Monthly Archives: July 2017

Using Geolocation in Firepower Access Control Policies

The use of geolocation is fairly obvious in monitoring networks with Firepower Management Center. What may be less obvious is that Continents and Countries can also be specified as the source or destination of connections in an Access Control Policy. … Continue reading

Posted in Security | Tagged , | 2 Comments

Capture w/Trace in Firepower Threat Defense

A few days ago I wrote an article demonstrating the Packet Tracer feature for troubleshooting Firepower Threat Defense. Another very cool tool for troubleshooting is the Capture w/Trace Feature. The power of this tool comes from both capturing a PCAP file … Continue reading

Posted in Security | Tagged , | Leave a comment

What is FlexConfig in Firepower Threat Defense?

Earlier this year, Cisco released Firepower 6.2.0. With that release came a feature called FlexConfig. Someone is digging around the UI might not initially understand the purpose or function of this configuration option. A really quick answer to this is that … Continue reading

Posted in Security | Tagged , | 2 Comments

NSSA with Default Route vs Totally NSSA

A question recently came up on CLN about the differences of NSSA with a default route and a Totally NSSA area. The community member was asking if there even was a difference. This is a short example that demonstrates what the … Continue reading

Posted in invis | Leave a comment

The Real Need for Cybersecurity

According to the US Department of Homeland Security, “Our daily life, economic vitality, and national security depend on a stable, safe, and resilient cyberspace.” Digital infrastructure has infiltrated most aspects of our daily lives. When you start thinking about this in … Continue reading

Posted in Security, Technology | Tagged , | Leave a comment

Three Issues of Being a Part-Time Security Professional

In Information Technology, we commonly hear the mantra of “doing more with less.” That may sound great, and in some cases it can actually be beneficial. It obviously drives the requirement of streamlining performance and the simplification of processes. It … Continue reading

Posted in Security, Technology | Tagged , | Leave a comment

Using iTerm2 with Cisco VIRL

I love using VIRL to do quick self-check of a config, personal education, and learning the behavior of particular features. I also love using the iTerm2 Terminal Emulator on the Mac. Unfortunately, it isn’t obvious how to make the two play … Continue reading

Posted in Uncategorized | Leave a comment

Amazon Delivery, Not a Fully Implemented Process

Those of us who work in technology see the need to take expensive, time consuming and/or mundane activities and convert them to streamlined automated processes. Ideally we improve these to the point that they improve accuracy, provide a better experience and … Continue reading

Posted in Uncategorized | Tagged | Leave a comment

Packet Tracer in Firepower Threat Defense

I wanted to share a quick post on a feature that I have found incredibly useful on the ASA and has been extended to Firepower Threat Defense. The feature is called Packet Tracer and is an easy way to apply … Continue reading

Posted in Security | Tagged , | 1 Comment

Simple Python Script to Read from Device

There’s a lot of talk about network programmability and I recently had a simple use case that surfaced. The goal was locating a serial number in Cisco Devices. Basically, a script is required that will do the following. Process a … Continue reading

Posted in Uncategorized | 2 Comments