It never was. At some point in the last decade, the network and security operations industry collectively decided that the problem was visibility, and that the solution was dashboards. If you could just see everything, in one place, you could fix anything faster. So we built dashboards. We bought tools that promised a single pane…… Continue reading The Dashboard Isn’t the Answer
Author: malb9001
My First Tech Field Day: Notes from the Edge of the Wave
Actual image of my brain after AIFD8. The TFD Experience About a week ago I attended my first Tech Field Day event, specifically AI Field Day 8, and I’m still processing it. I’ve been to many technical conferences: I’m a regular at Cisco Live, attended VMware events, Microsoft TechEd back when that was a thing,…… Continue reading My First Tech Field Day: Notes from the Edge of the Wave
Entering Commands Through the FTD CLI
We all know the architecture of the (cd)FMC-managed FTD prevents you from making local device changes via the CLI – or does it? Technically, yes, however where there is a will, there’s a way. This is one way I have used to consistently add configuration changes to the FTD via CLI. The basics rely on…… Continue reading Entering Commands Through the FTD CLI
The Work That We Do
The work that we do, most of the time, is unseen and thankless. It is the stage lighting for the actors, the underside of the tapestry, the foundation upon which the auditorium rests.The work that we do is the underpinning of our entire modern society, ignored by most until there is an issue and generally…… Continue reading The Work That We Do
Profiling Wired Endpoints without 802.1x or MAB using IBNS2.0
One of the first steps to designing and deploying ISE (or any NAC solution) is to gain visibility and understand what is actually out there connecting to your network, so you can design your policy and understand the impact of enacting it.For some types of endpoints, this is relatively easy (i.e. Windows laptops), but for…… Continue reading Profiling Wired Endpoints without 802.1x or MAB using IBNS2.0
CCIE: No Longer TBD!
Around 11:00pm last night, I got the email that my score report was ready. I had felt okay leaving the lab center, MUCH better than the first attempt, but tried to keep my expectations in check and be ready to plan round 3 if I failed again.I cannot even begin to describe the emotional wave…… Continue reading CCIE: No Longer TBD!
Study Notes – DHCP Server, Relay, and Snooping
This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !——————————–! ! IOS DHCP server, Relay Agent ! ! and DHCP Snooping ! !——————————–! ! !In this topology we will configure R5 to act as a DHCP server for two networks: ! 10.10.100.0/24…… Continue reading Study Notes – DHCP Server, Relay, and Snooping
Study Notes – IOS Zone-Based Firewall
This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. ZBFW troubleshooting – https://www.cisco.com/c/en/us/support/docs/security/ios-firewall/117721-technote-iosfirewall-00.html Note about self-zone – https://community.cisco.com/t5/security-knowledge-base/zbfw-self-zone-integration/ta-p/3154572 !—————————–! ! IOS Zone-based Firewall ! !—————————–! ! ! Lets configure a ZBFW with the following arbitrary requirements: ! !1. all inside hosts must…… Continue reading Study Notes – IOS Zone-Based Firewall
Study Notes – IKEv1 Tunnel Through an ASA with NAT-Traversal
This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !—————————! ! IKEv1 tunnel Through ! ! an ASA with NAT-T ! !—————————! ! !here we will configure a basic GREoIPSec tunnel between two routers through an ASA, but one of the routers…… Continue reading Study Notes – IKEv1 Tunnel Through an ASA with NAT-Traversal
Study Notes – IOS-to-IOS VPN Through an ASA
This is a post in a series of “stream-of-study” content where I post loosely-structured notes taken while labbing various scenarios and technologies. !———————————! ! IOS Router VPN through an ASA ! !———————————! ! !in this setup we will configure an IOS to IOS VPN which must pass THROUGH an ASA without NAT, where we need…… Continue reading Study Notes – IOS-to-IOS VPN Through an ASA
CCIE #TBD 