Reading Time: 3 minutes A Brief Interlude In my first post in this series, I dove into utilizing Regular Expressions (Regex) to parse network device output. Before I continue with some of the other parsing options, I thought it would be worthwhile to post a short blog laying out some definitions that I’ll be relying on. Specifically I’ll be using them for delineation among the different parsing options and their use cases. At the heart of this problem, is that when interacting with traditional
Reading Time: 4 minutes In the Beginning… Often when making their first steps into Network Automation, people may have an idea of what they want to do, but not exactly how to get there. For example, an engineer may want to simplify a single time-intensive task “Gather the SW version, serial numbers, and uptime from all of my Cisco ASAs.” However, upon getting the information, they’re unsure what to do with it or how to parse it and use it for something else. I’ve
Reading Time: < 1 minutes Happy 2019 everyone! Since I was lucky enough to be selected as a Cisco Champion for 2019, I thought it was time to revive my zombie blog! I’ve got quite a few posts in the hopper, and will focus on not being such a perfectionist to posts that I don’t just hit that “Publish” button. Posts will be coming about: Network Security Network Programability Python Systems Architecture And more! Here’s to an exciting and educational 2019!
Reading Time: 6 minutes The Scenario In the course of my day to day job, I interact with VPNs on many devices (primarily IPSec VPNs on the Cisco ASA). Often times the the simplest way to test an IPSec VPN is to fire up vpnc in a VM, change the config file as needed, and validate the connection. Sometimes though, you need to be more granular with your testing. Perhaps the person controlling the other endpoint/peer is not in charge of the intermediate network, and you
Reading Time: 3 minutes In my earlier post about the Cisco 300-208 SISAS (Implementing Cisco Secure Access Solutions) exam, I gave a brief overview of the exam and listed the exam topics as laid out by the Cisco Learning Community. However, I felt that these largely boil down to a few key concepts related to Cisco ISE (Identity Services Engine): Understand what ISE is. Understand why you might use ISE in a wired or wireless network. Understand what ISE does at a protocol level. Understand how ISE interacts with
Reading Time: 6 minutes I often have to talk people off a cliff because of their website’s (sometimes perceived) vulnerabilities on Qualys’ SSL Labs testing site. They have received an A- score for their site after running the tests, and see a few things in yellow. Suddenly, they begin to believe that every villain on the web is now running amok with their data. The truth of the matter is that if your SSL configuration is rating at an A-, that configuration is usually just fine. Out of
Reading Time: 2 minutes The best way to finish something, is to begin it. So I decided I would begin my prep for the 300-208 SISAS (Implementing Cisco Secure Access Solutions) exam, by laying out my personal study plan against the exam topics, found here on the Cisco Learning Community. The exam topics are broken into five broad categories, and Cisco also gives a general indication of what percentage of the exam is on each topic: 1.0 Identity Management/Secure Access – 33% 2.0 Threat Defense – 10% 3.0
Reading Time: < 1 minutes I am halfway towards my CCNP Security, and am finally gearing up to finish it. When I completed the 642-618 FIREWALL and 642-648 VPN exams in the beginning of 2014, I was promptly sidetracked with the little things in life. (Such as moving across the country, starting a new job, and finishing my BSIT at WGU.) Knowing that the old CCNP Security exams had cycled out in April of 2014, I used Cisco’s CCNP Security Migration Path tool to validate that I was left