Tag Archives: Security

Cisco SecureX Series on Youtube

I’ve started a series on youtube called Cisco SecureX Series, this is purely a walkthrough of all different possible integrations and do some real live Orchestration demos. Death to PowerPoint slides!

  • Intro to SecureX Series
  • What is Cisco SecureX
  • Cisco SecureX Quick Tour Dashboard
  • Cisco Umbrella Integration
  • Cisco Meraki Integration
  • Cisco Advanced Malware Protection Integration
  • Cisco Stealthwatch Enterprise and Cloud Integration
  • Cisco Threat Grid Integration
  • Cisco Firepower Integration
  • Covering Cisco ASA with Firepower
  • Covering Cisco Firepower Threat Defence (FTD)
  • Cisco Web Security Appliance (WSA) Integration
  • Cisco Email Security Appliance (ESA) Integration
  • Cisco Defence Orchestrator (CDO) Integration
  • Cisco Tetration
  • Marketplace available



Read it, then try it—with Juniper vLabs

Juniper vLabs is a web-based platform that lets you try out Juniper products and features at any time, in a no-risk environment. Leveraging the vMX, vQFX, and vSRX product lines, vLabs provide a variety of standalone devices and preset topologies. Reservable in advance or on-demand, vLabs are free to access and open to everyone.

Juniper vLabs takes a “read-it-then-try-it” approach to learning. This offering guides you from product and solutions documentation to a live environment where you can get hands-on experience.

Enter Juniper vLabs.



IP Express Consulting

If you are looking for consulting services for your projects, upgrade, or suggestions, contact me.


Network Design:
  • Internet connectivity
  • DataCenter/Campus architecture
  • Internet edge connectivity
  • Advanced IP routing environments
  • Device management and monitoring
  • Public Cloud (Azure/AWS/Google)
Security solutions
  • Network Device hardening
  • DMZ design and deployment
  • Firewall configuration review
  • Remote-access VPN deployments
  • PKI
  • Technical papers
  • Whitepapers
  • Network documentation
  • Templating
  • Network/Security Assessment

If you want receive a sample of my work contact me

    Your Name (required)

    Your Email (required)


    Your Message

    Juniper Networks Certified Expert Data Center (JNCIE-DC) Open for Registration

    At the pinnacle of the Data Center certification track is the 1-day JNCIE-DC practical exam. This exam is designed to validate the networking professionals’ ability to deploy, configure, manage, and troubleshoot Junos-based platforms. Throughout this 8-hour practical exam, candidates will build a data center network consisting of multiple MX Series and QFX Series devices. Successful candidates will perform system configuration on all devices including management capabilities, a Clos IP fabric, EVPN/VXVLAN, DCI, and CoS features.

    The JNCIE-DC is valid for three years. Recertification is achieved by passing the current version of the JNCIP-DC exam or by attending a corresponding course.

    Exam Overview

    Exam code: JPR-980

    Lab Exam (Hands-on Lab)

    Held at selected Juniper Networks testing centers

    Exam length: 8 hours

    Prerequisite certification: JNCIP-DC

    The lab will be available 3 April 2017

    Junos Software Release:

    • MX80 3D Universal Edge Router: 16.1
    • QFX5100 Ethernet Switch: 14.1
    • vMX 3D Universal Edge Router: 15.1
    • vSRX Services Gateway: 12.1

    Topics for the Exam


    • On-box Scripts
      • Event scripts
      • Commit scripts
      • Operation scripts
    • Junos Space
      • Auto discover
      • Configuration management
    • ZTP
      • Initial provisioning of QFX switches using a CentOS DHCP server

       Layer 2 Underlay

    • VCF configurations
      • Master and backup RE
      • Inactive state VCF member
      • VCP port setup
    • Convert interface speed
      • 40G to 4x10G
    • MC-LAG
      • Interchassis link (ICL) redundancy
      • IRB MAC Sync
      • Layer 3 gateway function
      • ICCP

    Layer 3 Underlay

    • BGP for an IP Clos fabric
      • Clos IP fabric
      • Loopback interface for routing updates
      • EBGP in an IP fabric
      • Avoid blackholing traffic
      • Routing policies

