Go to the top

Author: Ziaul

SFR Install
Thursday / Nov 29, 2018 /

Re-image Cisco ASA Firepower module SFR

Ziaul / ASA, Firepower, Network Security /

Re-image Cisco ASA Firepower module SFR Re-imaging the SFR module on ASA would set everything to factory default. Normally, its done when something has gone horribly wrong or the module is not behaving correctly i.e FMC cannot contact the module after ticking all the boxes. All upgrades to SFR should be performed using FMC or other […]

Continue reading
Firepower-FMC
Wednesday / Nov 28, 2018 /

Configuring Cisco NGIPS – ASA with Firepower and FMC

Ziaul / ASA, Firepower, Network Security /

Cisco Firepower Management Center (FMC):    Cisco Firepower Management Center (formerly FireSIGHT Management Center) is the administrative nerve center for Cisco security products running on a number of different platforms. It provides complete and unified management of firewalls, application control, intrusion prevention, URL filtering, and advanced malware protection. The Management Center is the centralised point for […]

Continue reading
Firewall-Security
Monday / Nov 19, 2018 /

Harden Cisco ASA Firewall – Best Practice

Ziaul / ASA, Network Security /

Cisco ASA is a security device that combines firewall, intrusion prevention, virtual private network (VPN) capabilities, and other security features. It provides proactive threat defense that stops attacks before they spread through the network. It is used as a security solution for both small and large networks. Below are the config snippets that can be […]

Continue reading
AnyConnect
Thursday / Aug 02, 2018 /

Importing SSL Key and Certificate on ASA for Anyconnect – CLI

Ziaul / Network Security, VPN /

Below are the steps to successfully import and use third party SSL certificate on ASA for Clientless SSLVPN and the AnyConnect client connections. Its fairly simple when the key is generated and CSR requested from ASA and then 3rd party certificate is imported. The steps below would focus the situation where the certificate already exists […]

Continue reading
palo-alto-hardware-architecture
Tuesday / Jun 12, 2018 /

Palo Alto Firewall Deployment Modes

Ziaul / Network Security, PaloAlto /

Palo Alto firewall can operate in multiple deployments at once as the deployments occur at the interface level. Below is a list of the configuration options available for  interfaces: Virtual Wire Deployments Layer 2 Deployments Layer 3 Deployments Tap Mode Deployments Virtual Wire Deployment With virtual wire mode, a firewall is deployed transparently in a network […]

Continue reading
SNMPv3
Tuesday / May 29, 2018 /

Config snippet – SNMPv3 IOS, ASA

Ziaul / Cisco /

SNMPv3 IOS ! All OID read only ! ip access-list standard MONITORING_SVRS permit x.x.x.x x.x.x.x permit x.x.x.x x.x.x.x deny any log exit ! snmp-server group MONITORING-READ v3 priv ! snmp-server user xxxx MONITORING-READ v3 auth sha ABCDABCD priv aes 128 WXYZWXYZ access MONITORING_SVRS ! end ! Restricted OID read only ! ip access-list standard MONITORING_SVRS […]

Continue reading