Author Archives: sr71rocks

CiscoLive 2023 – Day Three

Had some good classes today!! I enjoyed the class that covered an overview of the CAT 9000 series of switches! Although the class was focused on the access layer, there was some info on the entire line. It’s nice to see that their various lines of switches (2900, 3600, 4500, and 6500) have all been consolidated into a single series of switches with a common architecture and operating system. With the 9000 series, it can take you from the access layer, through the distribution layer, and into the core. Thanks Cisco!!

I then took an intro class into BGP…it’s been a long time since I worked with BGP (it was still a 2-byte AS field). The two instructors, Gustavo Sibaja and Peter Paluch, did a very good job tackling a complex subject…and they made it fun!!

I also stopped by a variety of Cisco booths, checking in on the status of Cisco SIG, future plans for branch site security controls, etc. I can tell you this…Cisco is betting big with Secure Access! Umbrella SIG will ultimately be rolled into this service, and if Cisco can deliver on their promises, this could be a game changer for many organizations. Hopefully, it won’t have the growing pains that SIG had.

While walking around the World of Solutions, I noticed the Social Media Hub…

Other than taking this picture, you will never find me sitting in one of these! I am not a big believer in social media…in fact, I like to call it Anti-Social Media. There is a lot of potential good with social media…however, the results thus far have been largely negative, and even damaging. One can always hope…

Y’all have a great day!!

wri mem

CiscoLive 2023 – Day Two

The main keynote address was this morning…it started out with a group of dancers doing their thing. It didn’t do much for me…but most of the attendees liked it. Afterwards, there were several talks by some of Cisco’s divisional VP’s…they were ok, but most of them were glued to their teleprompters…can’t flub in front of a world-wide audience! However, Chuck Robbins (CEO) did a good job…you can tell he practiced his material, and rarely looked at the prompter. He also had some good information and news, and did a really good job of addressing his audience…thanking us for the job we do on a daily basis. He should be pleased with his presentation.

As for the rest of the day, I had some interesting classes…took a couple of walk-in labs…it was a good day!

write mem

CiscoLive 2023 – Day One

Started the day off by drinking the Cisco Kool-aid…don’t you know that Cisco SD-WAN solves all problems!! Actually, they do have a very complete and mature solution…but it is equally complex and costly. If you have a lot of on-prem and Cloud based systems, and they all need to communicate with each other in a variety of manners, the Cisco SD-WAN solution will make it all work. Seriously…they cover all the bases, and then some. For smaller enterprise networks though, it’s probably overkill. Do yourself a favor and research SD-WAN…let your application requirements drive the network design. And remember…keep it simple!

I also attended a class on the Cisco CCNP…just to see what’s changed…which is not much over the last 4 or so years. However, the CCNP test is changing a bit this September…not too much they said, maybe about 20% of the test is getting updated. Not sure what parts though.

My wife and I then took a taxi down the strip, had dinner, watched the fountain show at the Bellagio, then walked all the way back to the Mandalay Bay hotel. It was an enjoyable evening!!

write mem

CiscoLive 2023 – It’s Been a While…

It’s been a while since I last updated this blog…life gets in the way sometimes. However, now is the time! And what better reason than CiscoLive 2023 in Las Vegas!!

YES!!

My wife and I flew in yesterday afternoon (Saturday), and we are staying at Mandalay Bay Resort. CiscoLive is also located here, so no worries about transportation to/from the conference…this is VERY nice! I also purchased the Explorer pass for my wife…she is a bit of a geek herself, and she enjoys attending the main Keynotes, World of Solutions Expo, and the Cisco Live Celebration!! And her pass includes lunches, so we can meet up for that too!

This most likely will be my last CiscoLive! I’m retiring soon, and my manager at work was happy to coordinate this “last hurrah”, and send me to CiscoLive. (The company I work for is awesome!) I’m looking forward to gaining more knowledge about SD-WAN and related technologies. The network I manage is DMVPN based, and it’s been rock-solid for years. And since we have no Cloud presence (as yet), there has been no need for SD-WAN. However, that may be changing in the next year or two…so SD-WAN may be an important option soon. Cisco has a solid SD-WAN solution, but so does Palo Alto, VMware and Fortinet. And to be honest, although I have been drinking the Cisco Kool-Aid for many years, I am very open to other vendors. Dealing with Cisco these last 5 or so years has been a bit painful…(more about that another day).

