InfraWorld
The Cisco Champions for 2018 are announced and I am proud an very honoured to be selected as 
a Cisco Champion for the 5th year in a row!
For more information about the Cisco Champion program, click here.
As another bonus this year, my colleague Rob Heygele is selected as Cisco Champion for the 4th year in a row! Congrats to him and offcourse to all other fellow Champions of 2018! See you soon at Cisco Live Barcelona and/or online!
The Cisco Champions for 2016 are announced and I am proud an very honoured to be selected as a Cisco Champion for the 4th year in a row!
For more information about the Cisco Champion program, click here.
As another bonus this year, my colleague Rob Heygele is selected as Cisco Champion for the 3th year in a row! Congrats to him and offcourse to all other fellow Champions of 2017! See you soon!
At Cisco Live Europe 2016, I’ve heard a few interesting things about Cisco ACI. Down here, a few notes about the things I’ve heard (Non-nda):
The Cisco Champions for 2016 are announced today and I am proud an very honoured to be selected as a Cisco Champion for the 3th year in a row!
For more information about the Cisco Champion program, click here.
As another bonus this year, my colleague Rob Heygele is selected as Cisco Champion for the 2nd year in a row! Congrats to him and offcourse to all other fellow Champions of 2016! See you soon!
Imagine, you can SSH to a host / server and use this SSH server as a proxy to access any local webserver (or anything else) on the local network of the SSH server… This is easily possible with PuTTY (awesome SSH client!).
As a demo, lets say we have the following topology:
We would like to manage the local firewall (192.168.1.254) from a pc on the internet. We assume that we can SSH into the SSH server.
Read more
I’ve had another opportunity to write a blog post for Cisco’s blog site: blogs.cisco.com. My second Cisco blog post is about my perspective and view about SDN, Software Defined Networking.
We’ve all heard about SDN but no one does have a real understanding about it. You can read my view on todays SDN in this blog post.
The link: SDN – A Cisco Champion’s perspective
In this and other posts we’ll discuss the Cisco Web Security Appliance. This is the blog agenda:
Part 1: Introduction
Part 2: Installing
Part 3: Deploying Proxy Services
Part 4: Policies
Part 5: Acceptable use & HTTPS Inspection
Part 6: Authentication
Part 7: Defending malware
This is the 6th part of the series.
A proxy is no real proxy without user authentication. That’s what I’m going to discuss in this post. Authentication is needed for logging and user tracking.
Authentication options:
In explicit forwarding mode you can use straightforward proxy authentication. In transparant mode you have to fool the WSA.
In case all authentication services are unavailable, you can choose to permit or block all traffic. You can find this setting in Network > Authentication, click Edit Global Settings.
Read more
Today is a big day in Cisco social networks: the Cisco Champions for 2015 are selected and I’m proud, honored and excited to announce that I’m elected as a Cisco Champion 2015 for datacenter 2015.
As you might now, I was a Cisco Champion too in 2014, that was the first year the program existed. The second year started today!
For more information about the Cisco Champion program, click here.
As another bonus this year, my colleague Rob Heygele is selected as Cisco Champion in Enterprise networks! Congrats to him and offcourse to all other fellow Champions of 2015!
In this and other posts we’ll discuss the Cisco Web Security Appliance. This is the blog agenda:
Part 1: Introduction
Part 2: Installing
Part 3: Deploying Proxy Services
Part 4: Policies
Part 5: Acceptable use & HTTPS Inspection
Part 6: Authentication
Part 7: Defending malware
This is the 2nd post in the series.
Installation of the (virtual) WSA is straight forward. I’ll cover the most important and critical steps in a basic installation.
Hardware appliance
A hardware appliances has 5 interfaces, connect the required interface to your network:
Virtual appliance
The virtual appliance is downloadable as a OVF file. Import the OVF file into you VMWare servers with the specifications as described in the previous blog post.
Configuration
Your first basic installation starts with connecting to the M1 port and browse to: http://192.168.42.42:8080 and login with these default credentials:
You can also connect with SSH with the same login credentials. Start the interface config with the interfaceonfig command:
Run Setgateway
Select the M1 interface and enter the IP of the default gateway.
Don’t forget to commit the changes with the commit command. This is only needed for CLI configuration.
And the WSA appliance is up and running!
Read more
We configured a OTV DCI in my previous post and it was working as expected and by design. But during testing of all the VLANs I discovered a problem with HSRP over OTV, but only for 1 specific VLAN. The test results:
I still have no idea why this problem only exists for VLAN 10, all other VLANs work as expected but I’ve found a good workaround for this in the configuration guide:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/wan/command/wan-cr-book/wan-m1.html#wp3953249580
Read more