Posts
As part of the CCNP Security 300-206 (SENSS) - I have found interesting topics along the ways and this one catches my attention. So here is a quick high-level overview + some configuration examples on IP TCP Intercept What TCP Intercept is looking to prevent? This feature looks to prevent Denial of Service Attacks, by limiting incomplete connections to a host, in this case, a Web Server could be a good example.
Where do we begin with this one? - Here is your ticket and before you go to the next section of this post, make sure you have a quick answer. The Ticket/Challenge **Trying not to call it a problem! Your client needs to move from a Datacenter to a new location. You need to move the CUCM Publisher and be able to do it also by changing the IP address, with minimum service impact as possible
Few weeks have gone by and I have not written anything for a while **But I still have lots of Drafts in the works. Job has been a bit busy this time of the year so that’s my excuse and I will stick to it :) If you are a UC and Collaboration engineer, you may have under your sleeve few cool solutions to backup your Apps. Well, I have a few too, and I used to crash a lot with the FREE SolarWinds app. But for some reason, this app sometimes fails.
A quick and short post just to advice MAC users to change their root Password as soon as possible The issue A quick excerpt of the newly discovered vulnerability - Credit KrebsonSecurity - MacOS High Sierra Users: Change Root Password Now A newly-discovered flaw in macOS High Sierra — Apple’s latest iteration of its operating system — allows anyone with local (and, apparently in some cases, remote) access to the machine to log in as the all-powerful “root” user without supplying a password. Fortunately, there is a simple fix for this until Apple patches this inexplicable bug: Change the root account’s password now
Ok, I’m going to give this one a try, and hope all readers help me keep myself honest on this one. Initially, the title of this Post was based on CCNP Security and Cisco Prime Infrastructure Security Use Cases. So I have been looking for some Security use cases with Cisco Prime Infrastructure, and I think I found some based on correlation and other important things the tool has to offer.
Picture this, you have been given a provisional WAN circuit using a T1, or multiple, in this particular use case; The provider is connecting you to its MPLS network, which provides you with an MPLS WAN address, an Internet WAN address. This is simple for many out there, but it was not for me until not too long ago. I realize that in all of my turn ups I have been given an ethernet Hand off, and from there is just making a “Routing on a Stick” configuration and I will be calling it a day.
A quick video on how to install Cisco ACS Version 5.8 Here are the VM Requirements: Minimum Requirements CPU 2 CPUs (dual CPU, Xeon, Core2 Duo or 2 single CPUs) 2 GHz CPU speed Memory 4 GB RAM Hard Disk A minimum of 60 GB is required. Maximum storage is up to 750 GB. Note: ACS partitions the available disk space automatically during the installation process. Note: It is recommended that you allocate the hard disk size to be greater than 500 GB for the secondary instance, which acts as a log collector.
To all visual learners, like me, and to the ones that need to do the stuff in order to learn. Also for the love of virtualization, I thought it will be a good idea to include videos and demonstrations on how things could be done. The Video https://youtu.be/XSsrW1gFx3A The Content This is just going over the installation of an ASAv and a CSR1000v What will be next? There will be some more content on the installation of ACS, hopefully, sooner than later
Looking at the Objectives and the Exam topics, I found something that I was not entirely familiar and decided to take a look at it. At this point, I’m not sure if Cisco Security Manager is still something that is worth taking a look at or a product that is widely used by Security professionals in the field. I asked around with a few colleagues and all of them agreed that CSM was already faced out by other tools, like Cisco Firepower Management Console and even other third-party integrations out there.
So like anything else, is just very hard for me to begin something without first coming up with a plan, so I decided to treat this as a project, with planning and designing included into it. The main constraint you may ask if any? Time, so time is valuable and the day of my first exam approaches very quickly, I have been doing lots of studying so far and also labs here and there, also I’m very familiar with the topics on SENSS, so hopefully, I can knock it down with no problems. But this time is different, I want to share all the ride with the people that read this blog.