I’ll try to provide updates over the next several days…fingers crossed.

write mem

Cisco Releases NX-OS Security Alert Bundle

Cisco NS-OS Security Alert Headline

On March 6, 2019, Cisco released a bundle of Security Alerts aimed at their Cisco Nexus/NX-OS line of switches. And by bundle, I mean 25 separate alerts! If you have any of the affected devices in your network, you better get some coffee brewing…(for me, that means lots of Dr. Pepper!!). The Security Alert bundle can be found here, and Cisco’s main webpage for Security Alerts can be found here.

Enjoy!

For Your Prompt Attention — NOT!!

I get these emails somewhat regularly, as I’m sure you do too. I usually just laugh…how stupid do you have to be to fall for this stuff??? However…I then realize there must be enough people that do fall for it, otherwise these criminals would not be sending the emails out. Ugh!!

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

For Your Prompt Attention:

I am Peter Douglas, United Nations Inspection Agent in Hartsfield Jackson Atlanta International Airport Atlanta GA. We are conducting second phase audition, all abandoned Consignment in USA Airports are being transferred to our facilities here for inspection and confiscation. During our investigation, I discovered an abandoned luggage on your name which was transferred to our facility here in Hartsfield Jackson Atlanta International Airport and when scanned it, it revealed an undisclosed sum of money in a Metal Trunk Box. The consignment was abandoned because the Content was not properly declared by the consignee as money, rather it was declared as personal effect to avoid diversion by the Diplomatic Agent also the Diplomat inability to pay for Non Inspection Fees.

On my assumption, the box will contain more that $6M and the consignment is left in storage house till today through a Courier Dispatch Service. The Consignment is a metal box with weight of about 162LBS (Internal dimension:

W61 x H156 x D73 (cm) Effective capacity: 680 L)Approximately.

The details of the consignment includes your name, the official document from United Nations office in London all are tagged on the Metal Trunk box.

< etc, etc >

Verizon Data Breach Investigations Report 2018

Verizon 2018 DBIR

Last week, Verizon released its annual Data Breach Investigations Report for 2018. It’s another very good read…lots of insights in the world of hacking and nation-state activities. It is well written with some good humor thrown in too.

And it is very scary.

Sometimes I just want to unplug my network from the Internet…I know that I would sleep better, that is for sure. But…business depends on the Internet…so that is not an option. I just need to research and implement security as best as I can. And be prepared as best as I can for the inevitable security event…it will happen. It might be this year or next…or it might be happening right now.

You can download a copy of the report here:  Verizon 2018 DBIR

Note…you will be asked to register, but it is optional…just click the “View only” button.

US-CERT Ramsonware Reminder

If you have subscribed to the US-CERT alerts (and I sure hope you have!!), then you will have received today’s alert on “Ongoing Threat of Ransomware“. PLEASE read it!! Ransomware is getting worse…and it’s not going away anytime soon. This alert is more of a friendly reminder…a tap on your shoulder…to double check your policies and procedures, and make sure you are ready for a Ransomware event. I’m being very honest here…if you haven’t been hit yet, you will.

The alert mentions three main best practices…(with some of my thoughts)…

  • Create system back-ups: This is a no brainer! (I’ll assume you are backing up all of your critical systems and important data.) However, there is more to do…you need to regularly validate the integrity of those backups. Perform test restores and make sure you are comfortable with the processes. And make sure the back-ups are segmented from possible Ransomware attacks. Back-ups are worthless if they end up part of the Ransomware encrypted files.
  • Be wary of opening emails and attachments from unknown or unverified senders: Translated…TRAIN your users!! They are the first line of defense!! And you may groan at that thought, but I will tell you they WANT to be well trained! Just keep it simple and show them examples of what to expect (especially with phishing emails!). Send out regular reminders and make sure to publicly praise them as they catch this stuff…they will love it!!
  • Ensure that systems are updated with the latest patches: Ladies and gentlemen…this is Network Administration 101. If you do not have a regular patch procedure in place, then shame on you!! Failing in this area can get you fired! Nuff said…

And I want to add one more “best practice”…  Segment your network: This is a huge undertaking…one that is a pain in the butt to be honest. But it can pay huge dividends if done right. Most of you will have a Ransomware event at some point (or other security event)…it’s going to happen. However, if you segment your network, you can greatly reduce the impact of an attack or hack.

