stored in the cache. If it is, the server sends the stored response instead of making a new request to the server. This reduces the traffic, load on the main server, and improves the latency.

Comparison: Firewall vs Proxy

Basics:

The Firewall is a security feature that prevents harmful traffic from entering or leaving a public network. It serves as a barrier for incoming and outgoing data. The Proxy Server, on the other hand, is a part of the firewall that allows communication between the client and the server if the client is verified as a legitimate user. It plays a dual role of both client and server.

Filtration:

Firewalls and proxy servers are two different types of network security measures. While a firewall filters IP packets, a proxy server filters requests on the basis of its application level content.

Network Layer:

The firewall relies on data from the network and transport layers, whereas the proxy server also takes into account data from the application layer.

Overhead Generation:

The firewall creates more overhead than a proxy server since the proxy server can handle fewer aspects by using caching.

Final Words

A firewall and proxy server collaborate to safeguard the system from harmful cyber attacks. Both firewalls and proxy servers can be used to add an extra layer of security against malware and intruders when using the internet. As a firewall component, a proxy server can be utilized by many modern firewall providers to enhance security, as well as provide efficiency and feasibility. Therefore, using both can be beneficial for additional security.

Continue Reading:

6 Types of Firewall: Network Security

CASB vs Proxy: Understand the difference

Cyber attacks are on rise since Covid 19 at a more rapid pace compared to before. Various forms of cyber attack techniques being used by hackers to gain access to organizations resulting in devastating effects such as unauthorized purchases, stealing of identities and funds etc. resulting in loss of reputation , customer trust , financial losses to the organizations.

Social engineering attacks are one for of cyber attacks which are most common it occur when attacker or hacker masquerading as a trusted entity trick victim into opening an email, instant message, or a text message and click on a malicious link which lead to installation of malware into victim system as a part of ransomware attack or disclosure of sensitive information. Sometimes these attacks are targeted over specific people such as the CEO or CIO of the organization. 

Today we look more in detail about two famous social engineering attack forms – Spear phishing and whaling, how these attacks are carried out , how to identify such attacks, steps that can be taken to avoid not being a victim of such attacks and so on.

What is Spear Phishing?

Phishing attacks can take several forms such as spear phishing, whaling, Email phishing, vishing , smishing etc. Spear phishing is a targeted attack onto a specific person or organization as compared to random users. It requires specific information about the organization and its employees including its key personals and power structure.

The attacker pretences a trusted individual in this form of attack and tricks victim to click on a spoofed email or text message, which will install a malicious code on victim system and attacker can get access to sensitive personal or professional information from victim such as names, contact numbers, mailing addresses, social security numbers, credit card numbers etc. The objective is to gain access to sensitive information to facilitate further financial fraud or any other cybercrime.

What is Whaling?

Whaling is a form of phishing attack which is targeted at high profile end users such as senior staff members in an organization, politicians or celebrities. The targeted person would be someone important in organization structure such as CEO, COO or CTO who could be holding critical and sensitive information about business.

The attacker sends an email pretending to be a customer or someone in the organization. The message would be so specific that it may seem very legitimate for the victim to click containing malicious code which will install a ransomware onto his/her system. Or redirect to a website which is under the control of a hacker. Like someone receiving a message on behalf of organization CEO , CIO will not tend to ignore or disregard such requests which may be asking some confidential information such as disclosure of admin passwords, buying Apple cards for customers etc. 

Mitigation from Phishing Attacks

The most effective measure to safeguard your system or network from phishing attacks is:

well aware and educated users on social engineering attack techniques. Spear phishing emails are tough to detect so it is good to have a look at destination or any clickable link in the mail before actually clicking them.

Other measures may include:

two factor authentication and strong password management policies. 

Comparison Table: Spear Phishing vs Whaling

Below table summarizes the difference between the two types of attacks:

FUNCTION	SPEAR PHISHING	WHALING
Target	Targeted at specific organization or group rather than random persons.	Targeted attacked on senior or high-level executives, politicians or celebrities.
Goal	Access corporate financial information and other sensitive information to facilitate another financial or cyber-attack on the business.	Retrieve high level credentials of a business such as company accounts, trade secrets, admin accounts etc.
Aim	Aimed at low profile targets.	Aimed at high profile targets.
Technology and technique	Attackers research on their targets on the internet. Attackers may use slightly more sophisticated technology.	Whaling attacks have reconnaissance phase and uses sophisticated technology.
Examples	An email stating vendor specific payment failure due to incomplete details and a link is provided in mail to retry payment again.	A carefully crafted mail seems to be coming from organization high profile personnel such as CEO, CIO asking employees to procure Apple cards for customers.

Download the comparison table: Spear Phishing vs Whaling

Continue Reading:

Phishing vs Spam: Cyber Attack Techniques

Cyber Security vs Network Security: Know the difference

Career in Cyber Security

Today we look more in detail about two most popular company’s firewalls, Palo Alto vs Checkpoint, their key differences, features etc.

About Palo Alto Firewall

Palo Alto is a cyber security firm based out of California founded in 2005. They offer a wide range of products with an advanced enterprise firewall product , a network security control center, advanced endpoint protection systems, a cloud-based threat analysis service, a range of analytics and cloud storage products.

They also operate a threat intelligence and security consulting team known as team 42 which comprises cyber threat researchers and security tech experts and analyse to discover and help to prevent new threats such as malicious software and new attacks of bad actors. The company had acquired Morta Security, Cyvera, CirroSecure, LightCyber, Evident.io, Secdo, RedLock, CloudGenix, Expanse, and many other cybersecurity firms.

Palo Alto firewalls are used by a number of organizations and data centres to keep networks safe and secure from advanced level of security threats. Palo Alto firewall is used to identify, control, and inspect SSL encrypted traffic and applications. It offers monitoring applications, threats and contents. It offers a real time content scanning system for protection from viruses, data leakage, online threats, spyware and application vulnerabilities.

Features of Palo Alto firewall:

• Inspects all traffic including all applications, threats and content and tie that traffic to user regardless of location or device type
• Identify users in all locations irrespective of device type and OS
• Offers policy-based decryption to allow to decrypt malicious traffic leaving aside sensitive traffic encrypted
• URL filtering to provide protection against web-based threats 
• DNS security to enable predictive analysis , machine learning and automation to block DNS attacks 

About Checkpoint Firewall

An American – Israeli company specialized in cyber security software for varied purposes including network, endpoint, cloud, mobile, and data security. Checkpoint in 1993 came with a firewall product called Firewall-1. Checkpoint firewalls are designed to control traffic between external and internal networks.

