Technology: Network Security Area: Access and Identity Management Vendor: Cisco Software: ISE 3.0 Platform: ISE Virtual Appliance, ISE Physical Appliance When a RADIUS client (switch, firewall, AP controller, etc.) is prompted to communicate with a RADIUS server it must be defined as Network Access Device (NAD) on the RADIUS server (ISE in this case). Otherwise, all authentication attempts will […]
Technology: Network Security Area: Access and Identity Management Vendor: Cisco Software: ISE 3.0 Platform: ISE Virtual Appliance, ISE Physical Appliance Cisco ISE 3.0 AD integration ISE node must be added to domain as a host (computer) ISE node needs privileges to read LDAP / AD directory (needed for authentication) Need to have a user with privileges to add machines […]
Technology: Firewall Area: Routing and Switching Vendor: Cisco Software: Cisco Adaptive Security Appliance (ASA) Platform: Cisco ASA 5500, 5500-X Description: The Open Shortest Path First (OSPF) is an interior gateway routing protocol that uses link states for path selection and propagates link-state advertisements. OSPF uses a link-state algorithm to build and calculate the shortest path to all known destinations. […]
Technology: Firewall Area: Routing and Switching Vendor: Cisco Software: Cisco Adaptive Security Appliance (ASA), Firepower (ASA-OS) Platform: Cisco ASA 5500 Series, 5500-X Series, Firepower with ASA-OS Description: Enhanced Interior Gateway Routing Protocol (EIGRP) provides more control over the routes that are allowed to be sent or received and also allows the option of route redistribution configuring. Cisco ASA can redistribute routes […]
How to generate and enroll certificate on Cisco Firepower Management Center (FMC) for pxGrid connection between Cisco ISE and FMC
Technology: Network Security Area: Next Generation Firewalls Vendor: Cisco Software: 8.X, 9.X, FMC 5.X, 6.X, SFR module 5.X , 6.X Platform: Cisco ASA, Firepower Management Center VM Firepower Management Center installation steps 1. Deployment from OVF 2. Assign the hostname for VM 3. Choose the right ovf and vmdk files 4. Select […]
Technology: Network Security Area: Next Generation Firewalls Vendor: Cisco Software: 8.X, 9.X, FMC 5.X, 6.X, SFR module 5.X , 6.X Platform: Cisco ASA To redirect the traffic to the SFR (FirePOWER) module Modular Policy Framework (MPF) needs to be used. MPF is responsible for directing the production traffic to ASA FirePOWER modules which is […]
ASA Failover is intended for improving high availability of the firewall solution. ASA Failover technology uses 2 units in failover pair. We can configure Failover in two modes: Active Standby Failover Active Active Failover ASA Failover rules: Maximum of 10 ms Round Trip Time between units Each logical interface must be in same […]
Technology: FIREWALLS Area: VPN Vendor: CISCO Software: CISCO ADAPTIVE SECURITY APPLIANCE (ASA) , ASA-OS Platform: CISCO ASA 5500, 5500-X Cisco Anyconnect Secure Mobility Client is a software user-friendly application which creates a VPN tunnel with a VPN head end. Anyconnet by default uses SSL protocol to encrypt packets (can use also ikev2 / […]
Technology: FIREWALLS Area: Traffic restrictions Vendor: CISCO Software: CISCO ADAPTIVE SECURITY APPLIANCE (ASA), ASA-OS, 8.3+ Platform: CISCO ASA 5500, 5500-X BGP runs between routers in different autonomous systems (or the same and then it is called iBGP). BGP routing is supported in Active/Standby and Active/Active HA configurations. Only the Active unit listens on the […]