If you’re like me, then the best way to learn something new is to get your hands dirty. Get some lab gear, boot devices up, and try different scenarios. This is as true (if not more) with Cisco’s Next-Generation Firewall, Firepower (FirePOWER?) Threat Defense. Lucky for us, at least those…
-
-
Adjusting to Firepower Threat Defense
I wanted to do a quick post today about Cisco’s Firepower Threat Defense. As I’m sure most of you know, this platform is moving to (eventually) replace the ASA code we all know and love. It’s not quite there yet with some features missing that are keeping some from converting.…
-
Protect The LAN: IPv6 RA Guard
So while nerding on YouTube, one of my favorite YouTubers Quidsup did a demonstration of using Kali Linux to perform a pretty nifty denial of service attack against Windows 10. The attack has some minor caveats, but none the less is dangerous and relatively easy to pull off. It works…
-
Dynamic Site-2-Site VPNs with Cisco ASA
So let’s take a moment and assume your life is too easy, and you want to punish yourself. But how?! Here’s a way, let’s use the ASA for sites-2-site VPN. Even better, the spoke sites have be able to have dynamic IPs, and also need connectivity to other spokes. Also,…
-
How to Not Suck at Web Filtering: Cisco’s Web Security Appliance Part (2)
Write up coming soon..
-
How to Not Suck at Web Filtering: Cisco’s Web Security Appliance Part (1)
So I’ll start off by saying, configuring the WSA isn’t too terribly hard. What seems to be tricky, is getting all the components working together in a way that provides a seamless experience for users, while providing accurate reporting and filtering. In this two parter, I’m going to attempt to…
-
Jon’s Recipe for Encrypted Internet w/ ASA
Have you ever wanted to encrypt your entire home’s internet connection? Of course you have, don’t lie to yourself… you’ve at least thought about it. Now if you’re a PFSense user, you might go with purchasing service through Private Internet Access, and configuring your pfsense firewall to be an openvpn…
-
Traffic filtering on Lan-2-Lan VPNs (ASA)
So I know this isn’t my usual R&S blog post… but I continue to see just terribly stupid approaches to filtering traffic across Lan-2-Lan tunnels between ASAs. So this is my small contribution to end the stupidity. Before we get started, lets draw up a super basic diagram to work…