Tag Archives: Cloud

Fire Jumper Stage 5 Network Security Systems Engineer

Cisco Fire Jumper program is composed by different tracks, and each has a Sales, Systems Engineer and Field role with dedicated videos, training, POV, Labs and exams to be accomplished. After completed all four stages, you need to ask your Manager to endorse and send en email to fire jumper team. Once accepted you are going to receive an certificate. I’ve focused on the Network Security System Engineer role where i achieved the Stage 5. Looking for the Elite now.

Dissecting the Different Tracks

Network Security: Firepower, ASA and Meraki

Advanced Threat: AMP for Endpoints and Threat Grid

Visibility & Enforcement: ISE, Stealthwatch and SDA

Cloud, Web & Email Security: Cisco Umbrella, Cloudlock, WSA and Email Security

At the moment you can only be Stage 5 in one track and Stage 4 on all of them. Once you achieve this you become Fire Jumper Elite.

Find below the relevant links for the program:

Fire Jumper Sales Engineer

Fire Jumper Systems Engineer

Fire Jumper Field Engineer

IP Express Consulting

If you are looking for consulting services for your projects, upgrade, or suggestions, contact me.

 

Network Design:
  • Internet connectivity
  • DataCenter/Campus architecture
  • Internet edge connectivity
  • Advanced IP routing environments
  • Device management and monitoring
  • Public Cloud (Azure/AWS/Google)
Security solutions
  • Network Device hardening
  • DMZ design and deployment
  • Firewall configuration review
  • Remote-access VPN deployments
  • PKI
Writing
  • Technical papers
  • Whitepapers
  • Network documentation
  • Templating
  • Network/Security Assessment

If you want receive a sample of my work contact me

Your Name (required)

Your Email (required)

Subject

Your Message


Hybrid Cloud from VMware on Amazon (AWS)

VMware and Amazon bring a new partnership where VMware customers will be able to extend their private cloud on Amazon Datacenters around the World promoting a seamless integration and lifecycle operation bringing a Hybrid cloud environment.

This service will include all the enterprise tools you’re familiar with including vSphere, ESXi, VSAN and NSX. The hardware used by AWS is on heaven secrets but will be compliance with VMware requirements, to allow such integration. VMware with AWS will bring Software-Defined Data Center (SDDC) stack to the AWS cloud, delivered as an on-demand, subscription-based, elastically scalable offering. Some interesting use cases are App development, Testing, Disaster Recovery, Geo Expansion, Burst capacity and Data Center Migration

vmware_aws

VMware cloud will run on native ESX on next-generation, it manages and operates the infrastructure of the VMware Cloud on AWS providing the full lifecycle of the product being a Managed Service Provider for an instance. Virtualization administrators will have permissions on vCenter to perform administrative tasks.

At the moment AWS Cloud Global infrastructure operates 35 Availability Zones within 13 geographic Regions around the world, with 12 more Availability Zones and 5 more Regions coming online throughout the next year.

aws_globalinfra

At the moment I’m writing this, it’s occurring the VMworld Europe in Barcelona until 20 of October 2016, give a look to the breakout sessions INF7849: VMware Cloud on AWS – a closer look and INF7711R: VMware Cloud on AWS. In this session VMware guys will dive a little deeper into the details of this service.

vmworld2016_aws_sessions

This service is expected to be available in the mid-2017 time-frame, VMware didn’t confirm if this will available in all AWS regions. Customers will be able to choose from on-demand (hourly) or subscription-based (1 year, 3 yea) options to consume this service. Customers will also be able to leverage their existing investments in VMware licenses.

Customers will have to call VMware team for infrastructure lifecycle management, support, billing and account management.

References:

AWS Global Infrastructure

VMware Cloud on AWS a closer look

CCIE and CCDE Enhancements on Written Exams

Cisco announced enhancements to CCIE/CCDE Program just on Written exam, but the big change is a Dual-Monitor at Lab exam. These enhancements will enable candidates to get knowledge of the evolving technologies that organizations are adopting such as cloud, IoT, and network programmability.

All Expert-Level certification programs will implement the following changes:

Evolving Technologies

  • A new section titled “Evolving Technologies” will be added to all Expert-Level written exams. Lab exams will not be affected.
  • Candidates can prepare for the “Evolving Technologies” section by viewing Evolving Technologies Study Resources.
  • The written exams will be recalibrated to include the “Evolving Technologies” section, which will have three subdomains and a total of five tasks for which the expected depth of knowledge will be focused on conceptual comprehension.