      Controllerless Overlay

    • EVPN control plane
      • EVPN signaling
      • EVPN routes
      • VNI target communities
      • Prevent suboptimal routing
      • Inter-VRF routing
      • Automatic route-target
      • Load balancing
      • Anycast Gateway
      • Virtual tunnel end point function
      • VXLAN learning process
      • MAC address learning
      • Passing traffic between VNIs

      Data Center Interconnect (DCI)

    • DCI
      • EVPN signaled VXLAN
      • L3VPN implementation
      • EVPN MPLS


    • Control plane protection
      • Firewall filters
      • Role-base access control (RBAC)
    • SRX Series device as a gateway
      • Security zones
      • Security policies

      Class of Service (CoS)

    • CoS features
      • Loss priority
      • Rewrite rules
      • Shaping and policing
      • Scheduling
      • BA and MF classification
      • Drop profiles
      • Traffic control profiles

    I took the F5 101v2-Application Delivery Fundamentals beta exam

    I was a guinea pig for F5 101v2 beta and i did it well i guess. After answer 140 questions in 150 minutes + extension of 30 minutes (not english native, but was not necessary) the hard part of this was review all my answers, yes again 140! I didn´t find this hard as mention by other guys who did the 101v1. After you submit the exam you can comment the questions (no chance to change answers at this point), personally i did it to give the F5 Team my understanding of what they can improve! But they could give the cert away for the guys who passed this exam, yes it´s Christmas! :)

    And yes, against other exams you can go back and forwarded!

    All 5 sections have the same score, so i got 75%

    I wrote a post about my Study Notes for this exam so check it out!

    This exam is one of the pre-requirements for the Exam 201 – TMOS Administration to achieve the F5 BIG-IP Certified Administrator


    And even virtually i have my logo!


    Study Notes for F5 101v2-Application Delivery Fundamentals exam

    As i said before i got an opportunity to test my knowledge (101v2 beta) and off course learn more about F5 ADC and other stuff. The information you need to learn is published in the official Blueprint Application Delivery Fundamentals. This new version will be available on Q1 2015.

    F5 doesn´t have any guide (book,etc) like most of the vendors have, so you need to do it by your self. But i found a nice compilation did by Philip Jönsson (direct link) and another one by Rich Hill

    A good tool is F5 University where you have free WBTs of LTM&APM (and more!!!), and hands-on on a virtual lab (code 10.x and 11.x). I think the most important are:

    Getting Started with BIG-IP: Part 1 – Administration

    Getting Started with BIG-IP: Part 2 – Application Delivery

    Getting Started with BIG-IP Access Policy Manager (APM)

    Getting Started with BIG-IP LTM: Part 1 – High Availability and Traffic Processing

    Getting Started with BIG-IP LTM: Part 2 – iRules and Accelerating Traffic

    Viprion Basics

    HTTP Basics I

    HTTP Basics II

    A few facts:

    • The exam is based on 11.4.0 code
    • Exam cost 105 euros + VAT
    • The exam 101v2 will have 80 questions (70 scored and 10 unscored), and a minimum of 69% to pass it
    • Pre-requirement to go to the next level Exam 201 – TMOS Administration and be a F5 Certified BIG-IP Administrator (F5-CA)
    • All questions are scored equally
    • Passing the exam will be valid for 2 years
    • Most people agree that the v2 practice exam is much harder than the v1 production exam (mostly because of the number of questions).

    I took the followed information from http://veritablenetworks.blogspot.pt/(Rich Hill) and change a few things for the renewed exam (101v2).

    You can download my personal notes here.

    Section 1 – OSI

    Most of this information is common knowledge in the networking industry, but you probably don´t a few things especially when you get to the application layer protocols (sorry if i undervalue you!). The Wikipedia articles play a big role here, and yes Wikipedia Rulez!

