Cisco SD-WAN PnP Onboarding

Cisco SD-WAN (formally Viptela) is quickly becoming the go to WAN solution for Cisco customers. As companies are looking to replace their aging DMVPN solution, Cisco SD-WAN has become the logical choice. Companies can stick with the same ISR platform running IOS-XE that they already know, and in some cases can upgrade their existing routers … Continue reading Cisco SD-WAN PnP Onboarding

Catalyst Monitoring on the Meraki Dashboard

You read that right! At Cisco Live this year they introduced the ability to add Catalyst switches to the Meraki dashboard. Finally a use for the unused DNA licenses! The switches are monitored in read-only mode, so you still need to manage the switches the old fashioned way, however Meraki's traffic analysis and troubleshooting tools … Continue reading Catalyst Monitoring on the Meraki Dashboard

No-NAT’s on HA ASA firewalls: How to break HA (Split Brain Active/Active)

Story Time! Last week I learned the hard way why you should not trust NAT conversion tools when dealing with No-NAT's on an ASA. To fully understand this story lets back up a bit and Ill give you the high level details. I have been working on a project for the last month or so … Continue reading No-NAT’s on HA ASA firewalls: How to break HA (Split Brain Active/Active)

Physical Security: Often Overlooked and Forgotten

When we think of security the image of firewalls, anti-malware protection, and the latest and greatest in network access control pops in our head.  With Cisco ISE servers providing NAC services, ASAs providing firewalling on our network edge, and AMP for Endpoints providing malware protection on our laptops we think we are secure.  But are … Continue reading Physical Security: Often Overlooked and Forgotten

Welcome to the Family: The Catalyst 9200 is Born

Three years ago Cisco introduced the Catalyst 9000 series switches as the next generation of campus switches.  Every Catalyst switch family had an equivalent 9K to replace it; the 3800s were replaced with the 9300, the 4500s were replaced with the 9500, and the long standing 6500 chassis switches were replaced with the 9400.  Cisco … Continue reading Welcome to the Family: The Catalyst 9200 is Born

Cisco Live 2019

This year Cisco Live was held in sunny San Diego. Between the breakout sessions, the walk-in labs, and an amazing performance by Weezer and the Foo Fighters, Cisco announced some new products and new certifications. Here is my list of some standout highlights from Cisco live: Certification Overhaul To those who have been tirelessly studying … Continue reading Cisco Live 2019

Moving Firepower Management Center: Dealing with Licensing Errors

Today I finally got around to re-configuring our Firepower Management Center (FMC) after we moved it from my companies data center to our head office (we were moving servers from a whole subnet over so we recreated the subnet here at the head office and moved the servers over like for like and without the … Continue reading Moving Firepower Management Center: Dealing with Licensing Errors

Deploying AMP for Endpoints

Recently I deployed Cisco’s AMP for Endpoints for a 50-user organization.  For the uninitiated, AMP for Endpoints is Cisco’s cloud based, enterprise grade, advanced malware protection software that is deployed to each end device in the network.  Each endpoint reports back to the central cloud controller and is managed by the controller.  Cisco integrated AMP … Continue reading Deploying AMP for Endpoints

Explanation of Access Control Lists

Currently I am working on a project where I am going through and optimizing a large set of Access Control Lists (ACL) on a set of 5585 Firewalls.  While going through these massive lists I have noticed a few mistakes other engineers have made while configuring these rules.  I figured I might as well write … Continue reading Explanation of Access Control Lists