High availability (HA)
Its use for link synchronize data and maintain state
information, ICMP protocol used to exchange heart beat between HA peer.
Basically there two HA port, HA1 is called as Control
link and HA2 is called Data link.
Control Link (HA1)-
Its used to
exchange User-id information,Heartbeat, HA state information, hello &
management plan syn for routing.
The HA1 link work on
Layer 3 link.
Data Link (HA2)-
Its used for sync sessions, forwarding tables, IPSec
security associations and ARP tables between firewalls HA.
It is always work on unidirectional & it can be flows
from the active or active-primary firewall to the passive or active-secondary
firewall.
The HA2 link work on Layer 2.
Backup Links
It Providing redundancy HA1 and the HA2 links.
Primary deivce IP address & backup HA links should not overlap.
HA backup should be have different subnet from the
primary device HA.
Packet-Forwarding Link
Its addition of
HA1 and HA2 links which dedicated to HA3 link.
The firewalls use this
link for forwarding packets to the peer during session setup and asymmetric
traffic flow.
The HA3 link is support Layer 2 link that use for MAC
encapsulation. It does not support Layer 3 encryption.
VLAN HOPPING
Vlan Hopping – Is an attacker which connect Vlan
gain access to another Vlan.
There are two way accomplished-
Double tagging-
Attacker is connect interface as the native untagged
VLAN on the trunk on same VLAN interface.
Then attacker sends Packet in switch with tagged two
802.1Q, the Vlan tag which are in inside the packet is that vlan to reach the
destination. And Vlan tag outside is native vlan.
1st switch will remove the first native
vlan tag and move the packet to 2nd switch through trunk port. Now
attacker has access to victim vlan.
Switch spoofing-
Suppose attacker will send DTP packets & try
access in switch through trunk but it only possible when switch is in default
“dynamic auto” or “dynamic desirable”
Nice Information, helpfull to understand easily.
ReplyDeletethanks
It's simple and easy..
ReplyDelete