Checkpoint firewall is part of software blade architecture which gives features like data loss prevention, application control, intrusion detection and prevention, VPN and mobile device connectivity, internet access and filtering.

Features of Checkpoint firewall:

• Checkpoint NGFW can be installed on specific appliances or in virtual mode
• Checkpoint NGFW contains IPS software blade which provides geo protection as well as frequent , automated threat definition updates 
• Offers centralized management and role-based administration
• Combines perimeter, endpoints, cloud and mobile security with application control, advanced URL filtering and data loss prevention capabilities

Comparison Table: Palo alto vs Checkpoint Firewall

Below table summarizes the differences between the two types of firewalls:

Function	Palo Alto Firewall	Checkpoint Firewall
Software	Uses PAN OS	Checkpoint Software blade
Firewall throughput	2Gbps (App ID enabled)	4 Gbps (Ideal testing condition – Stateful, 2.1 Gbps in real testing condition)
IPSec VPN throughput	500 Mbps	2.25 Gbps
IPS Throughput	1000 Mbps	1.44 Gbps (460 Mbps IPS real testing condition)
Connections per Second supported	50 000	48 000
Total Connections	2 50000	3 200 000
Unicast IPv4 Routing Protocols and static routing	BGP, RIP, OSPF static routing	RIP, OSPF, BGP, static routing, PBR
Firewall Mode: Router or Bridge	L1, L2, L3	L2, L3
High availability	Active /Active , Active/Passive	Cluster XL
Real time threat prevention	Alerts are generated post infection few minutes later. Infection alert is sent so cyber security team can take action on it.	Checkpoint prevents Patient-0 and malware is blocked before entering into network.
Security priority	Inspects part of traffic for threats exposing customers to risk.	Inspects 100% traffic for threats.
Application awareness	Limited visibility comparing only 3500 applications	Wider visibility of high-risk applications and shadow IT about 8600 applications
Preventive protection	Do not have capability and can scan documents with its post infection scan engine.	Provide users sanitized version of documents for safe work environment.
Response to vulnerabilities	128 days on an average to fix	6 days on an average to fix
clear view of threats	Don’t have capability for MITRE ATT&CK framework	MITRE ATT&CK framework to prevent cyber attacks
SSH and SSL usage	First firewall to decrypt, inspect and control SSL and SSH . Policy control over SSL allows personal use of applications securely (like twitter, Facebook)	No SSL decryption , inspection and control (inbound and outbound)
	SSH controls ensure it is not being used to tunnel other applications	No way to identify intended use of SSH
Security score	Cyber security rating of 13/20	Highest score in NSS lab BPS 2019
Features	SSL decryption to examine SSL concealed threats	Patient zero prevention
	Automatic failover support	100% traffic inspection
	URL filtering	Robust intrusion prevention system
		Change management function

Download the comparison table: Palo Alto vs Checkpoint Firewall

Quick Facts !

Palo alto has global share of 18.9% in Year 2021 whereas Checkpoint market share is 9.1%

Continue Reading:

Palo Alto vs Fortinet Firewall: Detailed Comparison

Types of Firewall: Network Security

Organizations need to keep pace with rapid increase in technology demands such as remote working, anywhere connectivity, lower latency , increased availability along with protection of infrastructure from a never ending list of threats and vulnerabilities. The firewalls are a crucial security product which provides capabilities to protect your networks and data residing within. Moving from stateful network firewalls to next generation firewalls is a game changer. 

A traditional firewall approach based on filtering incoming and outgoing traffic based upon Internet protocol (IP) port and IP addresses is replaced by next generation firewalls which provide add-on features like application control, intrusion prevention (IPS), URL filtering and advanced threat protection capabilities like sandboxing. 

Today we look more in detail about two most popular companies’ firewalls : Palo Alto vs Fortinet Firewall, key differences, features etc. 

About Palo Alto Firewall

Palo Alto is a global cyber security company based out of Santa Clara, it’s one of the core security products in cloud-based security offering is Palo Alto used by 85000 customers across 150+ countries. It has both physical and VM series firewalls – the PA-220, PA-800, PA-3200 series and PA-5200 series are next generation hardware while PA-7050 and PA-7080 are chassis-based architecture.

Release of PAN OS 9.0 new K2 series firewalls were introduced which was a 5G ready firewall designed for service provider mobile network deployments having 5G and IoT security needs. The VM series firewalls can be deployed in on premises or cloud environments. They use a unified licensing system which is platform agnostic. 

Features of Palo Alto Firewall

• License bundles antivirus, antispyware, and vulnerability protection . Threat prevention allows to obtain content updates for malware protection
• Able to create a copy of decrypted traffic from firewall and send it to traffic collection tool for archiving and analysis
• Ability to control access to websites based on category of URLs
• Receive antivirus signatures updates which include signatures discovery by wildfire 
• Special license for provision of extended VPN remote access connectivity which has multiple gateway usage, mobile apps, mobile security management, host information checks or internal gateway

About Fortinet Firewall

Fortinet was founded in 2000 by brothers Ken Xie and Michael Xie as a cybersecurity company. The name of Fortinet firewall is derived from the phrase ‘Fortified networks’. FortiOS is an operating system for hardware which is the base of security fabric.

Majority of Fortinet models use specialized accelerated hardware known as security processing units which can offload resource intensive processing from main processing resources. Having specialized content processors which accelerate a wide range of essential security functions such as virus scanning, attack detection, encryption, and decryption. 

