As promised in the last post, I added a list of free or low-cost training and labbing options for folks.
I've been thinking about writing this post all week and decided to wait until I processed my thoughts a little more before I wrote it out. There's a lot of fear, uncertainty and doubt that's been going on in the field for years and here are some of repetitive questions I tend to hear on Linkedin, Techexams and other social media:
- Is it worth going into networking/getting a CCIE/etc if SDN is going to take over?
- There's so many engineers out there, why do companies choose to hire H1Bs?
- Do I have to worry about my job getting outsourced to another country?
- Do I have to worry about H1Bs taking my job?
In this blog post, I'm going to go ahead and add a NAT configuration cheatsheet. This isn't intended to be an explanation of NAT but instead to just highlight the configuration differences between the different types of NAT.
It was about a year ago that I posted this post where I went through the CCIE Security materials I intended to study with. In that time, the CCIE Security v5 blueprint was released and I thought I would update the list to reflect the current blueprint and the study materials I am using.
In this video, I set up the WSA from scratch and then integrate the WSA via pxGrid.
In this video, I'll be integrating Firepower and ISE and configuring quarantine and unquarantine rules
This is a quick video just discussing the benefits of why integrating ISE and Prime Infrastructure together from an operational point of view could be a good idea.
In this video, we will dig into posturing and also some of the newer features of ISE 2.2 in regards to application visibility on the endpoints.
In this video, I'll configure TACACS+ for my router and switches and play around with RBAC and commands a bit more.
In this video, I'll configure TACACS+ on the ASA and ISE 2.2
So easy that even Narbik's grandma can do it
In this video, I'll go over AMP for Endpoints at a high level and then demonstrate it's integration with ISE.
In this video, I go through the BYOD configuration using the ISE CA to issue certificates.
In this video, I'll manually configure hotspot access and self-registered guest access without the ISE 2.2 wireless wizard
In this video, I explain the enhancements to PassiveID as of ISE 2.2, deploy the AD Agent and configure authorization policies with it.
In this video, we're going to go ahead and create a sponsored guest wireless SSID using the new wireless setup wizard that's in ISE 2.2. It's pretty simple to do the same thing with BYOD and wireless dot1x.
In this video, I'm going through the WLC installation and setup.
In this video, I'll be configuring wired 802.1x and showcasing RBAC access with it.
This is a continuation from the last video about profiling. I just wanted to talk about the Active Directory probe and some of the stuff you can see and do with it. To enable the Active Directory probe, navigate to Administration>Deployment and click on the PSN you would like to turn on the probe on. You must have the DNS probe enabled as well. Under the Profiling tab, check the box next to DNS and Active Directory to enable both probes.
In this video, I'll be creating some custom profiles and creating profiling policies. You'll watch me walk through using the NMAP feature in ISE, create custom profiles, create authorization profiles, logical profiles and tie it all together in the policy set.