June 22, 2018

Category: CCIE Security Notes

CCIE Security v5 :: ICMP Redirects

Today I wanted to share my CCIE Security notes on ICMP redirect messages. ICMP Redirection is used to notify hosts that a better route is available for packets destined for a specific destination. This feature is available and enabled by default on all Cisco IOS releases but it is worth mentioning that there may be […]

Cisco ASA :: Verifying ICMP Reachability on the ASA

If you’re a firewall engineer or work closely with the Cisco ASA then no doubt you will often find yourself troubleshooting and verifying reachability of packets on a network. One great feature that the ASA has to test reachability is the ‘packet-tracer’ command which when given an input will provide you with a very handy […]

Cisco ASA :: Object NAT

In this video demonstration, we take a look at Object NAT and how it can be used to map hosts statically.    

CCIE Security v5 :: TCP Interception

This article accompanies the demonstration video I have created below. TCP interception is a CCIE Security version 5 blueprint topic. What is TCP interception? TCP interception is a method used to protect against TCP SYN-flooding attacks. This is achieved by intercepting TCP connection requests (SYN packets) and verifying the connection before passing the original TCP SYN packet […]

CCIE Security v5 :: ASA Packet Processing Post 8.3 Code

In this article, I will share my notes on the ASA packet process for version 8.3+. Domain 1.0 off the CCIE Security version blueprint focuses on perimeter security and intrusion prevention, both of which include the ASA. In order to understand the ASA and how it works, it is important to understand how packets are processed […]

CCIE Security v5 :: Adding Remote FTD Device To The FMC

In this article, I wanted to demonstrate how we can add a Firepower Threat Defence appliance to an FMC located at another site. Let’s take a fictitious scenario to provide some context to why and how we configure the FTD device the way we do. Scenario Currently Synack Corp has one Firepower Management Center (FMC) […]

CCIE Security v5 :: Adding Devices to FirePOWER Management Center (FMC)

This article is intended to cover some of the topics listed within the ‘Perimeter Security and Intrusion Prevention’ section of the CCIE Security v5 blueprint. This article focuses on configuring compatible devices to be managed by the FirePower Management Center (FMC). It is assumed that devices are already installed and you have access to the FMC […]

CCIE Security v5 :: TrustSec Notes

Notes taken below are not exhaustive and can/will be updated if required. This is the first of many posts to come, where I share my CCIE Security v5 study notes. All posts are open for discussion, so feel free to add something you may have come across if related to the topic. What is TrustSec? IETF […]

CCIE :: Starting my CCIE Journey

I have been so busy over the last few months, I haven’t had much chance to post about certifications and my progress so I wanted to start by giving you a brief update. Over the last few months I have obtained my CCNA Security and more recently my CCNP Routing & Switching certification. It’s not been easy, […]

Subscribe to SYNACK via Email