1043 Results Found
Occasionally as I'm teaching a Cisco training class, I get an idea for a blog post and it happened again this week. The Securing Networks with ASA Fundamentals curriculum is mostly based on the Adaptive Security Device Manager (ASDM). While the class describes the us...
I recently came across an opportunity to use a relatively new feature in Cisco Unified Communications Manager (CUCM). Suppose you are the telecom administrator at a community hospital. During business hours, the Facilities Department is staffed and team members simpl...
Windows Software Update Services (WSUS) is commonly used to distribute security patches and updates for Windows operating systems and Microsoft applications. WSUS is a web application that runs within Internet Information Services (IIS) on Windows Server. When client...
Adding a new computer to an Active Directory domain can be a disruptive process, particularly if that computer is part of a large, high-speed deployment. Djoin.exe is a command line tool that permits the joining of a Windows 7 or Server 2008 R2 computer to Active Dir...
A feature common to IPSec Virtual Private Network implementations throughout the Cisco product line is Perfect Forward Secrecy (PFS). This optional additional component is now a default supplied configuration setting with the Adaptive Security Device Manager (ASDM) I...
As any network administrator will tell you, the ASA Security appliance (as well as its forerunner, the PIX) are capable of generating massive amounts of log messages, especially when the firewall/security appliance is set to log messages at debug level to the syslog...
As is sometimes the case, the idea for this article originated with a student question I received during one of the Securing Networks with ASA Fundamentals classes I have taught this summer. The course material mentions a simple scenario whereby IP Telephony traffic...
No matter which IT field you're working in, there are several skills that are useful for every IT professional to know. Here, seven experienced IT professionals working in the networking, programming, project management, and security fields, share what they believe a...
As is frequently the case these days, I get a brainstorm for an article during a Cisco Security training class I conduct. This summer I taught the Securing Networks with ASA Fundamentals class, which concentrates heavily on the Adaptive Security Device Manager (ASDM)...
When the hostname.domainname associated with my Small Office Home Office (SOHO) failed to update after a power outage, and a new DHCP-assigned external address was assigned to my router, I was reminded of the need for Dynamic DNS. This article will explore the implem...
Organizations can find significant value in adopting Agile methodologies and techniques. Agile practices can help ensure meet customer expectations, deliver products on time, and create a motivated environment that is able to quickly adapt to change. This white paper explores 12 benefits of Agile development and management, explaining why you should consider incorporating Agile methodologies into your current standards and processes.
Need to know the difference between copper and optical fiber? Want to learn what the acronyms PBX, PC, PCI, PCIe, PCM, PDA, and PDU mean? Our "Geek Speak v3.0" can teach you all this and more. An update to our popular v2.0 "Geek Speak", this white paper will teach you more than 925 popular IT words, phrases, and acronyms.
Negotiation is a dialogue intended to resolve disputes, to produce an agreement on courses of action, to bargain for individual or collective advantage, or to craft outcomes to satisfy various interests. It is the primary method of alternative dispute resolution. This white paper focuses primarily on the negotiation process, different negotiation styles, and the various elements of communication that affect the outcome, including: Negotiation Communications, Constructive Questioning, Communication Obstacles (and overcoming those obstacles), Challenging Negotiation Situations and "Traps," and, finally, completing Successful Negotiations, a.k.a. "Getting to Yes"
In this webinar, the first of two based on our Cybersecurity Foundations course, you will examine the following topics: verifying users and what they can access, ways a user can be validated to computer and network resources, how cryptography is used to protect data, symmetric and asymmetric encryption and hashes.
Dcdiag is an often overlooked tool that can discover problems in a domain controller’s configuration. If client computers can't locate a domain controller or if domain controllers can't replicate Active Directory, you can run tests with Dcdiag to look for a solution.
