In this blog post I'm going to go through the setup of a virtual Web Security Appliance from scratch and a couple of different options you can take. This is a basic setup for the purposes of labbing later with TrustSec and pxGrid. This is what I set up prior to my pxGrid configuration post.
This blog post is going to be a quick one. I'm going to share the configuration of NetFlow so I can export to my StealthWatch system. In previous posts, I mentioned that I'm using a Cisco Catalyst 3650 and ASA 5506 in my lab so I'll go over what I configured on them.
In a previous blog post, I configured pxGrid integration with StealthWatch and ISE using a CA-Signed certificate. In this blog post, I'm going to go through the configuration using self-signed certificates to enable StealthWatch to mitigate threats on the network using ISE.
If you are using AMP for Endpoints in your lab or implementation, I would highly recommend adding the cloud connection to your Firepower Management Center. The reason you would do this is that it allows you to import threat identifications, indications of compromise (IOC), and other malware-related information that the AMP cloud gathers from the endpoints.
In this post, I'm going to go through the configuration of Firepower v6.0.x for pxGrid integration with ISE using CA-signed certificates. In future posts, I'm planning on going through the configuration for both Firepower 5.4 and 6.0 using both self-signed and CA-signed certificates. The reason I plan on doing that is because they are slightly different and it's important to know this.
In this post, I'm going to do a basic setup of my ASA with Firepower. I'm not going to dig too deep into individual policies since those should be dedicated to their own blog post. Instead, I'm going to go through the basic setup of the ASA and the Firepower Management Center (FMC).
In this blog post, I'll go over the configuration of the ASA for TrustSec. This is for the native ASA code - not Firepower. I'll be going over Firepower separately in later blog posts. I'll be going over the configuration of TrustSec, SXP, and writing SGACLs for the ASA in this post. I'll be mostly utilizing the ASDM to make things a little easier and simpler to follow along with.
I have an ASA 5506 running in my lab and I wanted to establish the basic configuration for it first before I jump into the TrustSec configuration. This post isn't much of a deep dive but more informational in the even someone is building a lab similar to mine.
In this blog post, I'll go through the configuration for TrustSec and SXP for both my Catalyst 3650 switch and wireless controller. I'll walk through the configuration, create the SXP connection, and verify. After that, I'll test out a policy by connecting a client to the switch, watching the tag be applied on ingress and the policy applied.
In this blog post, I'm going to actually configure the Nexus 1000v for TrustSec. I'm going to walk through configuring the SXP connection, downloading the environmental data, and then assigning SGTs to devices.
In this blog post, we're going to go over the configuration of TrustSec in ISE 2.1. This configuration also applies to ISE 2.0 as well for the most part. While TrustSec is not a required configuration for a secure ISE deployment, it definitely has some great advantages. It's a security architecture utilizing security group tags (SGTs) that allows that network to enforce access control policy, reduce ACL complexity, and can be utilized for policy in other security devices which I will go into further in later blog posts when I go over pxGrid on different systems.
In this blog post, I'm going to go through the installation of the Nexus 1000v on my ESXi host. The reason I'm installing the Nexus 1000v in my lab is so that I can tag vNIC traffic with Security Group Tags (SGTs) for later labbing.