Category Archives: Cisco

Redundant interfaces not supported on FXOS platforms

The documentation might get you a bit confused, but after have a chat with Cisco TAC they shed some light…..Unfortunately this design is not supported, so if you are migrating from a Old Cisco ASA platform it’s time to redesign and avoid redundant interfaces. So i had to move those interfaces to port-channel, so the trade-off was the failover if the principal switch died.
Cisco Firepower
And here is the bug reported
Redundant interfaces are not supported on all FXOS platforms
CSCvg30354
Symptom:
“Firepower Management Center Configuration Guide, Version 6.1”
Chapter: Interfaces for Firepower Threat DefenseInformation related to Redundant interfaces should be changed
FROM
Redundant interfaces are not supported on the Firepower 9300
TO
Redundant interfaces are not supported on the Firepower 9300, 4100, 2100Conditions:
Currently Redundant interfaces are not supported on all FXOS Platforms

Workaround:

CLEUR Barcelona 2019 Day 1

A very exciting first day with swags, Cisco Champion giffs, and do networking with really nice people about new trends and challenges in the industry. Why Cisco Live? it’s the opportunity to talk with your peers, explore, connect, and be inspired by Cisco’s top experts, partners, and customers. It’s an event you don’t want to miss.

CCIE Security Techtorial – TECCCIE-3202

I was really interested on this session, but it turns out that it was just a lecture instead of a hands-on session like in other tracks. The session went smooth with some questions about ISE, ESA and WSA. A few videos were provided as well on how to configure certain tasks on some of the platforms mentioned before, not a big deal.

It was awesome to meet all the team and have some chat. I would like to say thank you to Yusuf Bhaiji, Ziaul Hussain, Vivek Santuka, Ana Peric

If you are looking to start your CCIE Security journey find here CCIE Security Study Material  the most relevant materials for study.

Magic Quadrant for Enterprise Network Firewalls 2018

Security landscape is evolving fast, so fast detection and mitigation is important for customers.   Many enterprises are looking to firewall vendors to provide cloud-based malware detection instances to aid them in their advanced threat detection efforts, as a cost-effective alternative to stand-alone sandboxing appliances.
SSL Decryption is one of the key topics, since TLS 1.2 to the TLS 1.3 standard will undoubtedly force changes in how enterprise firewall vendors process the traffic.
Policy Orchestration and Automation Become Critical on SDN deployments, some vendors haven’t provide much attention om this topic. Firewall Services Within IaaS Environments Become an Area of Differentiation.

Magic Quadrant for Enterprise Network Firewalls

Full Report on Report Magic Quadrant for Enterprise Network Firewalls 2018

Cisco Firepower Forbidden- you don’t have permission to access

After re-image FPR2110 from FTD to ASA9.8.2, the chassis (FXOS) mgmt interface UI become unaccesible giving the following error “Forbidden- you don’t have permission to access / on this server”.

In a nutshell, i could access FXOS via SSH and ASA (SSH & HTTPS) but the FXOS Chassis Management was broken. After spend some time, the only way to get this sorted was upgrade for the version 9.9.x

After upgrade, everything was working again.

 

Be a Cisco Champion 2019

Cisco Champion program is looking for the best and the brightes tech enthusiasts who are also active members of the community.

If this sounds like you, then submit your application for the 2019 Cisco Champion Program. Cisco Champions are an elite group of technical experts who are passionate about IT and enjoy sharing their knowledge, expertise, and thoughts across the social web and with Cisco. The program has been running for 5 years and is just getting started!

If you still not believing give a look on Cisco Champions discussing the benefits of the program at CLUS this year.

The application form will be open from October 30th  – November 12th, 2018. 

Fill out the application to be a 2019 Cisco Champion.

 

References:

https://blogs.cisco.com/perspectives/cisco-champions-2019-applications-now-open