Interior Gateway Routing Protocol (IGRP) was a Cisco-proprietary Distance-Vector (D-V) classful routing protocol - basically an improved version of RIPv1. Like other D-V protocols, each IGRP router periodically flooded its routing table, but it differed from RIP in two ways. First, RIP’s advertisement interval was thirty seconds but IGRP’s was ninety seconds, which allowed IGRP to scale to larger networks than RIP. Second, RIP used a simple hop count metric, but IGRP’s more sophisticated metric was based on minimum path bandwidth and total path delay, with options to include link reliability and interface loading.
In this webinar, the second of two based on our Cybersecurity Foundations course, you'll build on what you learned in the first of the series, Protecting Your Network with Authentication and Cryptography.
One command that had a fairly long history first with the PIX Firewall and now the ASA is the shun command. In this post we’ll examine this command’s history, why it’s useful, and its new-found resurgence in threat detection implementation.
In this webinar, you will examine the need for IPv6 and whether it's possible to survive on IPv6 alone. You will learn ways to phase in IPv6 and how to successfully migrate to IPv6.
I attended a meeting this week with a customer of mine and a potential new vendor. The new vendor was there to pitch his configuration and setup service offerings for a specific ITSM toolset. My customer has already had one bad experience with an ITSM tool configuration vendor who promised one thing and delivered much less. He ended up with a tool that’s minimally used and not configured to match his business needs. He’s looking for a vendor that can understand his business needs and priorities and quickly help him get his tool configured and working in a short time frame. Then the topic of standard changes came up. My customer asked for examples of standard changes. The vendor responded, “Server reboots are an example of standard changes.”
Planning for a cyber disaster makes recovering from one much easier. Still, as important as disaster planning is, it's often overlooked or put off until it is too late. In this webinar, Global Knowledge instructor Debbie Dahlin discusses planning for the unexpected -- whether the unexpected means a simple power outage, a network security breach, or a major natural disaster. She'll discuss risk analysis and risk management techniques and explain the importance and process of creating a business continuity plan. Using a fictional company as an example, Debbie will walk you through the disaster planning process a security professional should use, and she will provide simple tricks to reduce your company's downtime before, during, and after a disaster.
This week’s post highlights some of the features and implementation specifics regarding the Datagram Transport Layer Service (DTLS) protocol used in Virtual Private Networks with the Cisco AnyConnect® SSL client. I’ll provide some background as well as some screenshots and supported CLI commands.
In the fourth of his five-part series, Eric Strause explores the hardware and application benefits inherent in a cloud-based architecture.
According to the OSI layer concept, routing, or best path selection, takes place on Layer 3 and is based on the logical address. In this post, we want to discuss some of the points in that statement.
According to the OSI layer concept, routing, or best path selection, takes place on Layer 3 and is based on the logical address. In this post, we want to discuss some of the points in that statement.
Global Knowledge Course Director and Lab Topology Architect Joey DeWiele, a specialist in Unified Communications, explains the difference between our Cisco Unified Communications courses - ACUCW1 & ACUCW2.
In this informative, hour-long webinar, Global Knowledge instructor Debbie Dahlin will explore an abundance of important cloud computing security issues. She will help you gain insight into the key cloud security issues of maintaining the confidentiality, integrity, and availability of corporate information and applications.
An attacker needs to destroy evidence of his presence and activities for several reasons like being able to maintain access and evade detection (and the resulting punishment). Erasing evidence of a compromise is a requirement for any attacker who wants to remain obscure and evade trace back. This usually starts with erasing the contaminated logins and any possible error messages that may have been generated from the attack process.
Relational databases are important not only because of the information they store but, more importantly, for the data we retrieve from them. The select statement allows us to ask the database a question. It’s the way we retrieve information from the database system.
In this hour-long webinar, Global Knowledge instructor John Barnes will guide you through implementing Cisco private VLANs. He will review VLANs and 802.1q, and he will discuss private VLAN fundamentals and operation, covering primary VLANs and secondary VLANs. He will cover VLAN mapping and discuss using private VLANs between multiple switches. He will also provide a use case example.
