Parsing Network Device Output Part 2: Status or Configuration?

Reading Time: 3 minutes A Brief Interlude In my first post in this series, I dove into utilizing Regular Expressions (Regex) to parse network device output. Before I continue with some of the other parsing options, I thought it would be worthwhile to post a short blog laying out some definitions that I’ll be relying on. Specifically I’ll be using them for delineation among the different parsing options and their use cases. At the heart of this problem, is that when interacting with traditional

Continue readingParsing Network Device Output Part 2: Status or Configuration?

Parsing Network Device Output Part 1: Regex

Reading Time: 4 minutes In the Beginning… Often when making their first steps into Network Automation, people may have an idea of what they want to do, but not exactly how to get there. For example, an engineer may want to simplify a single time-intensive task “Gather the SW version, serial numbers, and uptime from all of my Cisco ASAs.” However, upon getting the information, they’re unsure what to do with it or how to parse it and use it for something else. I’ve

Continue readingParsing Network Device Output Part 1: Regex

Cisco Certification Program Refresh

Reading Time: 3 minutes The Empty Blog One of the primary reasons I originally started this blog, was to use it for personal accountability with my Cisco certification progress. As I studied and understood a particular topic, I could write a blog article on that topic to cement it in my mind and share that knowledge with others. The complete lack of blog posts reflects about how well that plan went… I actually did complete my CCNP Security, and was in pursuit of my

Continue readingCisco Certification Program Refresh

#CiscoChampion 2019

Reading Time: < 1 minute Happy 2019 everyone! Since I was lucky enough to be selected as a Cisco Champion for 2019, I thought it was time to revive my zombie blog! I’ve got quite a few posts in the hopper, and will focus on not being such a perfectionist to posts that I don’t just hit that “Publish” button. Posts will be coming about: Network Security Network Programability Python Systems Architecture And more! Here’s to an exciting and educational 2019!

Testing ISAKMP with netcat

Reading Time: 6 minutes The Scenario In the course of my day to day job, I interact with VPNs on many devices (primarily IPSec VPNs on the Cisco ASA).  Often times the the simplest way to test an IPSec VPN is to fire up vpnc in a VM, change the config file as needed, and validate the connection. Sometimes though, you need to be more granular with your testing.  Perhaps the person controlling the other endpoint/peer is not in charge of the intermediate network, and you

Continue readingTesting ISAKMP with netcat

300-208 SISAS – What Is Cisco ISE?

Reading Time: 3 minutes In my earlier post about the Cisco 300-208 SISAS (Implementing Cisco Secure Access Solutions) exam, I gave a brief overview of the exam and listed the exam topics as laid out by the Cisco Learning Community.  However, I felt that these largely boil down to a few key concepts related to Cisco ISE (Identity Services Engine): Understand what ISE is. Understand why you might use ISE in a wired or wireless network. Understand what ISE does at a protocol level. Understand how ISE interacts with

Continue reading300-208 SISAS – What Is Cisco ISE?

The Elusive A+ Rating on SSL Labs

Reading Time: 6 minutes I often have to talk people off a cliff because of their website’s (sometimes perceived) vulnerabilities on Qualys’ SSL Labs testing site.  They have received an A- score for their site after running the tests, and see a few things in yellow.  Suddenly, they begin to believe that every villain on the web is now running amok with their data.  The truth of the matter is that if your SSL configuration is rating at an A-, that configuration is usually just fine.  Out of

Continue readingThe Elusive A+ Rating on SSL Labs

300-208 SISAS – How to Tackle the Beast

Reading Time: 2 minutes The best way to finish something, is to begin it.  So I decided I would begin my prep for the 300-208 SISAS (Implementing Cisco Secure Access Solutions) exam, by laying out my personal study plan against the exam topics, found here on the Cisco Learning Community. The exam topics are broken into five broad categories, and Cisco also gives a general indication of what percentage of the exam is on each topic: 1.0 Identity Management/Secure Access – 33% 2.0 Threat Defense – 10% 3.0

Continue reading300-208 SISAS – How to Tackle the Beast

CCNP Security – Halfway There

Reading Time: < 1 minute I am halfway towards my CCNP Security, and am finally gearing up to finish it.  When I completed the 642-618 FIREWALL and 642-648 VPN exams in the beginning of 2014, I was promptly sidetracked with the little things in life.  (Such as moving across the country, starting a new job, and finishing my BSIT at WGU.)  Knowing that the old CCNP Security exams had cycled out in April of 2014, I used Cisco’s CCNP Security Migration Path tool to validate that I was left

Continue readingCCNP Security – Halfway There