Security

Introduction to Wi-Fi Security Distributing data using wireless medium means that anyone can capture the signal. There is no boundary, like in case of cable communication, which prevents unwanted access. This means we must take other security measures. In this blogpost we will review current algorithms providing Wi-Fi security and we will take a sneak […]

Recently i was asked to advise in the following scenario: VPN tunnel between AWS VPC and Cisco IOS routers on DC prem. Nothing sophisticated but: Two ISR 4k, HSRP VPN redundancy, legacy crypto maps in production (several working vpns) and Static VTI (AWS). Two Crypto structures sourced from one HSRP. I have put the results on blog.

In this post we are going to focus on the scripts included in FTD and FMC operating systems that help to troubleshoot connections between FTD sensors and Firepower Management Center. As they are run from the “expert mode” (super user), it is better that you have a deep understanding of any potential impact on the […]

This post should help you to understand the Firepower sensor registration in FMC process and uncover the communication specifics between firepower components. I will also give you some additional hints what to check to verify the registration. In order to make troubleshooting easier there will be dedicated troubleshooting post later on.   1. High level […]

Cisco has stated that there is a vulnerability in Cisco IOS XE 16.X version (bug does not affect releases prior IOS XE 16.X)  that allows remote attacker to log in to the system with privilege 15 with default username cisco. This bug affects the platforms supported by IOS XE software, inter alia following:   Catalyst […]

Today I have privilige to announce our new Cisco ASA & ASA FirePOWER Services training agenda. In this post I will describe the agenda in detail and what you can expect from each training module. As you perhaps racall from short agenda posted on our training list, this training is a condensed meshup prepared specialy […]

Often, during meetings with clients, network engineers and security specialist there is following question posed: “What firewall product best suits their environment and which one is the best currently on the market?” Like almost always the answer could be “Well, it depends” …

  Technology combined training. We are announcing the Cisco ISE & Internet Edge 4 Days accelerated workshop. This is one-time training & the only one in the market. This is combined training for those who want to improve Cisco ISE troubleshooting and configuration skills as well as get familiar with BGP routing for Enterprise WAN […]

Many people wonder why good design and implementation of corporate LAN and Edge features is necessary. There are many answers to this simple question and among them, we require a good network to be least vulnerable to unwanted intrusions along with it to be able to support all our requirements. We have compiled a list which you […]

No matter the attack is original Petya worm or it’s modified version (already called NotPetya), the fact is that it hits biggest brands starting at Ukraine government, Chernobyl power station continuing with Raben, Maersk or St Gobain. So yes, it is disruptive. What we know so far and how we can try to prevent if […]