    • Objective 1.01 – Explain, compare and contrast the OSI layers

    OSI Model Wiki
    Another OSI Model Overview

    • Objective 1.02 – Explain protocols and technologies specific to the data-link layer

    Explain the purpose of a switch’s forwarding database
    ARP on F5
    MAC Address
    Broadcast Domain
    Link Aggregation Wiki
    Big IP Link Aggregation

    • Objective 1.03 – Explain protocols and apply technologies specific to the network layer

    Routing on F5
    TCP/IP Overview
    IP Addressing & Subnetting
    Routing Protocols
    IP Packet Fragmentation
    IP TTL (Time to Live)

    • Objective 1.04 – Explain the features and functionality of protocols and technologies specific to the transport layer

    MTU / MSS
    TCP Functionality
    UDP Functionality
    TCP Connection Setup by Virtual Server Type
    TCP Profile Settings (Tunables)
    UDP Profile Settings (Tunables)
    TCPDUMP on F5
    Functionality of ports in general
    Process of a reset

    • Objective 1.05 – Explain the features and functionality of protocols and technologies specific to the application layer

    Application Layer Traffic Managment on F5
    HTTP Functionality
    HTTP Status Codes
    HTTP Headers
    F5 HTTP White Paper
    DNS Functionality
    DNS Record Types
    SIP Functionality
    F5 SIP White Paper
    FTP Functionality
    SMTP Functionality
    HTTP Cookies
    My Name is URL

    Section 2 – F5 Solutions and Technology

    In this section, we get into the actual F5 Solutions. Most engineers taking this exam will be experienced with LTM and iRules, but little else. Hopefully, the familiarity gained from the F5 datasheets and white papers shown below will help you to understand the breadth of the F5 offerings. Prepare to take the first step into a larger world.

    • Objective 2.01 – Articulate the role of F5 products

    Access Policy Manager (APM)
    Application Security Manager (ASM)
    Local Traffic Manager (LTM)
    Global Traffic Manager (GTM)
    Enterprise Manager
    BIG-IQ and ADN Management
    F5 White Papers
    F5 Datasheets

    • Objective 2.02 – Explain the purpose, use and advantages of iRules

    iRule Wiki (Requires Devcentral Login)

    • Objective 2.03 – Explain the purpose, use and advantages of iApps

    iApp Wiki (Requires Devcentral Login)

    • Objective 2.05 – Explain the purpose of and use cases for full proxy and packet forwarding/packet based architectures

    Full Proxy Architecture (Lori MacVittie rules!)
    Packet-Based vs Full Proxy
    Virtual Server Types

    • Objective 2.06 – Explain the advantages and configurations of high availability (HA)

    F5 HA Basics
    Config Sync
    Big IP HA Features
    VLAN Failsafe

    Section 3 – Load Balancing Essentials

    This section is a short one compared to the previous two. If you’re going after an F5 certification, you’re probably already familiar with much of this material, so you probably won’t have to study as much for this section. It never hurts to brush up on the algorithms and persistence methods.

    • Objective 3.01 – Discuss the purpose of, use cases for, and key considerations related to load balancing

    Load Balancing Wiki
    Load Balancing 101
    Load Balancing Algorithms (Devcentral)
    More on Load Balancing Algorithms
    Another Load Balancing Algorithm Article
    Yet Another Load Balancing Algorithm Article

    • Objective 3.02 – Differentiate between a client and a server

    Client / Server on Wiki – Yes, I’m surprised this is even a question.

    Section 4 – Security

    • Objective 4.01 – Compare and contrast positive and negative security models

    Positive Security Model
    Positive vs Negative Security

    • Objective 4.02 – Explain the purpose and cryptographic services

    SSL Certificates (Devcentral)
    Certificate Chains
    Public-Key Cryptography
    Symmetric vs Asymmetric Encryption
    Client SSL Profiles
    Server SSL Profiles
    SSLDUMP Utility

    • Objective 4.03 – Describe the purpose and advantages of authentication

    F5 Authentication 101
    Single Sign On
    Multi-factor Authentication

    • Objective 4.04 – Describe the purpose, advantages and use cases of IPsec and SSL VPN

    IPsec VPN

    Section 5 – Application Delivery Platforms

    • Objective 5.01 – Describe the purpose, advantages, use cases, and challenges associated with hardware-based application delivery platforms and virtual machines

    Virtualization Platforms

    • Objective 5.02 – Describe the purpose of the various types of advanced acceleration techniques.

    Application Performance Optimization
    TCP Optimization
    Acceleration 101

    This is everything you need to know, but try learn deep something more!


