How to Migrate Existing DNS Server to F5 BIG IP DNS

 1) Do the Initial configuration of F5 BIG IP DNS such as Listner, DNS Profile and Self IP's.

2) Use the different IP address on the F5 BIG IP DNS Server compared to the existing DNS Server

3) Perform the Zone transfer between Existing DNS Server and F5 BIG IP DNS Server ( F5 BIG IP DNS Server is acting as Secondary Authoritative DNS Server)

4) Disable the self IP address on the F5 BIG IP DNS Server

5) Make the F5 BIG IP DNS Server ( Secondary Authoritative DNS Server) as the same IP address as Existing Authoritative DNS Server

6) Decommission Existing DNS Server and Enable the self IP address on the F5 BIG IP DNS Server

Best Regards,

Kareem

Read More

Introduction to Software Testing

--> Most software development projects consists of multiple teams, with each team is responsible for developing specific function of a software

--> They work together to create a full software application 

--> Software testing should be a comprehensive process that examines everything from the induvidual functional components to the integrated functional system

1) Unit Testing : 

--> Testing individual functions/ components of an application

--> Performed by a software developer

--> It comes under White Box Testing

--> Testing done at the initial stages of software development

2) Integration Testing:

--> Focus on testing group of software functions of an application

--> Performed by testing teams and development teams

--> It comes under Black Box Testing and White Box Testing

--> Testing done after the Unit Testing

3) Interface Testing: 

--> Interface Testing verifies components/functions connected between software systems and working together

--> Use Case of Interface Testing is verifying the connectivity between Web Server and App Server or App Server and DB Server

--> It comes under Black Box testing

--> Performed by testing teams

--> Done after Integration and Unit Testing

4) System Testing:

--> Focuses on testing whole software application and covers both functional and non-functional testing

--> Done after Integration and Interface testing

--> Performed by testing teams

--> It comes under Black Box testing

Read More

What is UEBA Solution?

 --> UEBA stands for User and Entity Behavioral Analytics.

--> User and entity behavior analytics (UEBA) is one type of cyber security solution that identifies internal threats in the organization by monitoring user and device activity that deviates from the baseline.

--> User and Entity Behavior Analytics uses behavior analysis to monitor user activities and infrastructure entities (ex. Network Devices, Infrastructure Devices, enterprise applications, IoT devices, and so on).

--> The UEBA Solution basically works by establishing a baseline of behavior, issuing alerts for anomalous behavior, and then the cybersecurity team will take over and conduct an investigation.

--> You might be wondering what is the difference  between SIEM and UEBA. SIEM mainly focuses on collecting logs from all the devices and then correlating the logs to identify threats, Whereas UEBA mainly focuses on identifying threats based on user and entity behavior.

--> Now a days, most of the SIEM solutions such as Logrythm, Splunk, and IBM QRadar are coming with the inbuilt UEBA feature or as an extension to the SIEM solution.

--> UEBA systems can detect insider threats, malware, and advanced attacks by applying machine learning and behavioral analytics to users, machines, and entities.

--> In order for UEBA to work, It analyzes many log sources, as below, to establish the baseline:

i) IPS logs

ii) Endpoint/system logs

iii) Network Device Logs

iv) EDR logs

v) Authentication logs

vi) Threat Intelligence Logs

--> Once the UEBA collects the above information, it creates a baseline and risk score for each user and device. If any deviation occurs from the baseline, then the risk score of the device or user is increased.

--> Once the score crosses some defined value, an alert is generated in the UEBA solution, which will later be investigated by the cybersecurity team.

--> Following are the use cases and benefits of the UEBA Security Solution:

i) The ability to accurately detect compromised user accounts and malicious insiders by identifying abnormal behavior

ii) The ability to monitor user activity and device activity in Enterprise Networks as well as in the cloud

iii) Protection against zero-day attacks as the UEBA solution does not rely on signatures to detect threats

iv) The ability to detect non-malware-based attacks

Read More