Reading Time: 3 minutes A Brief Interlude In my first post in this series, I dove into utilizing Regular Expressions (Regex) to parse network device output. Before I continue with some of the other parsing options, I thought it would be worthwhile to post a short blog laying out some definitions that I’ll be relying on. Specifically Iâ€™ll be using them for delineation among the different parsing options and their use cases. At the heart of this problem, is that when interacting with traditional
Reading Time: 4 minutes In the Beginning… Often when making their first steps into Network Automation, people may have an idea of what they want to do, but not exactly how to get there. For example, an engineer may want to simplify a single time-intensive task “Gather the SW version, serial numbers, and uptime from all of my Cisco ASAs.” However, upon getting the information, they’re unsure what to do with it or how to parse it and use it for something else. I’ve
Reading Time: < 1 minutes Happy 2019 everyone! Since I was lucky enough to be selected as a Cisco Champion for 2019, I thought it was time to revive my zombie blog! I’ve got quite a few posts in the hopper, and will focus on not being such a perfectionist to posts that I don’t just hit that “Publish” button. Posts will be coming about: Network Security Network Programability Python Systems Architecture And more! Here’s to an exciting and educational 2019!
Reading Time: 6 minutes The Scenario In the course of my day to day job, I interact with VPNs on many devices (primarily IPSec VPNs on the Cisco ASA). Often times the the simplest way to test an IPSec VPN is to fire up vpnc in a VM, change the config file as needed, and validate the connection. Sometimes though, you need to be more granular with your testing. Perhaps the person controlling the other endpoint/peer is not in charge of the intermediate network, and you
Reading Time: 3 minutes In my earlier post about the Cisco 300-208 SISAS (Implementing Cisco Secure Access Solutions) exam, I gave a brief overview of the exam and listed the exam topics as laid out by the Cisco Learning Community. Â However, I felt thatÂ theseÂ largely boil down to a few key conceptsÂ related toÂ Cisco ISE (Identity Services Engine): Understand what ISE is. Understand why you might use ISE in a wired or wireless network. Understand whatÂ ISE does at a protocol level. Understand how ISE interacts with
Reading Time: 6 minutes I often have to talk people off a cliff because of their website’s (sometimes perceived) vulnerabilities onÂ Qualys’ SSL Labs testing site. Â They haveÂ received an A- score for their site after running the tests, andÂ see a few things in yellow. Â Suddenly, they begin to believe that every villain on the web is now running amok with their data. Â The truth of the matter is that if your SSL configuration is ratingÂ at an A-, that configuration is usually just fine. Â Out of
Reading Time: 2 minutes The best way to finish something, is to begin it. Â So I decided I would beginÂ my prep for the 300-208 SISAS (Implementing Cisco Secure Access Solutions) exam, by laying out my personalÂ study plan against the exam topics, found here on the Cisco Learning Community. The exam topics are broken into five broad categories, and Cisco also gives aÂ general indication of what percentage of the exam is on each topic: 1.0 Identity Management/Secure Access -Â 33% 2.0 Threat Defense – 10% 3.0
Reading Time: < 1 minutes I am halfway towards my CCNP Security, and am finally gearing up to finish it. Â When I completed the 642-618 FIREWALL andÂ 642-648 VPN exams in the beginning of 2014, I was promptly sidetracked with the little things in life. Â (Such as moving across the country, starting a new job, and finishing my BSIT at WGU.) Â Knowing that the old CCNP Security exams had cycled out in April of 2014, I usedÂ Cisco’s CCNP SecurityÂ Migration Path toolÂ to validate that I was left