The practice of implementing Cisco ISE. The view of the engineer

Cisco ISE is a tool for creating an access control system for the corporate network. That is, we control who is connected, where and how. We can determine the client device, how much it corresponds to our security policies, and so on. Cisco ISE is a powerful mechanism that allows you to clearly control who is online and what resources it uses. We decided to talk about our most interesting projects based on Cisco ISE and at the same time to recall a couple of unusual solutions from our practice.
 
 
The practice of implementing Cisco ISE. The view of the engineer  
 

What is Cisco ISE


 
The Cisco Identity Services Engine (ISE) is a solution for controlling access ...[/h]
+ 0 -

Massive attack on Cisco

Today (Friday) in the evening twice received a notification of an attack on Cisco routers. As a result of a successful attack, the configuration is deleted.
 
Massive attack on Cisco
 
 
 
 
I hope this information from the IX newsletter will be useful:
 
We are forced to draw your attention to the fact that the botnet, ? is currently active on the network.  
which infects Cisco devices.
 
 
According to the data available to us, as a result of this virus, the configuration
is completely removed.  
network device and you need to reconfigure via a remote console.
 
 
Operational vulnerability CVE-2018-0171
 
(https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2)
 
 
Note that the virus scans the network for the open port TCP 4786.
 
 
The ...
+ 0 -

Load testing script for checking the compliance of the current communication channel parameters with the claimed

Problems


 
In organizations using leased from the communication operators data transmission channels VPN /Internet to build a corporate branch network, sooner or later there can be a situation where it suddenly becomes clear that the channels to some remote units do not meet the stated requirements for bandwidth, or with a small load of channels there are losses that affect the quality of network services.
 
 
At the same time, the monitoring system regularly monitors the availability of channels, the losses on them, and the delay, but due to the fact that the communication channels are not ...[/h]
+ 0 -

Home wireless network on the Cisco Mobility Express hands

Home wireless network on the Cisco Mobility Express handsteapot. How it all started  As usual, such thoughts come when there is nothing to do. So, being on the sea, I thought: why not do home seamless fast wi-fi As luck would have it, my father-in-law bought Netgear Orbi, which worked surprisingly well.   What I had at that time was  Residential house for two owners with a reinforced concrete wall in the middle; 5 different routers (accumulated) connected through a Cisco gigabit switch, one of which - the Asus RT-N66U - also served as a router.  Honestly, I would not say that everything worked badly: it was strained by the fact that customers ...
+ 0 -

Conference DEFCON 16. "Criminal development of iOS Cisco". Felix Lindner, head of Recurity Labs

The next point of my presentation is devoted to the frequently asked question about the work of Cisco centers. Why Cisco? Because they occupy 92% of the market for the sale of routers costing between $ 1500 and 72% of the switch market. We will also discuss the Juniper software, which, from the point of view of hacking, and from the point of view of protecting their security, is open source software based on FreeBSD. Therefore, for us it is not interesting. If we consider cheap home routers from the same points of view, we will see that they have built in classic Linux.
 
 
Today we will consider ...
+ 0 -

Training FastTrack. "Networking basics." "Understanding of Cisco Architecture Games (overview)". Eddie Martin. December, 2012

About a year ago, I noticed an interesting and fascinating series of lectures by Eddie Martin, which is incredibly intelligible, thanks to his history and examples from real life, as well as his tremendous experience in teaching, allows him to gain an understanding of quite complex technologies.
 
 
Training FastTrack. "Networking basics." "Understanding of Cisco Architecture Games (overview)". Eddie Martin. December, 2012  
 
We continue the cycle of 27 articles based on his lectures:
 
 
01/02: "Understanding the OSI model" Part 1 / Part 2
 
03: "Understanding the Cisco Architecture"
 
04/05: "...
+ 0 -

Training FastTrack. "Networking basics." "The Value of Cisco Security Products." Eddie Martin. December, 2012

About a year ago, I noticed an interesting and fascinating series of lectures by Eddie Martin, which is incredibly intelligible, thanks to his history and examples from real life, as well as his tremendous experience in teaching, allows him to gain an understanding of quite complex technologies.
 
 
Training FastTrack. "Networking basics." "The Value of Cisco Security Products." Eddie Martin. December, 2012  
 
We continue the cycle of 27 articles on the basis of his lectures:
 
 
01/02: "Understanding the OSI model" Part 1 / Part 2
 
03: "Understanding the Cisco Architecture" ...
+ 0 -

Training FastTrack. "Networking basics." "Cisco Security Software Products." Eddie Martin. December, 2012

About a year ago, I noticed an interesting and fascinating series of lectures by Eddie Martin, which is incredibly intelligible, thanks to his history and examples from real life, as well as his tremendous experience in teaching, allows him to gain an understanding of quite complex technologies.
 
 
Training FastTrack. "Networking basics." "Cisco Security Software Products." Eddie Martin. December, 2012  
 
We continue the cycle of 27 articles on the basis of his lectures:
 
 
01/02: "Understanding the OSI model" Part 1 / Part 2
 
03: "Understanding the Cisco Architecture" ...
+ 0 -

Training FastTrack. "Networking basics." "Security basics". Eddie Martin. December, 2012

About a year ago, I noticed an interesting and fascinating series of lectures by Eddie Martin, which is incredibly intelligible, thanks to his history and examples from real life, as well as his tremendous experience in teaching, allows him to gain an understanding of quite complex technologies.
 
 
Training FastTrack. "Networking basics." "Security basics". Eddie Martin. December, 2012  
 
We continue the cycle of 27 articles on the basis of his lectures:
 
 
01/02: "Understanding the OSI model" Part 1 / Part 2
 
03: "Understanding the Cisco Architecture" ...
+ 0 -

Wireless LANs or how Wi-Fi works according to the IEEE ??? standard. Lab work in the Packet Tracer

Introduction
 
 
In this article, in the laboratory work, the technology of wireless LANs according to the IEEE ??? standard is being studied. The IEEE standard was developed by the Institute of Electrical and Electronics Engineers (Institute of Electrical and Electronic Engineers). From here he got his name. This standard defines local Ethernet networks; so the TCP /IP model does not define an Ethernet network in its comment requests, but refers to IEEE Ethernet documents. All work will be performed in the Cisco Packet Tracer.
 
 
Wireless LANs or how Wi-Fi works according to the IEEE ??? standard. Lab work in the Packet Tracer
 
 
T...
+ 0 -