Google Cloud- How To Setup A Budget Alerts

  1. Login to Google cloud console https://cloud.google.com/console.
  2. Go to navigation menu and clock on Billing section menu.

Billing-Google

3. Now click on Budgets and alerts section

Budgets-Alerts

4.  Now create a Budget as mentioned below

Create-Budget

5. Give a name to your Budget, select a project and products according to the your requirement.

Create-Buduget-with-name

6. Click on Next button and mention a target amount.

Alert-Google

7.  Set a threshold rules for your target amount as mentioned below.

Budget-Alerts

8. Click Finish to complete your Budget Alerts. You can also choose A pub/sub topic if you already have it in your Google Project.

Creating Labels in Google Cloud

Google Cloud Labels:

  1. Creating Instance With Labels:

Command Reference:

gcloud compute instances create [instance-name] –labels key=value key-value

Example:

gcloud compute instances create test2 –zone us-central1-a –labels env=prod,owner=raghav,component=frontend

2.  List Existing Labels:

Command Reference:

gcloud compute instances describe [instance-name] –format ‘default(labels)’

Example:
gcloud compute instances describe test2 –zone us-central1-a –format ‘default(labels)’
      3. Update Existing Labels:

Command Reference:

gcloud compute instances update [instance-name] –update-labels key=value, key=value

Example:
gcloud compute instances update test2 –zone us-central1-a –update-labels owner=seshu, state=readyfordeletion

4. Remove Existing Labels:

Command Reference:
gcloud compute instances update [instance-name] –remove-labels key1, Key2

Example:
gcloud compute instances update test2 –remove-labels state

How To Fail over Traffic Between Checkpoint Cluster Firewalls:

Below steps explain how to perform a manual failover in Check Point cluster while maintaining full connectivity with each cluster member, keeping interference with cluster’s operations at a minimum.

1. Command to failover traffic from Active Checkpoint Firewall to Standby Firewall.

[Expert@ActiveFirewall]# clusterXL_admin down

2. Command to put it back traffic on active is

[Expert@ActiveFirewall]# clusterXL_admin up

 

 

Cisco ASA BASIC COMMANDS PART-2

1.  Display the number of active TCP and UDP connections, and provides information about connections of various type.

testasa# show conn

2. View all the connections through the appliance

testasa# show conn all

3. View overall connection counts

testasa# show conn count

4. View CPU Utilization

testasa# show cpu usage

5. View contents of the internal flash disk of the ASA

testasa# show disk

6. View operating information about hardware system components such as CPU, fans, power supply, temperature .

testasa# show environment

7. View information about Active/Standby failover status

testasa# show failover

8. View information about Interfaces, such as line status, packets received/sent, IP address

testasa# show interface

9. View maximum physical memory and current free memory

testasa# show memory

10. View software version, hardware configuration, license key, and related uptime data

testasa# show version

11. View NAT sessions

testasa# show xlate

CISCO ASA BASIC COMMANDS-PART-1

  1. To view the current configuration

              Ciscoasa# show running-config

2. Show the configuration which is stored on the device. This is the one which will be loaded if you reboot the firewall.

  Ciscoasa# show startup-config

3. Save the running configuration so it won’t be lost if you reboot.

ciscoasa# copy run start
or
ciscoasa# write memory

4.  Copy image file from TFTP to Flash of ASA

ciscoasa# copy tftp flash

5. Boot the firewall with new image

ciscoasa(config)# boot system flash:/asa964-k8.bin

6. Create a local user account and assign privilege level 15 which means administrator access

ciscoasa(config)#username ciscoadmin password adminpassword privilege 15

7. To change device host name

ciscoasa(config)# hostname test123
test123(config)#

8.  To configure Secure Management Access to the Firewall

ciscoasa(config)# crypto key generate rsa modulus 2048

9.  Configure Interface Configuration and Security Levels.

ciscoasa(config)# interface GigabitEthernet0/1
ciscoasa(config-if)# nameif DMZ
ciscoasa(config-if)# ip address 192.168.1.5 255.255.255.0
ciscoasa(config-if)# security-level 50
ciscoasa(config-if)# no shutdown

10. Allow SSH access only from host 172.10.1.10 from the “inside” interface

ciscoasa(config)#ssh 172.10.1.10 255.255.255.255 inside

11. Configure a default route via the “outside” interface with gateway IP of 20.1.1.1

ciscoasa(config)# route outside 0.0.0.0 0.0.0.0 20.1.1.1

12. Configure a static route via the “inside” interface. To reach network 192.168.5.0/24 go via gateway IP 192.168.5.10

ciscoasa(config)# route inside 192.168.5.0 255.255.255.0 192.168.5.10

13. Configure PAT for internal LAN (192.168.5.0/24) to access the Internet using the outside interface.

ciscoasa(config)# object network internal_lan
ciscoasa(config-network-object)# subnet 192.168.5.0 255.255.255.0
ciscoasa(config-network-object)# nat (inside,outside) dynamic interface