Features of Fortinet Firewall

• Understand application layer protocols and applications
• Gives ability to block access to malicious, hacked, or inappropriate websites 
• Protects against viruses, spyware, and content level threats
• Performs dynamic analysis to identify unknown malware with automatic response and detection in the cloud
• Provides protection against threats on mobile devices by using detection engines to prevent both new and evolving threats to gain access to network and also personal information 
• Aggregates malicious source IP list 
• Controls access to risky industrial protocols
• Protection0 against spam at network perimeter, controls email attacks and infections

Comparison Table: Palo Alto vs Fortinet firewall

Below table summarizes the key points of differences between the two types of firewalls:

Download the comparison table: palo alto vs fortinet firewall

Continue Reading:

Palo Alto Firewall Architecture

Routing Configuration in FortiGate Firewall: Static, Dynamic & Policy Based

If you want to learn more about Palo Alto, then check our e-book on Palo Alto Interview Questions & Answers in easy to understand PDF Format explained with relevant Diagrams (where required) for better ease of understanding.

Today we look more in detail about comparison between next generation firewalls such as Juniper SRX firewall and Palo Alto firewalls, how they are different from each other, and their features. 

Juniper SRX Firewall

Juniper SRX is a next generation firewall departure from ScreenOS based firewalls. SRX provides scalability and scalable services. Scaling under load is a typical requirement of firewalls including other services such as stateful firewall, VPN, NAT, UTM and intrusion prevention. The SRX branch series of firewalls are meant for small and large office locations where the firewall is typically deployed at network edge and in data center series of SRX designed to provide scaling services.  

Related: How to configure Juniper SRX Firewall? Step by Step Guide

Features of Juniper SRX Firewall

• Users can limit traffic and shape bandwidth based on application information and contexts
• Ability to route traffic over different WAN links
• More accurate and granular security policies
• Prevent users to download ransomware hidden within encrypted traffic 

Palo Alto Firewall

Palo Alto detects known and unknown threats such as encrypted traffic with intelligence. PAN-OS is software which runs Palo Alto networks having key technologies built into PAN-OS as a native feature – App-ID, content-ID, device-ID, and User-ID. Policies and rules can be applied uniformly across all assets. Anomalous user behaviour across enterprise and consistently protect all business applications and allow to grant leased privileged zero trust policies. 

Palo Alto can access TLS/SSL encryption and feature of inspection for traffic monitoring to ensure malicious traffic in encrypted disguise enters your network. Customers have access to granular controls for application, tunnel monitoring, QoS services , integrated DNS, usage-based policy configuration and mobile device management. 

Features of Palo Alto Firewall

• Consistent protection from threats in real time, full visibility, and traffic control
• User access filtering and assessment in intelligent manner
• Data loss prevention with outbound traffic exfiltration

Comparison: Juniper SRX Firewall vs Palo alto Firewall

Below table summarizes the points of comparison between the two types of firewalls:

Download the comparison table: Juniper SRX Firewall vs Palo alto Firewall

Continue Reading:

Palo Alto vs Fortinet Firewall: Detailed Comparison

Palo Alto vs Checkpoint Firewall: Detailed Comparison

Data structure often contains a lot of data that is difficult to search through. Hashing is an effective solution that can be used to map these large datasets to much smaller tables by utilizing a unique Hash function. This helps to quickly access the data and reduces the effort that would otherwise be required to search through every index value and level to get to the required data block.

Hashing is a computational technique in which a special set of functions transform information of varying length into a shortened fixed-length output, commonly known as a “Hash Code”, “Key”, or simply “Hash”. The data that the hashing process is applied to is usually referred to as a “Data Bucket”.

Hashing is often used for a variety of purposes, such as verifying passwords, linking filenames with their file paths in OS, graphic processing, and playing board games like Chess and tic-tac-toe.

In this article, you will learn the difference between two significant hashing methods – static hashing vs dynamic hashing.

What is Static Hashing?

This method of hashing allows individuals to access a specific set of data. This means the content in the directory is not fluctuating, it’s “Static” or constant. Through this hashing technique, the number of data buckets in memory stays the same.

Static Hashing Operations

• Insertion – When a data point is added to a static hashing system, the hash function (h) is used to work out the bucket address “h(K)” for the search key (k) in which the record is stored.
• Search − When trying to access a record, the same hash function can be employed to get the location of the bucket which contains the data.
• Delete − Search the associated address of a certain record and delete either that single record or a group of records stored in the memory that corresponds to the same address.
• Update – It is feasible to update a record once it has been identified through the use of a hash function.

Advantages of Static Hashing

• Provides the best possible results when dealing with databases of a limited size.
• It is possible to use the value of the Primary Key as a Hash Key.

Disadvantages of Static Hashing

• It is not capable of operating effectively with scalable databases and large sized databases.
• When the amount of data surpasses the available memory, a bucket overflow problem will arise.

This significant issue of bucket overflowing can be addressed in two ways:

Overflow chaining – When all the buckets are at full, a new bucket is generated to store the same hash result.

Linear Probing – When a hash function creates an address that already contains data, the next free bucket is assigned to the said data.

What is Dynamic Hashing?

This type of hashing allows users to find information in a changing data set. That is, data can be added or removed as needed, thus making it a ‘dynamic’ hashing approach. The size of the data buckets increases/decreases as per the number of records contained in them. A problem with static hashing is the potential bucket overflow. Dynamic hashing provides a way to avoid this issue, and is also known as the Extendible hashing method.

Dynamic Hashing Operations

• Insertion – It is possible to figure out the address of the bucket. If the bucket is already full, extra buckets can be added. In addition, extra bits can be included in the hash value and the hash function can be calculated again. If the buckets are not full, data can be added to them.
• Querying – Determine the depth of the hash index and applying the data from it to compute the address of the bucket.
• Delete − Executes a query to find the necessary data to delete.
• Update – It performs a query to update the data.

Advantages of Dynamic Hashing

• It is effective with scalable data.
• It has the capability to manage large amount of memory where the size of the data is consistently altering.
• It is capable to overcome the bucket flow issue effectively.

Disadvantages of Dynamic Hashing

• The position of the data in the memory varies depending on the bucket size. Therefore, if there is a huge increment in the data, keeping the bucket address list up-to-date can be a problem.

Static Hashing vs Dynamic Hashing

Below table summarizes the key points of differences between the two techniques of hashing:

Download the comparison table: Static vs Dynamic Hashing

Conclusion

When it comes to hashing, there are variations in the way it can be applied depending on whether the data set requires a fixed-length or a variable-length bucket. When picking a hashing technique, one must take into account the size of the data to be processed as well as the speed of the application.