Segmenting simply means to put in place policies that restrict what type of network traffic can flow where. A simple example is printers…every company has them (lots of them!). Yet most companies place them on the same network segments as the users…not good. You should place all of your printers in their own VLAN, and then apply a policy, such as an ACL (Access Control List) that allows the printers to talk just to the print-servers, and nowhere else. Another example is SQL servers…they should not be accessible to everyone. Apply an ACL that limits communications to only the application servers that need that data (IP addresses and ports).

If you decide to implement network segmentation, take your time! This is a complex undertaking…and if done incorrectly can break things very quickly!

Hope this helps you in your security planning! And have a great week!

A Very Busy 2017 and Resulting Priorities

Wow…it has been a long time since I last posted…and it has been a year, let me tell you. In fact, 2017 was the busiest year I have ever had…just way too much happening, both at work and at home. And something had to give…so I cut back on my French horn playing (that hurt), and I stopped blogging (which I did miss, but not as much at my horn). And yes, things have slowed down a bit, at least so far, in 2018. I’m rejoining the local orchestra and here is a blog. Sorry for the long absence…but sometimes you have to rearrange priorities and make some hard decisions.

So…what made 2017 so busy? Mainly work…I had two huge projects that I was managing…one was the opening of a new district office (lots of people, cabling, network equipment, and dealing with carriers). The other was the disconnect of all remaining MPLS circuits, and moving to new DIA (Direct Internet Access) circuits.  (I’ll talk more about this in a later blog.) And add to all of this is the normal, everyday fires that take up lots of time and energy. Ugh!

Both of the projects are now done…the new office is opened and running very smoothly. In fact, it’s not often that users will compliment me on how fast the network is, but they did here. And all of my old, legacy MPLS circuits are gone…now THAT was a huge project. I’m running mainly static VTI tunnels for now, but I’m in the middle of converting my entire WAN to DMVPN running IKEv2, with a dual-hub, dual-cloud setup. This REALLY has my geek juices flowing!! I’ve been pushing for some sort of network redundancy for years, and I finally got the green light! I’ll let you know how all of this works out later this year.

The other project that kept me busy was the first floor remodel at my house. My wife and I did almost all of the work (painting, refinishing cabinets, and new floors)…the only thing we hired out was the new granite countertops. It looks great, and we got it all done just 2 weeks before Christmas, when most of our kids were able to make it home for a visit!! It was a GREAT Christmas having family home!!

I hope things are going well with you…and you’ll be seeing more blogs now…(fingers crossed).

CiscoLive 2017 Las Vegas Day 1 – Opening Keynote & More

It was a great opening day of CiscoLive 2017 in Las Vegas! First session of the day had to do with using Cisco Umbrella (OpenDNS) to track down cyber activity within your network…

An excellent introduction to Cisco Umbrella

Next up was the opening keynote by Cisco CEO Chuck Robbins…

Opening keynote by Cisco CEO Chuck Robbins

His keynote was actually interesting and well done, with little of the humorous hi-jinks of years past…it was professional. His main point concerned how things are changing in the network industry, and in big ways. I may not be involved with all of the new networking technologies that are on the horizon, but one thing was very apparent…I need to adapt to the new world. If I stick to the traditional routing and switching of years past, I might find myself on the outside looking in. And that is not a good thing!! An indication of this is the evolution of Cisco certifications…

Next generation of Cisco certifications

Keep your skill set up to date…or be left behind.

Next up, Chuck had a special guest come up to the platform to discuss the partnership between Cisco and Apple. Yep…the guest was Apple CEO Tim Cook…

Guest CEO Tim Cook from Apple

As for the afternoon, I spent most of it in the vendor expo “World of Solutions”….there was LOTS to see and do, AND learn!! I spent most of my time learning about SD-WAN technologies, updated security solutions, and logging/SIEM solutions. Plus, my wife attended with me!! Yes, I’m a lucky man…my wife is part geek too, and she loves attending CiscoLive with me. I purchased a “Social” pass for my wife which allows her to attend each days keynote address, World of Solutions, and the Cisco Customer Appreciation Event on Wednesday evening. She had a wonderful time today, as did I.

At the end of the day, we took the monorail down the Las Vegas strip and watched the Bellagio Fountains light show…make sure you don’t pass this up, it was well worth the time!!

Bellagio Fountains at nightime

Time to get some rest…it’s going to be another long day tomorrow…