July 19, 2018

Category: Firewalls

KT Labs EP5 :: ACS to ISE Migration

In the video, I show you how you can leverage the ACS to ISE migration tool to migrate objects from ACS to ISE. As mentioned in the video, a few prerequisites need to be met, these are listed below. Prerequisites Direct connectivity to both the ACS and ISE platforms The correct version of ACS (see […]

Cisco ISE :: Adding Traditional Licenses

In this video, I demonstrate how to add traditional licenses to Cisco ISE. Note: This lab video uses Cisco ISE 2.3

DNS Sinkhole – What is it & Why do I need one?

In this post I will talk about DNS Sinkholing, what it is and how it can help you identify potentially infected machines. Useful in the fight against malware such as viruses, Ransomware and Crypto Jacking! What is DNS? Domain Name System – in very basic terms, the internet (and local networks) are all routed by […]

FortiGate :: HA Routed Failover w/ Session Failover

A recent requirement that came up was for there to be a redundant pair of firewalls, which allowed for session failover, configuration synchronisation and also maintain different external IPs and seperate BGP peering. A niche request, but something that was supported with FortiGates. Below details some configuration examples to achieve this. Config and Session Sync […]

Cisco :: Upgrade or Reimage Firepower 8300 Sensors?

Recently I was tasked with upgrading some new Firepower 3D8350 sensors which would later be stacked into a 3D8360. These devices were shipped with software version 5.4.0.1 and I had a customer requirement to upgrade the sensors to version 6.2. I would normally stack these devices and upgrade them using the FMC, however, I didn’t […]

KT Labs EP2 :: Getting Started with the ASA & ASDM

In this knowledge transfer session, I show you how to configure basic settings on the Cisco Adaptive Security Appliance (ASA) and how we can manage the ASA using the Adaptive Security Device Manager (ASDM). Please see the video below;   In the video, we couldn’t get outbound access to the Internet because of the GNS3 […]

CCIE Security v5 :: ICMP Redirects

Today I wanted to share my CCIE Security notes on ICMP redirect messages. ICMP Redirection is used to notify hosts that a better route is available for packets destined for a specific destination. This feature is available and enabled by default on all Cisco IOS releases but it is worth mentioning that there may be […]

Cisco :: Configure ASAv To Use Virtual Serial Ports

In this article, I will demonstrate how to configure the ASAv┬áso that you use a virtual serial port. This article assumes that you have installed the virtual Cisco Adaptive Security Appliance using VMware workstation or it’s equivalent and that you can only access the ASAv CLI via the VMware client. By default, the virtual serial […]

Cisco :: FXOS Authentication Using TACACS

In this article, I will describe how to enable authentication and authorization for Firepower eXtensible Operating System (FXOS) devices. The use case presented in this document illustrates how Cisco Identity Services Engine (ISE) can be utilised with attribute-value pairs (AV-Pairs) to authenticate and authorize users accessing the Firepower Chassis Manager (FCM) or FXOS platforms via […]

Cisco ASA :: Verifying ICMP Reachability on the ASA

If you’re a firewall engineer or work closely with the Cisco ASA then no doubt you will often find yourself troubleshooting and verifying reachability of packets on a network. One great feature that the ASA has to test reachability is the ‘packet-tracer’ command which when given an input will provide you with a very handy […]
Page 1 of 3123 »

Subscribe to SYNACK via Email