Continue Reading:

MD5 vs CRC – Detailed Comparison

What is Cryptography? Detailed Explanation

Today we look more in detail about IP address and its types, how they function and the difference between them i.e. Static IP vs Dynamic IP Addresses.

What is Static IP Address?

IP address could be distinct having allotted to each device individually on a network. The word static means ‘fixed’ and ‘not change’. The static IP address refers to an IP address which is assigned to a device permanently and does not change. Static IP addresses are usually found on web servers. This is usually utilized by businesses which require to communicate globally and desire a fixed identity. Since they are finite and to be assigned individually, they entail monthly fees.

Use cases for Static IP addresses

• DNS – website managers use static IP addresses with DNS information which connects consistently using static address as it does not change
• Website hosting – with a static address assignment to website, it is easier for users to find them easily on Internet
• Voice communications – Voice over IP works better with consistent connections
• Remote access – consistent connections between remote works and organization networks is possible with static IP addresses
• Geolocation reliability – services rely on static IP addresses for geolocation capabilities such as weather or traffic updates
• IP Allowlisting – Remote workers having static IP address help security teams to filter legitimate traffic to promote better data security.

What is Dynamic IP Address? 

IP address often changes when user reboots the system and its allocated mechanically. Dynamic IP addresses changes every time device connects to Internet. It does not entail cost to use dynamic IP address. ISP servers assign them as required. These are standard identifiers for consumer devices and mostly used in home networks for identification of tablets, laptops, and digital devices such as box.

Use cases for Dynamic IP address

• Used in home settings and consumer settings
• Used by mobile devices such as tablets and smartphones

Static IP vs Dynamic IP Addresses: Differences

Key points of comparison between the two types of IP addresses are:

Provider:

Internet service provider provides static IP addresses whereas Dynamic IP address is provided by DHCP (Dynamic host configuration protocol) server.

Nature:

Static IP address is constant and do not change any time. Dynamic IP address is not constant in nature and can change multiple times.

Security:

Since Static IP address is static in nature it is easy to intercept hence less secure. Dynamic IP addresses are more secure as they are difficult to intercept as they keep changing.

Traceability:

Devices assigned static IP addresses are easily traceable. Dynamic IP assignment makes difficult to trace a device to which it is assigned.

Stability:

Stability is higher in static IP address whereas Dynamic IP addresses are less stable.

Costs:

Static IP addresses are costly and provided by ISPs at high charges. Dynamic IP addresses itself do not entail cost, but there could be cost associated to setup initial infrastructure DHCP server etc.

Confidentiality:

If the requirement is that data is not so confidential but service reliability and availability is of concern then static IP addresses are being used such as servers hosting business applications. If the requirement is of higher security and lesser costs then dynamic IP address allocation is preferred such as endpoint systems.

Troubleshooting:

Troubleshooting is easier for static IP address as IP is fixed. Troubleshooting is complex and difficult to diagnose network issues as IP address assignment is not fixed.

Static IP vs Dynamic IP Addresses: Comparison Table

Below table summarizes the differences between Static and Dynamic IP address:

Download the comparison table: Static IP vs Dynamic IP

Continue Reading:

IP Address Restrictions for Improved Access Control

NAT vs PAT: IP Address Translation Explained

GPU and CPU work together to maximize system performance. Central processing units (CPUs) excel at many computing tasks, whereas GPUs excel at parallel processing. Some systems combine the CPU and GPU for efficiency and simplicity. 

This is beneficial since devices’ most critical elements are space, money, and energy efficiency. Learning about their personalities and cooperation will help you understand the ever-changing world of computer processing. The RDPs are also cost friendly as they are virtual desktops, can be used remotely and easy to use when you need it, they also come with multiple configurations and GPU server.

What is a Central Processing Unit (CPU)?

The CPU, a silicon chip attached to a motherboard socket, is essential to every computer system. Some call that section of your computer the “brains”. A computer’s processing power comes from billions of tiny transistors and software instructions in the CPU. 

Running programs from memory is the system’s task. Like trillions of switches, billions of on-off switches manage power and transform tasks into binary numbers.

Most modern robots can do 1–5 billion operations per second. Although data is normally accessible in the order in which it is put, random access memory (RAM) permits data retrieval in any order.

The CPU’s main job is to read RAM instructions, decode them, and execute them. They perform sequential operations.

A CPU’s primary functions are:

• Fetch: The CPU fetches instructions from program memory or RAM. The command might be numbers, letters, addresses, or characters. The central processing unit executes the request. The next RAM instruction is represented by integers or numbers in these instructions.

• Decode: The CPU may execute instructions from its instruction set after data receipt. Reading numbers from or sending them to a device, adding numbers, executing Boolean logic, storing numbers from the CPU to RAM, comparing numbers, and jumping to RAM are common commands.

• Execute: Instructions are sent to the instruction decoder, which turns them into electrical signals. These signals are forwarded to CPU sections for processing. Once the next command arrives, everything starts again.

How does a CPU work?

The CPU is the computer’s brain. A control unit coordinates the system’s numerous operations. Sequentially, the control unit must access the main memory for instructions. This ensures that orders are fulfilled in sequence. 

It then interprets these instructions to activate operational components at the proper times to complete their responsibilities. After the main memory transmits data, ALUs process it. These ALUs execute addition, subtracting, multiplying, and dividing. 

Their logic processes include data comparison and issue resolution using predetermined decision criteria. The central processing unit (CPU) coordinates several jobs to conduct a variety of calculations and activities. This streamlines instruction processing.

CPU Features

Cores 

A CPU’s cores, which are like processors, are its primary processing units. Their many cores distinguished Early CPUs. Thanks to technology, modern computers may employ CPUs with 22 to 64 cores. 

Performance and efficiency increase with core count. This is because additional cores allow several jobs to run simultaneously. Multitasking is easy with this multicore design, which lets the CPU do many activities.

Simultaneous Multithreading/Hyperthreading 

Intel CPUs use Hyperthreading, or Simultaneous Multithreading (SMT), to boost CPU performance. This breakthrough allows several software threads on one CPU core. This transformation divides a physical core into two logical ones. 

This innovation allows multiple jobs to be executed simultaneously, increasing efficiency. SMT optimizes resource consumption to keep the CPU productive even with unexpected workloads. This makes computer usage simpler and quicker.

