Cisco Blogs


Cisco Blog > Perspectives

Cisco Features you should be using

I know more than once now the Cisco ISR/ISR-G2’s Series have been dubbed as the ‘Swiss Army Knife’ of networking devices, simply due to the amount of flexibility & the number of technologies available to you when deploying these devices. Luckily for us, these devices provide even more features available to us to assist with troubleshooting and maintaining the overall health of the network. What is even better is that many of these useful troubleshooting features exist on many of the other product families not just ISR/ISR-G2’s. I’ve had the pleasure to work on networks all around the world for some decent size companies so I wanted to kick off this list with what I consider to be the most useful tools built-in to Cisco devices that are not very well known out there.

1. Embedded Packet Capture (EPC) -- There is no doubt about it, but the ability to perform a packet capture at key points throughout the network can make troubleshooting particular issues that much easier. Luckily this feature exists on many different devices:

1. ISR G2′s -- Even the older ISR’s have this ability
2. ASA Firewalls
3. IOS-XE devices -- From the powerful ASR’s to the newer Catalyst 3850
4. NX-OS devices -- Granted on NX-OS you can capture packets that are process switched, there is an easy way around this by creating an Access-list to match the traffic you want to capture.
5. Even in Cisco UCS we can configure a traffic monitoring policy to capture traffic directly from particular servers and capture directly off the Fabric Interconnects. *This is more of a SPAN-type session than Embedded Packet Capture. Read More »

Tags: , , , , ,

#CiscoChampion Radio S1|Ep 38. Threat Focused Firewall

October 28, 2014 at 12:56 pm PST

cisco_champions BADGE_200x200#CiscoChampion Radio is a podcast series by Cisco Champions as technologists. Today we’re talking with Cisco Product Marketing Manager Dave Stuart, the threat focused firewall. Brian Remmel (@bremmel) moderates and Antonio Cheltenham, Jason Alert and Sven Kutzer are this week’s Cisco Champion guest hosts.

Listen to the Podcast.

Learn about the Cisco Champions Program HERE.
See a list of all #CiscoChampion Radio podcasts HERE.

Cisco SME
Dave Stuart, Cisco Product Marketing Manager

Cisco Champions
Antonio Cheltenham, @acheltenham, Systems Administrator
Jason Alert, @RoutingNinja, Senior Network Engineer
Sven Kutzer, @svenkutzer, Senior Systems Engineer

Highlights
What is a threat focused firewall
Why is it important
What is vision/migration path for those looking to move to threat focused firewall solution
Security advantages of passive discovery
Using agents (i.e. AMP Connector technologies) for robust visibility into network behavior
How threat focused firewall solution receives updates about new threats and handles malicious traffic not yet flagged Read More »

Tags: , , ,

Summary: The First 4 Steps to Simplify Your Small Business Information Technology

Sam O’Daniel (better known as the Startup IT Guy) has put together a short list of steps to take when starting or just simplifying your business information technology.  If the next couple of months are your slow season, you can get these steps in motion to have a better handle on IT in the new year. From signing up with a cloud productivity suite to establishing a vendor relationship for purchasing to streamlining network hardware (on Meraki gear, of course!), these 4 steps will help get you out of IT support and put your focus back where it belongs -- your business.

Read the full article here.

Tags: , , , ,

#CiscoChampion Radio S1|Ep 37. New Cloud Era, New Data Protection Model

October 21, 2014 at 1:27 pm PST

cisco_champions BADGE_200x200#CiscoChampion Radio is a podcast series by Cisco Champions as technologists. Today we’re talking with Cisco Compliance and Data Privacy Leader Evelyn De Souza, about Cloud Security. Brian Remmel (@bremmel) moderates and Andres Sarmiento and Denise Fishburne are this week’s Cisco Champion guest hosts.

Listen to the Podcast.

Learn about the Cisco Champions Program HERE.
See a list of all #CiscoChampion Radio podcasts HERE.

Cisco SME
Evelyn De Souza, @e_desouza, Cisco Compliance and Data Privacy Leader

Cisco Champions
Andres Sarmiento, @asarmiento85, Lead Technical Consultant
Denise Fishburne, @DeniseFishburne, Systems Engineer Read More »

Tags: , , ,

IPv6 First-Hop-Security

If you’ve worked with networking sometime in the last decade, I’m sure you’ve heard of this thing called IPv6. IPv6 has been around for quite a while, but it seems to be growing increasingly more popular as of late.
My focus on this article will be some of the challenges with security and IPv6, primarily those that Cisco IPv6 First-Hop-Security (FHS) solves.

Several times I’ve found myself looking at the network traffic traversing a customer’s network, asking if they use IPv6.
Unfortunately, most of the times the answer is no, even though I can see the Link-local and multicast addresses flying by my screen.
When I proceed to ask if they’ve added any security measurements in the network to protect against IPv6 attacks, the answer is mostly: “Why would we need any IPv6 security if we don’t use IPv6”? Read More »

Tags: , ,