Category Archives: Cisco

Cisco CCNA Cyber Ops completed!

2 months in a rush was what i needed to finish my CCNA Cyber Ops, it’s composed by 2 exams:

  •  210-250 SECFND
  • 210-255 SECOPS

The e-learning was part of the Cisco scholarship, so i had all materials required to learn what was required for each exam. The SECOPS exam it was a bit more difficult due his nature of different language.

 

210-250 SECFND

This exam understand common security concepts, and start to learn the basic security techniques used in a Security Operations Center (SOC) to find threats on a network using a variety of popular security tools within a “real-life” network infrastructure.

Course Objectives

Upon completing this course, students will be able to:

  • Describe, compare and identify various network concepts
  • Fundamentals of TCP/IP
  • Describe and compare fundamental security concepts
  • Describe network applications and the security challenges
  • Understand basic cryptography principles
  • Understand endpoint attacks, including interpreting log data to identify events in Windows and Linux
  • Develop knowledge in security monitoring, including identifying sources and types of data and events
  • 210-250 SECFND

 

 210-255 SECOPS

This exam focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

Course Objectives

Upon completion of this course, you will have the skills and knowledge to:

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat-centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identify malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC metrics
  • Understand SOC workflow Management system and automation

CLEUR Barcelona 2018 Day 5

It was a quick intro to the portfolio, covering the Host Discovery, Traffic Flow Processing and SSL Decryption.

BRKSEC-3455 Dissecting Firepower – FTD & Firepower- Services “Design & Troubleshooting”

How to rock a Firepower installation and troubleshooting it like a Rock star, presented by one TAC Engineer Leader. Learned some best practices and corner cases made my last session at Cisco Live.

Pack up everything and go back to London sadly, i would make another week of CLEUR easily!

See you next year at CLEUR Barcelona 2019!!!

CLEUR Barcelona 2018 Day 4

I’ve been learning about BNG for a while, and this was interesting to see how Cisco is evolving the Product and Market on this area.  Met  the Marketing Engineer and the Product Manager, lovely guys by the way.

BRKCLD-2280 MultiCloud Deployment of Self Operating Applications Using Cisco CloudCenter and AppDynamics APM

I’ve been playing for a while with CloudCenter (CC) and done some cool demos with F5 integration using API’s called callout scripts in CC. Bundling CC and AppDynamics have a lot to offer, and there is no dependency between them.

Cisco Live’s Walk-in Self-Paced (WISP)

This area is a must for all the attendees, you will be able to have hands-on at some demos which are not available at Cisco dCloud, don’t lose this opportunity to learn more and have fun.

Cisco Certified Design Expert (CCDE) Exam

Yes, i did a go on the Written exam. Oh boy….i was really close to it, got 785 of 860
It was was a really good assessment, now i know what i have to cover for my next attempt.

Party time

Cisco Live is not only sessions , networking and geeks!

We know how to do an Epic Party!

https://www.youtube.com/watch?v=TrVz-ESsr44

CLEUR Barcelona 2018 Day 3

BRKDCN-2489 Cisco SD-Access – Integration with Data Center Architectures

SD-Access is primarily Campus focused, an overlay technology which allow the user to have the same user experience anywhere but the exciting part is the ball is moving to the Data Center edge exchanging policies with the Cisco ACI. It seems going to cover the gap we have these days not replicating the Policies between Campus and Data Center but ultimately i hope across the entire state.

PSOSEC-2559 The Integrated Cisco Security Portfolio for a more effective security posture

A different view how we should see the security, embracing it, adopting new paradigms, simplify it, do less for more. Everyone is protecting the perimeter, that is the actual plan. Do you have a plan after got hit? Isn’t also important?

CLEUR Barcelona 2018 Day 2

Configit was quite challenging for me specially the config on the IOS-XR, because i do not touch on this for a long time. To me it looks much more structured in a sense of the config than the IOS family

Special tank you to Lizabete Cacic, Lukasz Bromirski and team

I If you want the LAB/docs let me know

CLEUR Barcelona 2018 Day 1

A very exciting first day with swags, Cisco Champion giffs, and do networking with really nice people about new trends and challenges in the industry.

TECCCDE-3005 CCDE:The Cisco Certified Design Expert

I was really looking forward to have the session CCDE: The Cisco Certified Design Expert [TECCCDE-3005], and start move from a “How to do it” to “Why to do it” mindset shift. We covered the basic foundations for an Architect to take in consideration and Technologies on the written/lab exam.

We finished the session with a small demo about how the exam is built, and graded.

It was awesome to meet all the team and have some chat. I would like to say thank you to Russ White, Architect, Elaine Lopes,Yuri Lukin,Tom Whaley

If you are looking to start your CCDE journey here are some of the suggested study materials:

Cisco Live Barcelona 2018 here i GO!

