Cisco Blog: September 2008 Archives

« August 2008 | Main | October 2008 »

September 26, 2008

Cisco Updates CCSP

It's official - the CCSP is updated. I'm really digging the "core exams + electives" option. Allows you to become a CCSP who specializes in some security technology (ASA, MARS, NAC) without requiring you to know everything to get a CCSP certification. Wish they'd do the same for the CCVP program...I'm sure they will...

Posted by JC at 12:15 PM | Comments (2) | TrackBack

September 25, 2008

Fast Cisco Searches with Firefox and IE!!!

Wow! Just stumbled on this one today. Cisco now allows "quick searches" from Firefox (yey!) and IE 7 (sigh...).

You can use this feature to search the following:

* BugID Lookup Tool
* Command Lookup Tool
* Error Message Decoder Tool
* TAC Service Request Query
* Search Cisco
* Search Cisco Brazil
* Search Cisco Japan
* Search Cisco Latin America
* Search Cisco Russia

(My favorites are bolded) This allows you to do a quick search of any of these tools/websites without navigating to them! Sweeeet! Just navigate to the following link to add them in:

http://www.cisco.com/web/tsweb/searchplugins/plugin_homepage.html#

Posted by JC at 2:55 PM | Comments (1) | TrackBack

September 24, 2008

Implementing QoS on PIX/ASA

While doing some web searches, I ran across this post from Anthony Sequeira, an old friend of mine from the KnowledgeNet days. Excellent description and examples of implementing Priority Queuing on an ASA - plenty of other ASA QoS links to follow here too.

Posted by JC at 8:06 AM | Comments (0) | TrackBack

September 18, 2008

Ah...Witty Use of Show IP Interface Brief...

Ivan Pepelnjak of Cisco IOS Hints and Tricks blog came up with even a more concise use of show ip interface brief:

To display IP addresses assigned to router's interfaces (excluding interfaces with no IP address) use show ip interface brief | exclude unassigned command.

Here is a sample printout:

C1#show ip int brief | excl unassigned  
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            172.16.0.1      YES NVRAM  up                    up      
Serial1/0                  10.0.7.17       YES NVRAM  up                    up      
Loopback0                  10.0.1.1        YES NVRAM  up                    up      
Tunnel0                    192.168.0.1     YES manual up                    up

You could define an alias to create a new IOS command generating this printout, for example, alias exec ipconfig show ip interface brief | exclude unassigned.

Very nice...

Posted by JC at 9:42 AM | Comments (4) | TrackBack

September 17, 2008

Book Review: Voice over IP Security

I've always been interested about VoIP security...it seems many networks running VoIP are now considering their security options (years after initial deployment). When I first looked through this book, I was unimpressed. It seems like the book spends A LOT of time talking through foundations of H.323, MGCP, SIP, encryption, authentication, etc... (just general security topics and voice concepts). However, Chapter 6 (Pages 128-173) makes the book worth the purchase. It walks through in "attack-counterattack" form ways that people can destroy your voice network and ways to mitigate these attacks. I really enjoyed the fact that the author shows you how to pull off the attack yourself in many of the sections so you can test to see if you've properly secured the network.

So...for the most part, the book could have been 50 pages long and I would have been happy with it. I guess that's about as much as I read from most books anyhow.

Posted by JC at 4:35 PM | Comments (0) | TrackBack

September 11, 2008

Cisco Emulation Abounds...Now...ASA!

Geez - where was all this stuff when I was studying for my CCIE. It looks like there's now a way to get a true, emulated ASA system running using the PIX emulator.

Here's the URL with all the info (it's a little process): http://www.bitbucketblog.com/?p=115

It'll be nice when everything gets integrated into GNS3...we're just missing the true (non-router integrated) layer 3 switch emulation. I'm sure someone's already working on it.

Posted by JC at 9:09 AM | Comments (2) | TrackBack

September 9, 2008

Cisco Background?

I've never been hip on desktop wallpapers for my PCs...I usually just go with a straight "black" solid color background. This morning, I suddenly had the thought, "it sure would be cool to have a Cisco logo (the new one, of course) right in the middle of my desktop." Some quick Google searches didn't turn up anything...anyone know where to get a sweet Cisco wallpaper?

FOLLOW-UP #1: Here's a decent one with the old logo. I'd really like to keep my black background though...Fluorescent green fries my eyes.

FOLLOW-UP #2: Here's a wallpaper with the new logo on a white background (thanks Brandon!).

FOLLOW-UP #3: Here's a wallpaper with the new logo on a black background (thanks Daniel!).

Posted by JC at 9:11 AM | Comments (5) | TrackBack

September 5, 2008

Jeremy and VMWare ESX Server...Love at First Sight!

We take a break from our regularly scheduled Cisco programming to bring you this 'killer free-product' alert. I've now added VMWare ESX server (free) to my list of "programs that will change your life." I believe we actually have Microsoft to thank for making this product free since they're now trying to compete with VMWare by including Hypervising with MS Server 2008.

If you haven't seen it, VMWare ESX allows you to do essentially the same thing VMWare Server does, but without running on a client operating system (well, technically there's a 32MB VMWare operating system it runs now). I know, it doesn't sound that cool, but I can't begin to describe the performance increase for all my virutal machines. About 3 weeks ago, I converted my Dell Poweredge 2900 server to this product...Suddenly, I got a raise, my dog stopped barking, my neighbor brought me chocolate chip cookies, and I found an extra 5 bucks I had forgotten in my shorts pocket months ago (I love it when that happens).

Seriosuly...VMWare ESX server cannot be explained; you must experience it for yourself.

Posted by JC at 7:52 PM | Comments (7) | TrackBack

September 4, 2008

IOS 12.4(6) Turns Your Router Into an ASA

Okay...maybe it doesn't do EVERYTHING the ASA does...but it's definitely a step forward in the Firewall Feature Set of the IOS. Routers running this version of code now support zone-based policies, which really helps with multi-interface restrictions (rather than just one outside & one inside interface with individual access list applications). Likewise, it now supports application inspection to catch those scandalous peer-to-peer programs.

Check out the whole scoop here.

Much thanks to Joshua Walton for sending me an email on this and slightly brightening the most dismal CiscoWorks installation day I've ever had. Oh look - CD #12 is done...on to 13.

Posted by JC at 3:11 PM | Comments (4) | TrackBack

CiscoWorks LMS...Shoot me now.

I am currently sitting in a sub-zero IT room on my 6th hour and 12th CD of a CiscoWorks Lan Management Solution (LMS) 2.6 installation/upgrade. This is the most pathetic, waste-of-time product I've ever worked with...and I haven't even finished the installation.

I will never agree to do a CiscoWorks LMS installation again.

Ever.

At least my fingers are numb so I can chew on them from boredom without feeling anything.

Posted by JC at 3:04 PM | Comments (9) | TrackBack

Cisco Blog

The world of all things Cisco