Cache 

Any processor design includes a CPU cache, which offers high-speed memory directly incorporated into the CPU. To speed up access to commonly used data and instructions, the cache has three levels, L1 being the quickest and L3 the most utilized. Data access is faster because of the CPU cache. Smart cache arrangement boosts CPU performance and responsiveness. The CPU processes data faster due to its position.

Memory Management Unit (MMU)

The Memory Management Unit, which monitors memory and caching processes, is a crucial CPU component. The memory management unit (MMU) connects the CPU and RAM to transmit data efficiently throughout the fetch-decode-execute cycle. 

Its main job is to convert program addresses into RAM addresses. The CPU may access and handle system memory data via this translation. Translation is essential to preserve memory hierarchy.

Control Unit

The Control Unit, the CPU’s command and control hub, coordinates all processor functions. As the master controller, it controls the logic unit, input/output devices, RAM, and other components based on instructions. 

Coordinating its functions, the Control Unit executes program instructions sequentially. It monitors the CPU during fetch, decode, and execution. The central processing unit (CPU) acts like an orchestra director, ensuring that all CPU sections work together in perfect harmony and effectively.

What is a Graphics Processing Unit (GPU)?

Graphics are created by the graphics processing unit (GPU), sometimes known as a video card or graphics card. They may be integrated with the motherboard and share memory with the CPU or discrete and have their memory. Due to their small architecture and CPU resource sharing, integrated GPUs perform poorly compared to discrete GPUs.

When the CPU handled everything, computers could have been more efficient at 3D graphics and other demanding tasks. It required a separate microprocessor due to its high stress. Graphics processing units (GPUs) are like specialized CPUs—they can multitask well. Indeed, CPUs formerly performed the same duties as GPUs.

GPUs can accomplish tasks concurrently, unlike CPUs. Despite their small size, GPUs have a high core count. CPUs are more “generalist” than GPUs hence they have fewer capabilities. However, GPUs can efficiently perform more mathematical and geographical functions.

How does a GPU work?

GPUs struggle with mathematical and geometric calculations. Polygonal coordinates are converted into bitmaps, which are translated into screen signals to generate film and video game images. The conversion demands a powerful GPU. The most significant GPU features are:

• Massive ALUs: GPUs can handle huge data sets over several streams with their numerous ALUs. This is due to their massive ALU count. This makes many tough mathematical jobs easy for them. Due to its hundreds of cores, GPUs can process several threads concurrently.

• Port connectivity: various ports offer GPU-to-screen connections. Display and GPU must have port availability. Connections like VGA, HDMI, and DVI are standard.

• Ability to do floating-point math: GPUs can do floating-point arithmetic on numerical representations near actual values. Modern GPU-integrated graphics cards can easily handle double-precision floating-point numbers.

• Suitable for parallel computing: GPUs provide parallel computing since they’re designed for parallelizable tasks.

The CPU produced visual rendering output until GPUs were introduced in the 1990s. A GPU may speed up a computer by taking over computationally heavy activities like rendering from the CPU. The GPU can do several calculations at once, speeding up software processing. The transition also led to increasingly complicated and resource-intensive software.

GPU vs CPU: Key Differences

Computer software function

CPU stands for “central processing unit.” All current computers use CPUs, a general processor. It runs important instructions and operations to keep the machine and operating system running correctly. They call it a computer’s “brain” because of this. 

As indicated, the CPU includes the ALU, CU, and memory. The ALU does logical and mathematical operations on memory data, while the control unit controls data flow. CPUs determine program speed.

People commonly refer to a GPU as a video card, graphic card, or graphics. For visual data management, a GPU is needed. This step includes converting data like photos from one visual format to another. It can produce two-dimensional or three-dimensional pictures and render graphics, a typical 3D printing method.

Operational Emphasis

CPUs are designed for reduced latency. Optimizing a computer for low latency to execute multiple instructions or communicate data fast is typical. The time a CPU takes to reply to a device request is called “latency”. This latency is measured by clock cycles. 

Cache misses and misalignments may increase CPU delay. Latency typically causes page and app load delays and other performance issues. 

However, the GPU prioritizes throughput. Throughput is the greatest number of identical instructions each clock cycle. This occurs when one instruction’s operands are not reliant on a previous instruction. Low throughput may be caused by memory bandwidth, algorithm branch divergence, and memory access latency.

Operational Tasks

Main CPU tasks include fetching, decoding, executing, and writing back. 

• Fetch: A CPU “fetch” retrieves instructions from RAM. 
• Decode: The instruction decoder converts instructions to determine whether further CPU components are required. 
• Execute: To “execute” is to follow directions.
• Writeback: Caching called “writeback” moves data to more critical caches or memory.

GPUs excel in video and graphics processing. The application supports texture mapping, hardware overlay, MPEG decoding, and screen monitor output. This streamlines picture creation and reduces labor. The GPU can do floating-point and three-dimensional computations.

The use of cores

Modern CPUs feature two to eighteen cores, each of which may multitask with its functions.  Multiple threads, or virtual cores, may be created using simultaneous multithreading. A four-core CPU can create eight threads. 

A CPU with multiple cores can run more programs and perform more demanding tasks, making it more efficient. Central processing unit cores excel in DBMS operations and serial computing. 

While GPU processors are slower than CPU cores in serial computation, they’re lightning-quick in parallel. This is because GPUs have hundreds of weaker cores that excel at simultaneous processing. Cores in graphics processing units (GPUs) compute graphical tasks.

How GPU and CPU work together?

CPUs and GPUs work better when they team up. GPUs improve data speed and concurrency, while CPUs can handle many jobs. GPUs were originally designed for computer games, but they today speed up complex processes and manage massive amounts of data.

A CPU and GPU, which excel at distinct tasks, provide a dynamic computing environment. Due to its adaptability, the CPU executes applications and system tasks well. GPUs can conduct complicated mathematical calculations and visual rendering due to their many parallel processing cores. Cooperation boosts system performance by effectively sharing computing duties.

GPUs are superior for parallel processing and specialized applications, while CPUs are still needed for general computing. The CPU’s versatility makes it essential to every system; it can perform complicated activities. 

GPU excels at massive parallel processing. This improves data-intensive applications like scientific simulations and machine learning. The CPU and GPU combine general-purpose computation with high-throughput, specialized tasks to improve system performance.

