I’ve posted about configuring Cisco Identity Services Engine ISE for a few use cases however have had requests to explain the steps to setup a basic lab. This post serves as a guide to get a basic ISE lab running to test LAN or Mobile devices. My lab uses an Apple Macmini as an ESXI 5.1 server hosting the ISE virtual machine (explained HERE). See the configuration guides for details on configuring a lab.
Virtual Machine Setup: Download the latest ISE .ISO file from cisco.com. Access the ESXI GUI and select New Machine. The recommended specs for a custom New Machine:
Virtual Machine version 7
Linux 5 32 bit
2 virtual CPU
4 gig of memory
60 gig of space – thin provisioning (I find thick isn’t necessary for a lab) Continue reading →
Controlling who and what access your network is a critical element to keep your resources safe from malicious threats. Network Admission Control (NAC) solutions like the Cisco Identity Services Engine (ISE) can police who and what is permitted network access as well as enforce policy for those devices. Examples would be permitting an administrator with a government furnished Windows 7 laptop access to VLAN 10, which holds internal servers, while provisioning a marketing professional’s iPad with VLAN 20 access, which is limited to Internet and email through the use of ACLs. Continue reading →
Lancope enables visibility for security and network performance. Security capabilities focus on identifying insider threats such as botnets, malware and data loss using non-signature network wide correlation of all traffic. Pretty much anything touching the physical or virtual network leaves a footprint known as NetFlow that is investigated for malicious intent and performance statics.
Lancope offers a virtual and physical appliance option for the StealthWatch technology making it easy to build a lab. This post will explain how to build a simple Lancope lab integrated with Cisco ISE 1.2 beta using an Apple Mac mini server hosting vSphere ESXI 5.1 with ASA 5505 firewall. Continue reading →
Today’s threat landscape is loaded with malicious websites, malware and other risks that attack users every nanosecond of the day. There isn’t a single product available that can guarantee protection from cyber threats. Older solutions leveraging static technologies such as signatures are not good enough. The best approach for dealing with advanced threats is continuously monitoring the entire network through layering security technologies. Continue reading →
Part of my job is being an expert on various technologies. This means having hands on experience with the latest products as well as the ability to demonstrate how specific solutions work. Many vendors are virtualizing their solutions making it easier to build a home lab that is portable and light on power usage. My team has researched the best method for a mobile home lab based on price, size, power consumption and noise. After comparing various servers and laptops, we found the AppleMac mini to be the best choice. It’s small enough to fit in a backpack, low on power consumption, silent and around $1,400 fully loaded. Continue reading →
Press around the DDoS attack Operation Ababil has caught the attention of many of our customers. This sophisticated cyber strike used a combination of three separate rootkits targeting webservers, which produced a very high upstream attack method on multiple companies simultaneously. The scary part about Operation Ababil was it was designed to bypass standard DDoS defense methods. This clearly demonstrates there isn’t a silver bullet for addressing advanced DDoS attacks. Distributed Denial of Service DDoS, web application and DNS infrastructure attacks represent some of the most critical threats to enterprises today. Here is some suggestions for a reference architecture to defend against these an other advanced threats. Continue reading →