This is going to be my 2nd Cisco Live, and i’m very excited because i’ve learned a lot over the past 8 years and i’m in a different professional stage at the moment that 8 years ago it was just a dream. I’m a strong believer that these events are important to grow your “networking” and keep you updated on new trends/technology.

So how my calendar looks like so far?

  • CCDE Techtorial and Exam
  • Firepower
  • ISE
  • Multi-Cloud
  • SD-X
  • DevOps

If you are are around, lets grab a beer and crack some of the topics above

A Flashback and a New Busy Year!

Dear Reader,

Thanks to spend your time reading this post on the first day of the new year.

The 2017 was a busy year regards projects and a new area i’ve been exploring myself (Business Development), this is quite new for me but it’s going….

What i mean by Business Development? I’ve been focus only on Engineering (hands-on) which is by far what i really like to do, so i get the implementation plan and GO! Why not dive in the conversation with the customer and understand their challenges, advise what technologies are in the market that really suit them. Presenting cutting-edge technologies and advise the customer is also something i really like.

What do i have for this upcoming year? I’ve done some re-cert’s, like Juniper, VMware and Cisco.
I have do do some re-certs this year too, but i want to focus more on the CCDE than ever, so i’m starting officially today and i hope do the Written in 6 months. I will attend the Cisco Live Barcelona 2018, so i hope get good contacts to push this even further. This is the plan mentally but i know this might has to change a bit.

CCNA Cyber Ops is just around the corner :)

Happy New Year.

ACI anywhere with Virtual Edge (AVE)

The goal of extending ACI anywhere is becoming real with ACI Virtual Edge (EVE), the next generation of the Application Virtual Switch (AVS) for ACI environments. this should be available until the end of the year, AVE is hypervisor independent, offering consistent policy control across multiple hypervisors. For now the only target hypervisor is VMware.

AVS still supported but seems to be time for a change!

No tags for this post.

Realistic Traffic Generator

TRex is an open source, stateful traffic generator fuelled by DPDK. It generates L4-7 traffic based on pre-processing and smart replay of real traffic templates. TRex amplifies both client and server side traffic. Trex can can scale to 200Gb/sec with one UCS, but you can run it in any x86 hardware.

You can build your own VM running Fedora or Ubuntu, but Cisco cooked a OVA and Virtual Box image ready to go here

Cisco DEVNET has a corner for TREX too, check here

It’s time to load some devices, and compare with datasheets :)

TRex Current Stateful Feature sets

  • DPDK 1/2.5/5/10/25/40/50/100Gbps interfaces support
  • High scale of realistic traffic, up to 200-400Gb/sec with one Cisco UCS
  • Latency/Jitter measurements
  • Flow ordering checks
  • NAT, PAT dynamic translation learning

TRex New Stateless Feature sets

  • Crafting and generating stateless traffic streams
  • Large scale – Supports up to 20 million packets per second (mpps)
  • Multiple streams support
  • Ability to change any field inside the packet (e.g. src_ip = 10.0.0.1-10.0.0.255)
  • Continuous/Burst/Multi-burst support
  • Interactive support – Console, GUI
  • Per stream statistics, latency and Jitter
  • Python API for automation
  • Multi-user support

 

 

Spot Bad Traffic without decrypting it

How can we detect and mitigate a kill chain in encrypted traffic without breaking users privacy and same time  with minimal false positives? Cisco Catalyst 9k is the newest platform with this capability which is called Encrypted Traffic Analysis (ETS). Machine Learning & metadata seems to be the right ingredients to make the wheel work.

Read here for more detail.

 

 

 

Cisco Catalyst reborn

Cisco announced a new platform, Catalyst 9k (fixed and modular), a new hit for the Enterprise Architecture.

Some of the benefits i’ve captured:

  • Secure segmentation with SD-Access
  • Unmatched 60W POE on every access port
  • DNA Center
  • IoT readiness
  • Cloud readiness
  • IOS-XE
  • UADP 2.0
  • StackWise Virtual
  • IEEE1588
  • MACsec256
  • Encrypted Traffic Analysis (ETA)
  • Licensing mode changed (no info yet)

Catalyst 9300

Catalyst 9400

Catalyst 9500

 

CCIE and VR combined

It’s not April fools day, so what the title means? No chance to Cisco stay behind the software world! I would expect that Cisco will use VR soon as part of their Collaboration suite

If you are going to Cisco Live US you can see this two Demos:

  • BeTheRouter (BTR) – in this App, you are the heart and decision maker of what to do with the packets in terms of routing policy, QoS, etc.
  • TroubleshootTheLab (TTL) – in this App, user is presented a real-life-looking data center environment with tasks to rack-and-stack Cisco equipment in 3D such as Routers and Switches, followed by a cabling exercise to connect various devices according to the topology diagram, and troubleshoot a cabling issue fix.

Shall we expect a 8 hour Lab exam using VR?

 

Update 02.06.2017
Teaser included