Conclusion

The CPU and GPU work together to power computers. The CPU is a computer’s “general-purpose brain” that processes instructions and performs several activities. Meanwhile, a graphics processing unit (GPU) executes some computational functions and may produce visuals. 

This partnership improves system performance by combining the CPU’s flexibility with the GPU’s parallel processing. Sharing graphics with the CPU boosts efficiency, especially in tiny devices. 

One may learn how contemporary computers perform smoothly and appreciate the CPU and GPU’s crucial contributions to the computing experience by studying their responsibilities and how they work together.

Continue Reading:

Snapdragon vs MediaTek: Which one is better?

Snapdragon vs Exynos: Which one is better?

In the wireless world, Wi-Fi is the term that is similar in general to access of wireless. Although the fact is that this specific trademark is owned by Wi-Fi Alliance. This dedicated group takes care of Wi-Fi products certification when they meet the wireless standards of 802.11 set of IEEE. It is a bit complex in getting used to the standards naming scheme of IEEE and to make the process of understanding it easier, some simpler names haves been introduced by Wi-Fi Alliance. Under this convention of naming,

• Wi-Fi 4 is the name given to 802.11n
• Wi-Fi 5 is for 802.11ac
• Wi-Fi 6 is for 802.11ax.

Wi-Fi 4 (802.11n)

802.11n is the first standard in which MIMO is specified and usage is allowed by this in two frequencies- 5GHz and 2.4GHz having speeds ranging to 600Mbps. When the term dual band is used by vendors of wireless LAN, it reflects the ability of data delivering athwart the two frequencies. Wi-Fi 4 is the successor of Wi-Fi 3 i.e. IEEE 802.11g.

Introduction of MIMO has taken place in this Wi-Fi standard along with beamforming. However, testing of interoperability has not been done yet. Previous versions legacy fallbacks was also supported by it and bandwidths that is support are 40 MHz and 20 MHz It is also possible to achieve upto 150Mbps data rates due to higher bandwidth and use of MIMO.

70 meters is the range in indoor that could be supported by devices of WiFi-4 and in outdoor environments, it reaches about 250 meters. Wi-Fi 4 devices that offer support to MIMO configurations include 4T4R and 2T3R. The modulation schemes used in this are QPSK, BPSK, 64QAM and 16QAM.

 Wi-Fi 5 (802.11ac)

The wireless routers that are used in many homes at present are likely to have 802.1ac compliance operating in the frequency space of 5GHz. The data rates supported by this standard are up to 3.46Gbps with MIMO where speed is boosted and error is reduced by multiple antennas on the receiving and sending devices. This Wi-Fi standard stands as the first one in which feature of multi-user MIMO has been introduced.

On account of multi-user MIMO, higher bandwidths addition, more modulation schemes and spatial streams, higher throughput is supported by WiFi-5. 5GHz is its operating frequency and it offers support to modulation schemes of single carrier (CCK, DSSS), multi-carrier and types of baseband modulation (QPSK, BPSK, 256QAM and 64QAM).

Bandwidths of several channels are supported including 160 MHz, 20 MHz, 80 MHZ and 40 MHz Maximum data rate of 6.93 Gbps is also supported by Wi-Fi 5 along with approx. 80m of coverage range and 3 antennas. Multi-user as well as single user transmissions are also supported by this Wi-Fi standard.

 Wi-Fi 6 (802.11ax)

802.11ax is also termed as WLAN of high efficiency since it aims at enhancing WLAN deployments performance in the scenarios that are dense such as airports and sports stadiums while it still operates in the spectrum of 5GHz and 2.4GHz. About 4X of improvement is targeted by the group in throughput in comparison to 802.11ac and 802.11n via utilization of spectrum that is more efficient. In comparison to the legacy Wi-Fi networks including Wi-Fi 3, Wi-Fi 4, Wi-Fi 5 etc. it offers greater range of coverage and higher speed. In both downlink and uplink directions in Wi-Fi 6, introduction of concept of OFDMA has taken place.

Beamforming, MU-MIMO, OFDM symbol of longer size, 1024-QAM, more spatial streams, scheduling of uplink resources with no contention etc. are the features introduced in this Wi-Fi generation. BSS coloring is the other specific feature present in this Wi-Fi generation. It is also referred as High frequency WLAN (HEW) on account of performance of high efficiency. Wi-Fi 6 generation offers better network capacity, efficiency, user experience and performance at reduced latency.

Related –  Wi-Fi 6 Technology  

Comparison : Wifi6 vs Wifi5 vs Wifi4

Security and network architecture have taken a front seat since cloud adoption is all time high and constantly growing. The demand for remote workforce is increasing and per Gartner research demand for remote working is set to increase 30% by 2030, this is given more momentum with the coronavirus pandemic which has forced world wide organizations to adopt a hybrid working model. 

Need for distributed working is however much older and not just evolved in the last 24 months during the pandemic times. In the 1990s and 2000s there was a simple centralized architecture where data resided in data centers and connectivity to branch offices and simple security measures were set in. The majority of staff worked from the office so it was easy to provide secure access to resources and services. 

Today we look more in detail about two most popular terminologies emerged in cloud era – SSE (Security service edge) and SASE (Secure access service edge), lets understand how they are interlinked but at the same time they are different , their advantages and limitations and off course the use cases. 

What is Security Service Edge or SSE?

SSE term was also introduced by Gartner in the year 2021 emerged as a single vendor, cloud centric converged solution to accelerate digital transformation with enterprise level security to access web, cloud services, software as a service, private applications with capability to accommodate performance demands and growth. 

It may be included as a hybrid of on premises and agent-based components but primarily it is a cloud-based service. It offers capabilities such as access control, threat protection, data security, security monitoring, acceptable use controls enforced via network based and API based integrations. 

SSE security services include Cloud access security broker (CASB), Secure web gateway (SWG), Zero trust network access (ZTNA), Data loss prevention (DLP), Remote browser installation (RBI) and Firewall as a service (FaaS). 

What is SASE?

Term Security Service Edge or SASE was coined by Gartner in 2019 to describe offering a range of security networking products. It is a complex product with five elements into it and with the inclusion of SD-WAN meant on premises equipment which makes setup more complicated and pricing model needs to cover cost of hardware also. 