Evolving Technologies Domain

1. Cloud

1.1: Compare and contrast Cloud deployment models

  • Infrastructure, platform, and software services (XaaS)
  • Performance and reliability
  • Security and privacy
  • Scalability and interoperability

1.2: Describe Cloud implementations and operations

  • Automation and orchestration
  • Workload mobility
  • Troubleshooting and management
  • OpenStack components

2. Network Programmability

2.1: Describe functional elements of network programmability (SDN) and how they interact

  • Controllers
  • APIs
  • Scripting
  • Agents
  • Northbound vs. Southbound protocols

2.2: Describe aspects of virtualization and automation in network environments

  • DevOps methodologies, tools and workflows
  • Network/application function virtualization (NFV, AFV)
  • Service function chaining
  • Performance, availability, and scaling considerations

3. Internet of Things

3.1: Describe architectural framework and deployment considerations for Internet of Things (IoT)

  • Performance, reliability and scalability
  • Mobility
  • Security and privacy
  • Standards and compliance
  • Migration
  • Environmental impacts on the network

CCIE_evolution_program2

CCIE_evolution_program

References:

Expert-Level Certification Program Evolution

Reference Material for Evolving Technology

Get a free Meraki Access Point

After assist Webinar Cloud Managed WiFi: Next Step in Wireless and provide feedback i was entitled to get a free Meraki Access Point (MR18). Consult here all next live webinars

After 3 days wating my Meraki MR18 arrived….

Meraki will broadcast by default a SSID with your company name

After you connect your AP to the network it will use a Default SSID to connect to the Meraki controller in the cloud

meraki-setup1

 

 

 

 

 

 

 

Even if you try to connect to this default SSID you get….

meraki-setup2

 
Next use the Meraki Dashboard to control your Wifi network

meraki-info1
To review your networks use Creating and deleting dashboard networks, was not to intuitive to get there…..

Once the AP connect to Meraki Controller we are set to go

meraki-setup4

 

 

 

 

 

By default the Network Access is

meraki-net2

 

 

By default the AP use NAT mode, for my case i´m using bridge mode

meraki-net1

 

A report after a few minutes surfing…

meraki-report1

 

Hardware/RF

meraki_mr18

meraki_mr18_radio

 

Licencing

included 3 years of support for this AP

meraki-info2

Highlights

Ideal use cases

  • General use wireless LANs
  • Mobility-intensive organizations

Hardware features

  • 3 radios: 2.4 and 5 GHz, dual-band WIDS/WIPS
  • 2-stream 802.11n, up to 600 Mbps
  • Gigabit Ethernet port
  • 802.3af PoE compatible, AC adapter available

Cloud management

  • Network-wide visibility and control
  • Self-provisioning for rapid deployment
  • Automatic reporting
  • Seamless firmware updates

Enterprise security

  • 802.1X and native Active Directory integration
  • Air Marshal: real-time WIPS with forensics
  • Stateful Layer 3-7 firewall
  • Identity-based group policies
  • Built-in antivirus scan (NAC)

Guest access

  • 1-click secure guest access
  • Guest isolation firewall
  • Customizable splash pages
RF optimization
  • Dual-concurrent, 2-stream MIMO radios
  • Third radio dedicated to security and RF management
  • Built-in real-time RF spectrum view
  • Cloud-based automatic RF optimization
Layer 7 traffic shaping
  • Classifies hundreds of applications
  • Create per-application bandwidth limits
  • Prioritize productivity apps
  • Restrict recreational traffic
Mesh
  • Self-configuring, self-optimizing mesh
  • High performance multi-radio routing protocols
  • Extends coverage to hard-to-wire areas
  • Self-heals after cable or switch failures
Device management
  • Create device-specific firewall rules
  • Deploy applications and updates
  • Troubleshoot issues with built-in RDP

References:

MR18 Installation Guide

Meraki Documentation

Meraki Wireless LAN

CSR 1000v Test Drive in Amazon

Pronto para um Test Drive ao CSR 1000v na Cloud da Amazon? Esta é a altura certa para familiarizar-se com o Cisco IOS-XE, aprender alguns novos conceitos, e terminologias sobre cloud. Se ainda não existiu oportunidade para tal esta é a hora certa de experimentar esta plataforma. Cada Test Drive (limite 5) tem a duração de 2 horas, existe um LAB guide com uma topologia bastante simples onde será necessário configurar VPN IPSEC entre VPC’s.

Para fazer o Test Drive dever’a realizar os seguintes passos:

  1. Preencher o formulario em CSR Test Drive
  2. Definir a password apos receber o email

testdrive_aws_login

3. Fazer download do Lab Guide
4. Try it Now!

testdrive_CSR100v_aws

Topologia

testdrive_CSR100v_lab

banner_aws_test_drive

Referências:

CSR 1000V Documentation

CSR 1000V AWS deployment Guide

CSR 1000V Technical whitepaper for AWS Use cases