    BIG-IP LTM 11.4.0 Documentation

    Exam 101 – Application Delivery Fundamentals

    Exam 201 – TMOS Administration

    F5 Certification Program

    JunOS Cup 2014 Game Over

    Foi sem duvida um desafio interessante, e estive muito perto de algumas das soluções propostas pela Juniper :). Sem duvida que algumns dos desafios eram mesmo tricky!

    Resumindo ganhei um voucher para uma certificação e 25 VM units para usar no Junosphere. De qualquer forma parabéns aos vencedores!

    Estas foram as Flags ganhas no torneio, para um principiante em Juniper nada mau :)

    Update 17 Julho 2014

    Foram classificados 3 vencedores com o mesmo numero de pontos, entre eles estava um Português. O desafio final Antarctica (Type: Enterprise Difficulty: High) foi decisivo para encontrar  o vencedor.

    Tournament #1  Junos Cup Challenges
    Country Flag Challenge Type/Difficulty I GOT IT :)
    Internet over a MPLS-free Core Service Provider/Medium
    MPLS BGP Traffic Drop Service Provider/Hard
    South Korea
    IPTV over Circuit Cross-Connects Service Provider/Hard
    Bosnia and Herzegovina
    The Erratic Default Gateway Enterprise/Medium  Ok-icon
    Aggregated Ethernet Failover Enterprise/Medium  Ok-icon
    The Flapping Ping Enterprise, Hard
    IPSEC VPN #1 Security/Medium  Ok-icon
    The Reacting Probe Automation/Medium  Ok-icon
    Tournament #2
    MPLS BGP & FIB Scaling Service Provider/Medium
    Reverse Engineering Saga Episode 2 – The Broken IGP Service Provider/Medium
    LDP with Tagged Traceroute Service Provider/Hard
    Traffic Engineering Constraints Service Provider/Hard
    Ping on Virtual Routers Enterprise/Medium  Ok-icon
    Bridging with Virtual Switches Enterprise/Medium  Ok-icon
    SRX Network Address Translation #1 Security/Hard  Ok-icon
    The Obscure CLI Provisioning Automation/Hard
    Tournament #3
    End-to-End Class of Service Service Provider/Hard
    Reverse Engineering Saga, Episode 3 –  The Strange BGP Service Provider/Medium
    Seamless MPLS Service Provider/Hard
    Displaying Remote MAC Address Enterprise/Medium  Ok-icon
    Ivory Coast
    OSPF on L3VPN Customized Connectivity Service Provider/Hard  Ok-icon
    OSPF Topology Convergence Enterprise/Hard
    SRX Network Address Translation #2 Security/Medium
    Costa Rica
    The Remote Task Execution Automation/Medium  Ok-icon
    Tournament #4
    BGP Multicast VPN Service Provider/Medium
    Reverse Engineer Saga, Episode 4 – The Puzzling MPLS Service Provider/Medium
    Tuning LSP Choice in L3VPN Service Provider/Hard
    Class of Service at Egress L3VPN PE Service Provider/Hard
    One-Hop Ping Enterprise/Medium
    Ping on Aggregated Ethernet Enterprise/Hard
    Inter-Instance Flows Enterprise/Hard
    IPSEC VPN #2 Security/Hard

    Juniper Certificações Junho 2013

    A pirâmide da Juniper Networks Certification Program (JNCP) divide-se em 4 níveis, sendo que o nível JNCIA, o básico. Este pretende introduzir aos Network Engineers as foundations de como operar/gerir as plataformas Juniper. O JNCP está divido em 3 tracks essencialmente mas existem algumas certificações relacionadas exclusivamente com produtos Juniper.



    Há data de hoje, as tracks são as seguintes:

    Level Junos Tracks
    Enterprise Routing
    & Switching
    Junos Security Service Provider Routing
    & Switching

    Foram recentemente introduzidas as Tracks específicas de Suporte:

    Level Junos Support Tracks
    Enterprise Routing
    & Switching Support
    Junos Security Support Service Provider Routing
    & Switching Support


    O JNCP disponibiliza algumas tracks orientadas exclusivamente ao produto, estas são:

    Level Product and Technology Tracks
    E-Series Firewall/ VPN IDP Junos Pulse
    Access Control
    Junos Pulse
    Secure Access
    QFabric Wireless
    WX Series

    Este é sempre o dilema de qualquer Network Engineer independentemente do seu role (Arquitectura/Design/Suporte/..), de “quando renovar a minha certificação”? A semelhança de outros fabricantes é possível renovar de uma forma inteligente, mas fazendo o próximo nível ficando assim com as anteriores válidas. Esta é também a forma de a Juniper (ou qualquer vendor) “empurrar” para o topo da pirâmide. No JNCP a validade de qualquer certificação é de 2 anos.

