In this chapter, we looked at network security with Python. We used the Cisco VIRL tool to set up our lab with both hosts and network equipments of NX-OSv and IOSv. We then took a tour around Scapy, which allows us to construct packets from the ground up. Scapy can be used in the interactive mode for quick testing, once completed in interactive mode, we can put the steps a file for more scalable testing. It can be used to perform various network penetration testing for known vulnerabilities.

We also looked at how we can use both an IP access list as well as a MAC list to protect our network. They are usually the first line of defense in our network protection. Using Ansible, we are able to deploy access liss consistently and quickly to multiple devices.

syslog and other log files contain useful information that we should regularly comb through to detect any early signs of breach. Using Python regular expressions, we can systematically search for known log entries that can point us to security events that requires our attention. Besides the tools we have discussed, private VLAN and UFW are among the other useful tools that we can use for more security protection.

In the next chapter, we will look at how to use Python for network monitoring. Monitoring allows us to know what is happening in our network and the state of the network.