Some of the major vendors in SASE space are Cato networks, Fortinet, Palo Alto networks, Versa, VMware and others. It brought two prolonged vendor approaches together, having a highly converged wide area network (WAN) and Edge infrastructure platform with highly converged security platform – Security service edge (SSE). 

It is a security component of SASE which unifies all security services including secure web gateway (SWG) , cloud access security broker (CASB) and Zero trust network access (ZTNA) to provide secure access to web, cloud services, and applications. 

Comparison: SSE vs SASE

The key points of differences between the two are:

Term Coined

Gartner gave SSE term in year 2021 to define limited scope of network security convergence including SWG, CASB, DLP, FaaS, ZTNA into a single cloud native service. On the other hand, Gartner gave SASE term in year 2019 to define convergence of networking and security capabilities into a single cloud native service.

Concept

SSE is a component of SASE (a security pillar). SASE has broader approach and takes a holistic approach towards secure and optimized access . The focus is both on user experience and security.

Requirements

To use capabilities of SSE we need physical hardware to deploy services at locations. SASE = security service edge (SSE) + access, it is an architecture that organizations endeavour to have involving delivering networking and security via cloud directly to end user instead of a physical conventional data center.

Vendors

Some of the examples of important vendors of SSE are Z-scaler, Cisco, Palo Alto, Netskope, Cato networks. Whereas, Z-scaler, Palo Alto, McAfee, Cisco, Nokia, Fortinet, Versa Networks, VMware are the important vendors that provide SASE.

Below table summarizes the differential points between the two:

Download the comparison table: SSE vs SASE

Continue Reading:

CASB vs SASE: Which One Is Better?

CSPM vs CASB: Detailed Comparison

As more and more data moves onto the cloud new tools and methods are evolving to control data and adhere to security regulations. Coronavirus pandemic is becoming an acceleration factor as all around the world companies have to adopt digital remote working to survive in this period.

Many organizations implemented VPNs to connect remote workers to the organization network and soon had a major hit back on realizing how VPNs were riddled with problems. This necessitated the need for a cloud based, zero trust solution to fit into the changing business landscape. 

Today we look more in detail about two most popular terminologies related to cloud access in a secure manner – Cloud access security broker (CASB) and Secure access service edge (SASE), how they are related and different from each other, advantages and use cases. 

What is CASB?

Cloud access security broker (CASB) is a software which can be hosted on premises and cloud and enforce compliance via policies, security and regulatory safeguards around data and cloud applications.

Initially CASB focus was to bring in cloud visibility hence primarily it is used to detect shadow IT.  However later it has evolved to offer more features such as encryption, protection of data stored in the cloud by prohibiting specific categories of sensitive data exposure via email or file sharing, data access restrictions, audit on cloud services etc. 

Let’s discuss the key benefits and drawbacks of CASB:

Pros

• Prevents external & internal cyber threats.
• Cloud infrastructure can be made more secure by using it in conjunction with other solutions.

Cons

• Need of integration with other security solutions.
• It reduces the overall effectiveness of the security team because every security solution must be acquired, deployed, monitored, and maintained separately.

What is SASE?

SASE is a cloud-based IT architecture, a term coined in the year 2019 by Gartner which combines software defined networking and network security tasks and delivers them from a single cloud native platform. SASE is a broader term which covers access and security both in its paradigm without the physical boundaries. 

SASE gives businesses a converged network which is consistent, agile and holistic, eliminating need for specialized hardware or security appliances as it is delivered as a service. 

SASE is a bundle of access and security and have security components like Zero trust network access (ZTNA),  Data leakage protection (DLP), Secure web gateway (SWG) and Cloud access broker service (CASB). 

Let’s discuss the pros and cons of SASE:

Pros

• Provides an all-in-one solution fulfilling the networking and security requirements.
• SASE is a complete WAN infrastructure solution, so it cannot be just slotted into place like a CASB.
• An organisation can take advantage of the convergence of SD-WAN network services and fully integrated security technologies by using a comprehensive security stack.

Cons

• A network redesign and the retirement of legacy networking and security solutions might be required to implement SASE.
• It is expensive.

Comparison Table: CASB vs SASE

Below table summarizes the difference between the two:

Download the comparison table: CASB vs SASE

CASB vs SASE: Which One Is Better?

To conclude which one is better CASB vs SASE, a CASB and a standalone SASE both offer the CASB functionality required for cloud security. Although there are advantages and disadvantages to both, the “right choice” may depend on an organisation’s specific situation and objectives.

SASE is typically a better choice since it simplifies security and maximizes the efficiency of a company’s security team, but a standalone CASB might be integrated more easily into the company’s existing security structure.

Quick facts!

As per Gartner prediction by 2025 ; 80% of organizations will unify web, cloud services and application access using a SASE architecture.

Continue Reading:

Top 13 CASB Solutions

CASB vs Proxy: Understand the difference

Related Video

Internet service providers are organizations which provide internet connection to end users and other organizations which can be customer businesses, individuals. ISPs have made it easier and affordable to connect to the internet. ISP acts like a gateway to connect the device to the Internet. ISPs are conceptually organized into tiers or three layers based on the type of Internet services they provide. We will learn more about these three tiers and layers in this article. 

Most of the internet service providers own physical infrastructure (fiber, cables, etc.) to provide internet access. ISPs that can can take advantage of their large network reach to strike up deals with other ISPs. Transit, peer, and customer are the three most important types of traffic exchange agreements.

• Transit: A computer network allows network traffic to cross it by providing transit services. Typically, transit is paid for by smaller networks to gain access to the rest of the internet.
• Peer: Network owners may see a mutual benefit in allowing each other access to their respective networks. In this situation, neither party has to pay for the exchange of traffic, which is referred to as a settlement-free exchange.
• Customer: An internet service provider pays another network for internet access, and provides internet access in return.

Today we look more in detail and understand about tier 1, tier 2 and tier 3 of ISP or internet service providers, how they are different from each other, which are the most prominent ISP providers in each tier etc.

What is a Tier 1 ISP?

Tier 1  Internet service providers are on the top of the hierarchy and have global reach and do not pay for Internet traffic through their network. These ISPs connect at the same level and allow free traffic passing to each other. These ISPs are also known as Peers. 