14. Configure PAT for all (“any”) networks to access the Internet using the outside interface

ciscoasa(config)# object network obj_any
ciscoasa(config-network-object)# subnet 0.0.0.0 0.0.0.0
ciscoasa(config-network-object)# nat (any,outside) dynamic interface

 

15. Configure static NAT. The private IP 192.168.5.1 in DMZ will be mapped statically to public IP 20.1.1.1 in outside zone.

ciscoasa(config)# object network web_server_static
ciscoasa(config-network-object)# host 192.168.5.1
ciscoasa(config-network-object)# nat (DMZ , outside) static 20.1.1.1

 

16. Configure static Port NAT. The private IP 192.168.5.1 in DMZ will be mapped statically to public IP 20.1.1.1 in outside zone only for port 80.

Ciscoasa(config)# object network web_server_static
Ciscoasa(config-network-object)# host 192.168.5.1
Ciscoasa(config-network-object)# nat (DMZ , outside) static 20.1.1.1 service tcp 80 80

17. Apply the ACL above at the “outside” interface for traffic coming “in” the interface

Ciscoasa(config)# access-group OUTSIDE_IN in interface outside

 

F5 BIG-IP Software and Hardware Support Matrix Details:

 

1. F5 BIG-IP Software Support Matrix URL and KB article:

https://support.f5.com/csp/article/K5903

2. F5 Hardware Lifecycle Support Policy URL and KB article:

https://support.f5.com/csp/article/K4309

3. F5 End of Life and End of Sale Index URL and KB article:

https://support.f5.com/csp/article/K11478

4. F5 hardware/software compatibility matrix URL and KB article:

https://support.f5.com/csp/article/K9476

5.  F5 BIG-IP Software Release Matrix URL and KB article:

https://support.f5.com/csp/article/K9412

 

How To Take Azure App Service Backup:

Procedure: 

  1. Login to the Azure console with your account.
  2. Go to All services > select App Services.
  3. Under the App services section existing web app details are mentioned below.

App-Service-2 

App-Service-3

3. Now go to home > App services > webapp (testwebappstest) > settings > click on backups tab.

Appservice-4

 

   5. Following two screenshots show the backup configuration page where we need to provide the details.

Backup storage –> Here we need to provide the details of the storage account and its storage container for placing the backups.

Backup Schedule  –> This is required for creating automated backups.

App-Service-4

6. First create a backup storage account and container to store web app service backups.

7. Go to Backup Storage > Backup Storage > configure storage settings as mentioned below.

App-Service-5

8. You need to create container under storage account as shown below (Make sure you selected same location where App service is created).

App-Service-6

9. Click ok and then create a container storage as mentioned below and call container storage in webapp backup configurations.

App-Service-7

App-Service-8.jpg

10. Now enable backup configurations as mentioned below according to your organization requirement.

App-Service-9

App-Service-10

11. Now you successfully enabled the backup for web app services.

 

 

 

 

Azure App Service Deployment Slot Configurations Changes:

Following settings are swapped between production and stage slots:

  1. General Settings – such a  framework version,32/64 bits and web sockets.
  2.  App settings.
  3. Connection Settings.
  4. Handler Mappings.
  5. Monitoring and Diagnostic settings.
  6. Public certificates.
  7. Webjobs content.
  8. Hybrid connections.

 Following settings are not swapped between production and stage slots:

  • Publishing endpoints.
  • Custom domain names.
  • Private certificates and SSL bindings.
  • Scale settings.
  • Webjobs Schedulers.

 

 

 

 

 

Azure App Service Plan:

An App Service plan defines a set of compute resources for a web app to run. These compute resources are analogous to the server farm in conventional web hosting. One or more apps can be configured to run on the same computing resources (or in the same App Service plan).

When you create an App Service plan in a certain region (for example, West Europe), a set of compute resources is created for that plan in that region. Whatever apps you put into this App Service plan run on these compute resources as defined by your App Service plan. Each App Service plan defines:

  • Region (West US, East US, etc.)
  • Number of VM instances
  • Size of VM instances (Small, Medium, Large)
  • Pricing tier (Free, Shared, Basic, Standard, Premium, PremiumV2, Isolated)

The pricing tier of an App Service plan determines what App Service features you get and how much you pay for the plan.

App Service Plan:

App-service