The Global Site Selector (GSS) leverages the Domain Name System (DNS) to provide clients with reliable and efficient content services. Domain to IP address mapping is performed with consideration for availability, location, and load of content servers. Using the GSS in combination with Cisco’s Content Services Switch (CSS), Cisco’s Catalyst 6000 Content Switching Module (CSM), or Cisco’s Application Control Engine (ACE) allows users to create Global Server Load Balancing (GSLB) networks.
Although the GSS can be configured to be authoritative for an entire domain, e.g. cisco.com (option 1), the GSS is designed to be integrated into an existing traditional BIND-based or any DNS system. The GSS operates as an A-record DNS server for Hosted Domains (HD) for which it has been delegated authority from a higher-level name server, which generally would be a name server (NS) controlled by an Enterprise or ISP. In addition to A-record support, the GSS is able to proxy for other query types using NS Forwarding and a back-end name server such as BIND.
In this hour-long webinar, security expert and Global Knowledge instructor Phillip D. Shade will provide insight into the emerging network security science of network forensics analysis, a.k.a. security event analysis and reconstruction. Using case studies, you will examine the role of data retention in network forensics analysis, and you will learn about applying forensics analysis techniques to handle application-based attacks, VoIP call interception, and worms, bots, and viruses.
In this post I’ll focus on a topic that’s mentioned in the Cisco FIREWALL training class but isn’t emphasized there or in the online Cisco ASA documentation. When configuring failover on a pair of ASA security appliances, a situation can arise in which network disruption occurs due to the secondary ASA in a failover pair becoming active first and then the primary comes online second. Both the documentation and the courseware point out that this causes the secondary (and active ASA) to swap its interface MAC addresses with those of the primary. Being naturally skeptical about this behavior, I decided to investigate. The rest of this post illustrates my confirmation of this phenomenon.
The official Cisco CCNP Security FIREWALL training course (as well as other documentation) recommends enabling the inspection of the Internet Control Message Protocol (ICMP), even though it’s disabled by default. The image below displays the recommended practice as configured in ASDM, but the curious student might wonder what the unchecked “ICMP Error” box is. That’s what I’ll focus on in this post.
This report discusses the growing significance of human capital and intellectual property on the performance, sustainability, and valuation of companies. It examines the business drivers for investing in the acquisition, development, and certification of knowledge workers as well as current technology and economic trends that are accentuating the critical need to invest in the education and training of employees and customers.
As long as I've been involved in service management, one of the perennial debates that's really never been resolved focuses around how many discrete processes ITIL describes. No such single list exists in the ITIL core books. However, section 4.1 of each of the ITIL 2011 core books shows the processes described within that specific book. When we deliver accredited ITIL training, if it is describe in section 4.1 of any of the ITIL core books, then it is considered a "process".
As many of you work on integrating Avaya Aura System and Session Manager into your networks, the case for troubleshooting will indeed occur. There are built in tests in the System Manager that allow you to run tests on 14 different areas, including Session Manager. But what do you do with the results when you get them? I am going to outline six of the most common problems and solutions when installing and implementing System and Session Manager and what steps you can take to troubleshoot and correct the problem.
For us wireless folks that aren’t stellar routing and switching guys, one of the most daunting network tasks is integrating our WLAN infrastructure with the existing wired infrastructure and its services. Understanding wired design topics is pretty fundamental to installing or managing any network, so it really should be on our priority list to spruce up those skills. To give you a nudge on your journey, let’s talk about DHCP for wireless clients.
Your business has been hacked, leaving you with a persistent bot; now what? In this hour-long webinar, security expert David Willson will discuss ways you can eliminate the threat in an act of self-defense or defense of property. As new laws are explored, old ones amended, and solutions sought, you'll take a look at thinking outside the box to give the good guys the advantage-or at least a fighting chance.