These ISPs are not just having established network lines at regional level but also lay Internet cables under the sea to provide internet connections to other countries. They build infrastructure such as Atlantic Internet sea cables, and provide traffic to all other Internet service providers but not to end users. 

They provide coverage at international and national level. Some most prominent ISPs in this category are

• Cogent Communications,
• Hibernia Networks,
• AT&T, Tata,
• Bharti  Reliance and
• VSNL. 

What is a Tier 2 ISP? 

Tier 2 ISPs are service providers who connect between Tier 1 and Tier 3 Internet service providers. They are regional or country based and act like Tier-1 ISP for Tier-3 ISPs. Tier 2 ISPs are larger compared to Tier 3 ISPs and sometimes own their own cables and other network hardware. 

These ISPs do not cover the entire globe but still they need to reach a bigger network to allow a signal to reach to any place on Earth. Tier 2 ISPs buy services from Tier 1 ISPs which own intercontinental cables such as AT&T, Deutsche Telekom Global Carrier who will sell their services to Tier 2 ISPs. They provide coverage at regional level. Some of the ISPs in this category are

• Vodafone,
• Easynet,
• Jio,
• Airtel,
• BSNL

What is a Tier 3 ISP?  

Tier 3 ISPs are closest to end users and help them to connect to the Internet and charge them for their services. These ISPs work on purchasing models and they pay a cost to Tier 2 ISPs based on traffic generation. 

These ISPs don’t usually own hardware required for actual transmissions; they purchase connectivity from Tier 2 ISPs (also known as transit) . They provide local coverage. Some examples of Tier 3 ISPs are

• Comcast,
• Deutsche Telekom,
• Verizon wireless,
• MTNL,
• SITI cable,
• Spectra etc. 

Comparison Table: The Three Tiers of ISPs

Below table summarizes the key points of differences between the three tiers of Internet Service providers:

Download the comparison table: 3 tiers of ISPs

Continue Reading:

ISP vs VPN: Know the difference

ISP Terms & Terminologies

Nowadays, the 2 major gaming console types used extensively around the globe are

• Sony PlayStation
• Microsoft Xbox

NAT stands for Network Address Translation, which represents the ability to translate a public IP address to a private IP address, and vice versa. In PlayStation games, a key challenge is faced when connecting to other PS4 systems, especially when you are using the communication features, like the party chat. Hence, in order to understand issues of features not working, it is important to comprehend NAT types used in PS4 and Xbox. So, let’s start the journey –

PS4 (PlayStation 4) 

There are 3 types of NAT in PS4:

Type 1 (Open) – The PS4 system is directly connected to the Internet, and you should have no problems connecting to other PS4 systems. You are able to chat with other people as well as join and host multiplayer games with other PS4 gamers.

Type 2 (Moderate) – The system is connected through a router which is performing NAT function, and generally you won’t have any challenges. One key aspect of NAT Type 2 is that   router is well aware of your PlayStation system and is able to forward incoming packets on predefined ports to the PlayStation. Infact, due to this setup, connection requests from other players can be received by PS system. You are able to chat and play multiplayer games with some people. However, there is a chance that you might not be able to hear or play with others and can’t be chosen as the host of a match.

Type 3 (Strict) – The system is connected through a router and you may have problems related with the connection or voice chat. The reason is that Router is not able to forward PlayStation network ports or in one way we can say that UPnP is not working. The downside of Type 3 is that you are only able to chat and play multiplayer games with people who have a Type1. You are not able to be chosen as the host of a match.

Related – What is NAT Traversal?

Difference : PS4 NAT Type 1 vs 2 vs 3

Type 1	Type 2	Type 3
The system is connected directly to the Internet.	The system is connected to the Internet with a router. Generally it is positioned in DMZ Zone or UPnP is enabled.	The system is connected to the Internet with a router.
PlayStation is connected to the open Internet with no NAT configured on router or modem.	Your PlayStation is behind a router with NAT configured.	Your PlayStation is behind at least 1 router.
You are able to join and host multiplayer games with other people.	You are able to be the host of multiplayer lobbies	You are NOT able to be the host of multiplayer lobbies.
You are able to chat with other people.	You should have no limits on chat, video.	You WILL have limits on chat, video.

Download the comparison table here.

Xbox 

Xbox is a Microsoft product. Similar to the NAT types supported in PlayStation platform, Xbox also categorizes Network Address translation into following kinds – Open, Moderate, and Strict. Let’s understand these 3 variants in more detail –

• Open NAT –In this category, people can chat as well as join and host multiplayer games with people who have any NAT type on their network.
• Moderate NAT – In this case, people can chat and play multiplayer games with some people. Not be able to play with others and normally you won’t be chosen as the host of a match.
• Strict NAT – In this scenario, people can chat and play multiplayer games with people who have an OPEN NAT type. You are not chosen as the host of a match.

Difference: Xbox NAT Type 1 vs 2 vs 3

Open	Moderate	Strict
Your Xbox may or may not be behind a router.	Your Xbox is behind a router.	Your Xbox is behind at least one router.
If your Xbox is behind a router, then your router is aware of your Xbox and is forwarding incoming packets on predefined ports to your Xbox, usually 3074.	You might have UPnP partially working, where it may be forwarding some ports but not others	Your router is not forwarding incoming connection requests to the Xbox.
Your Xbox is able to receive incoming packets from the internet including connection requests from other players.	You might have some ports forwarded but not others.	You are NOT able to be the host of multiplayer lobbies.
You are able to be the host of multiplayer lobbies.	Your router might have a firewall that is blocking some packets but not others.
You should have no limits on chat, video.		You WILL have limits on chat, video.

Download the comparison table here.

Conclusion

NAT assigns your router an IP Address rather than each one of the devices. The 3 NAT types, with regards to gaming consoles/PCs, such as the PS3/PS4, or the Xbox 360/Xbox are Open (Type 1), Moderate (Type 2), and Strict NAT (Type 3).

The Moderate, Type 2 NAT as well as Strict (Type 3 NAT) limits connections for chat and video.

Strict/Type 3 NATs can only connect with other users having an Open/Type 1 NAT.

An Open/Type 1 NAT will provide the best connection quality, whereas Moderate and Strict NAT Type restrict the connections between a gaming console and PC.

Related – NAT Interview Q&A