I’ve implemented plenty of ASA 5525-X firewalls with the integrated IPS software module. While the legacy Cisco IPS module does what it’s intended to do, it leaves a great deal to be desired in terms of customization and usability. That’s why I’m very excited to try out Cisco’s new ASA with FirePOWER services. This is the SourceFire implementation when Cisco bought them back in mid-2013. SourceFire was at the top of their game when Cisco bought the company out for $2.7 billion. So it will be very exciting to see how it turned out. NSS Labs performed preliminary testing and found that the ASA/SourceFire combo was more affective at stopping malware than any other vendor including Fortinet and Palo Alto. Looks like good times ahead for Cisco network security in 2015!
I ran into an issue when troubleshooting with Cisco TAC which required I take some packet captures using a SPAN port off a Cisco switch using Wireshark. Wireshark is the de-facto packet capture program out there. It’s free, powerful and it works really well. I’ve never had a problem with it until recently. And in all fairness, it wasn’t a problem with Wireshark, but with the AV software installed on my Windows laptop. If you find yourself taking captures and only seeing the initial Syn or Ack coming back…and you have ESET security on your laptop like I did, then you will find this useful. First, disable your ESET protection completely. You’ll need an administrative password for the software to do so if you are in an enterprise environment.
If you’re like me, I always forget the command needed to see hashed passwords on Cisco ASA’s. This is especially useful when you’re making changes to VPN tunnels. In any case, here is the command you need:
If you’ve been having problems with getting Java 7 applications to run while connected to Cisco Anyconnect version 3.0 or 3.1 you’re not alone. There is an issue with how Java 7 handled IPv6 that causes it not to run within the VPN tunnel. Fortunately, there are some workarounds.
I was recently at a remote site trying to bring up a site-to-site connection between a Cisco IOS router and an ASA firewall. Everything was working properly except for IKE phase 1 and 2 proposals. When you get mismatches on either of these two phases, the tunnel won’t come up and it can be confusing to know what part of the IOS configuration is IKE phase 1 and what part is phase 2. Hopefully, I’ll be able to sort this out for everyone.
WiFi is easy — as long as you have the wireless spectrum all to yourself. For most, people’s experience with WiFi is simply a matter of going to their local Best Buy, buying a consumer grade wireless router and plugging it in at home. If they live in a suburban area where the houses are fairly separated, these people really don’t have much to worry about in terms of interference.
I admit, I do play FarmVille from time to time. Interestingly, the more I play the farm management game, the more I see resemblance to my real-life career as a network administrator. The joy of starting a small network often times into a nightmare and headache if you do not manage your infrastructure for growth.Â To give you an idea of what I mean, read the following FarmVille story and interchange the farming words with networking terms:
Network World recently posted an article stating that a researcher at Air Tight Security found a vulnerability in WPA2 Enterprise encryption. They are referring to the vulnerability as hole 196 because the vulnerability was discovered on page 196 of the 802.11 IEEE standard. Keep in mind that WPA2 is regarded as the most secure Wireless encryption method available today. So this is big, big news. Right? Well, maybe not.
This week is the start of Cisco’s largest IT and communications conference called CiscoLive!. This used to be known as Cisco Networkers but the name changed a few years back. The conference is where network engineers from all over the world gather in Las Vegas Nevada(this year) to receive training from Cisco as well as to talk to other engineers about news, trends and technology.Â If you’ve never attended, it truly is an experience.Â This year, Cisco is touting the “virtual” experience.Â My vote is to always go in person.Â After all, it is VEGAS!Â One bonus this year is that you get to experience the excitement that is the 2010 World Cup in any of the dozens of sports books within walking distance of the Las Vegas Convention Center.Â I remember placing a few wagers back in 2006 myself.Â Remember, you can’t be a network geek 100% of the time…can you?!