Wassim

Every now and then I read an article about the value of Cisco certifications, and how they are declining over time. Depending on whether the question is from a perspective of advancing in career through another Cisco cert, or from the perspective of choosing a network certification between Cisco and another vendor. The question can have two or more logical answers. If I had to start from scratch once again and study for a Cisco certification, I would consider this set of thoughts before engaging in the cert journey. Is the Cisco certification relevant to my job? In the previous CCNP Security curriculum for example, we had an exam for each Cisco security product: one for ASA, one for VPN, one for ISE, etc. You get the idea. So if you work with Fortinet or Juniper instead most of the time, those Cisco security certs won’t be as much of value as you think. But, one of the reasons that Cisco certifications are in constant demand, is that Cisco continuously adapts its exams to the ma...

In this lab we are going to configure a clientless SSL VPN using Cisco ASA firewall. The topology layed out here is based on the suggested lab in the official Cisco training IINS. We are going to build a clientless SSL VPN between Internet-PC and Site1 resources. We’ll configure the whole thing using the Clientless SSL VPN wizard on ASA. First, from the ASDM software go to Wizards -> VPN Wizards -> Clientless SSL VPN Wizard . The SSL VPN Wizard launches. Click Next: Give a name to your Connection Profile: Under SSL VPN Interface , choose the interface “outside”: Leave the field Certificate to “None”. Notice that there is the possibility to use a self signed certificate. But I am not going to demonstrate it here. Give an alias to your Connection Group then click Next: At this point we must define some credentials. These are the ones ASA is going to check the inbound connection request against. Similar to the authentication we configured in the past...

This post contains my notes on the Cisco Webcast title “The Network as Security Enforcer”. The webcast was broadcast on June 30th 2015. The network can be leveraged as an attack detector, or a security enforcer. It can be configured to watch out for threats and, if an attack occurs, it can protect itself from future threats. To be able to prevent attacks, we must see network traffic by device and by user. We must see what type of traffic is crossing our network. What can the network do for us? detect anomalous traffic flows detect application usage and access policy violations detect rogue devices, APs and other What tools can we use to detect that? Netflow : can be leveraged as a forensics tool. Netflow collects raw data that can contain attack signatures. Use Netflow to establish the normal behaviour of the network can be coupled with ISE to answer questions such as “who?, what?, when?,…” Lancope StealthWatch : provides alarming and notifications TrustSec What can th...

There is a useful command that every network administrator needs to know on Cisco IOS, which is default interface . This command resets the interface to its default settings, in case you face a networking issue or you don’t understand what’s going on after you made an interface configuration change. To run the Cisco default interface command: Place yourself at the global configuration level, issue the following command: default interface {interfaceID}. Here is an example of running the default interface command on a Catalyst 6500 switch. Beware that, in the case of a Catalyst 6500 switch, setting an interface back to its default configuration makes it a L3 interface back again! See the no switchport under the interface.