    A grande diferença por exemplo da Cisco neste capitulo é que para renovar por exemplo o JNCIE independentemente da track é necessário renovar o JNCIP da mesma track. Aqui a Cisco usa uma metodologia diferente pelo que para renovar o CCIE em qualquer track basta efetuar por exemplo um segundo CCIE Wrriten/ e ou Lab de outro track, ou efetuar o exame Written especifico de renovação.

    Não é possível realizar diretamente o JNCIE, pelo que será necessário adquirir as certificações intermédias até ao topo da pirâmide (JNCIE).

    Status possíveis da certificação:

    Status Timeframe Eligibilities
    Active Two Years
    • Eligible for all benefits
    • Qualify under the Partner certification compliance requirements
    Inactive One year following the Active period
    • Can be recertified
    • Are not eligible for benefits
    • Do not qualify under the Partner certification compliance requirements
    • Can still be used to fulfill prerequisite requirements for written exams
    • Cannot be used to fulfill prerequisite requirements for JNCP Lab Exams
    Expired At the end of the Inactive period
    • Cannot be recertified
    • Are not eligible for benefits
    • Do not qualify under the Partner certification compliance requirements
    • Cannot be used to fulfill any prerequisite requirements
    • Candidates with an expired certification must start again at the bottom of that certification track

    Renovações e respetiva correspondência:

    Certification Level Renew by Maintaining Certification Level Renew by Advancing Certification Level
    JNCIA Pass the current JNCIA exam in the same certification track Pass the current JNCIS exam in the same certification track
    JNCIS Pass the current JNCIS exam in the same certification track Pass the current JNCIP exam in the same certification track
    JNCIP Pass the current JNCIP exam in the same certification track Pass the current JNCIE Lab Exam in the same certification track
    JNCIP-E Pass the current JNCIS-E exam N/A
    JNCIE Pass the current JNCIP exam in the same certification track N/A

    Update Exames CCNP Security

    A certificação CCNP Security da Cisco será renovada em breve com uma nova estrutura, consultar o link CCNP Security para mais detalhes


    Required Exam(s) Recommended Training Required Exam(s) Recommended Training
    642-637 SECURE v1.0
    Last day to test April 21, 2014
    Secure v1.0 Securing Networks with Cisco Routers and Switches (SECURE v1.0) 300-208 SISAS Implementing Cisco  Secure Access Solutions (SISAS)

    642-627 IPS v7.0
    Last day to test April 21, 2014

    Implementing Cisco Intrusion Prevention System v7.0 (IPS v7.0) 300-207 SITCS Implementing Cisco Edge Network Security  Solutions  (SITCS)
    642-618 FIREWALL v2.0
    Last day to test April 21, 2014
    Deploying Cisco ASA Firewall Solutions (FIREWALL  v2.0) 300-206 SENSS Implementing Cisco Secure Mobility Solutions  (SENSS)
    642-648 VPN v2.0
    Last day to test April 21, 2014
    Deploying Cisco ASA VPN Solutions (VPN v2.0) 300-209 SIMOS Implementing Cisco Threat Control Solutions (SIMOS)


    As apresentações sobre os novos exames no Cisco Live Milan 2014:

    BRKCRT-2203 – Implementing Cisco Secure Access Solutions – Preparing for the SISAS Exam

    BRKCRT-2211 – Title: BRKCRT-2211 Implementing Cisco Threat Control Solutions – Preparing for the SITCS Exam

    BRKCRT-2204 – Implementing Cisco Edge Network Security Solutions – Preparing for the SENSS Exam

    BRKCRT-2205 – Implementing Cisco Secure Mobility Solutions – Preparing for the SIMOS Exam