We really have to talk about GETVPN. Despite its drawbacks, I can’t seem to get it out of my head now and I’m constantly running through scenarios where using it might make sense. If you’re not too familiar with GETVPN, let me offer this high-level summary of the technology. GETVPN…
Video Only Post In this quick part two video, I cover some basic recommendations for organizing your access control policy and add a couple base rules in. I’ll also cover how we can create IPS policies, and apply them to access control entries, within our access control policy (ACP). As…
*UPDATE* After tinkering around with Spice and QXL VGA driver, I’ve found that increases performance exponentially as well. Update highlighted below. How I get a Windows guest running smoothly in GNS3 using virtIO drivers, sysprep, and creating a linked base. This can be especially useful for testing FirePOWER services, integrating…
If you’re like me, then the best way to learn something new is to get your hands dirty. Get some lab gear, boot devices up, and try different scenarios. This is as true (if not more) with Cisco’s Next-Generation Firewall, Firepower (FirePOWER?) Threat Defense. Lucky for us, at least those…
I wanted to do a quick post today about Cisco’s Firepower Threat Defense. As I’m sure most of you know, this platform is moving to (eventually) replace the ASA code we all know and love. It’s not quite there yet with some features missing that are keeping some from converting.…
So while nerding on YouTube, one of my favorite YouTubers Quidsup did a demonstration of using Kali Linux to perform a pretty nifty denial of service attack against Windows 10. The attack has some minor caveats, but none the less is dangerous and relatively easy to pull off. It works…
So that happened. Now, I know what some of you are thinking based on the title of this post alone. That’s fair. The truth of the matter is, 2yrs sneaks up on you (or at least snuck up on me) really fast. After I passed the lab in 2015, all…
Just thought that’d be worth sharing… I guess. CCIE Security studies have been consuming most of my time. However, I’m just about at the point where I can publish some stuff. I’ve had drafts for my FlexVPN with dynamic spoke-to-spoke tunnels sitting in draft for months now. So that’ll likely…
So let’s take a moment and assume your life is too easy, and you want to punish yourself. But how?! Here’s a way, let’s use the ASA for sites-2-site VPN. Even better, the spoke sites have be able to have dynamic IPs, and also need connectivity to other spokes. Also,…
Write up coming soon..