Just a short post about my recent Cisco exam, I was able to pass the 300-115 to renew all my lower CCNA certifications. The last time I took a Cisco exam was almost 3 years ago when I passed the CCNA Data Center certification. Overall the exam was fair although you will need multiple study resources to make sure you cover all the exam objectives.
The primary reason for doing this exam first instead of ROUTE or TSHOOT was I felt it was maybe the hardest one? Won’t really know until I take the other two.
The resources I used:
I “officially” started about three months ago, but was really off and on throughout 2018. During the last three months I did about an hour a day (Monday-Friday), the weekends I would shoot for 4 to 5 hours off and on during the day.
Not really in rush, so I’m probably going to wait until next winter, maybe ;)… I know it seems weird to drag this out and not just pass all of the exams but there are some personal/life goals this year I would like to at least start, in the meantime I hope this information is helpful and good luck!
So a single ISP isn’t cutting it anymore you need a backup just in case the primary fails and might as well add a second ASA into this design, more redundancy equals more up-time, right? On paper it sounds good but in the “real” world there probably is tipping point, more redundancy increases complexity. In this post we’ll aim to keep it simple, with setting up a Cisco ASA HA active/standby pair and then add in the second ISP. Let’s get started!
Continue reading “Dual ISP – Cisco ASA HA Active/Standby”
Starting from ASA 9.3(2) and onward the 5500-X hardware supports a RESTful API as an additional method for configuration/monitoring ASA hardware. Infrastructure as code as they call it, not anything new but I was reading a post that wrote and as he points out there are two types of styles when we are dealing with IaC, the data model or CRUD. When reading information about the ASA RESTful API it was interesting what the ASA falls into, CRUD is the method it uses and although this method works, I have similar feeling to what Ivan posted, it wonders me if this is really a step forward into IaC. In this post we’ll go through the steps to enable it and you can be the judge, does this RESTful API help? Continue reading “Enable a RESTful ASA API”
We are back with another post about Cisco’s Firepower Management Center and this time we are working with the DNS list which if you have a protect license you can have your Firepower modules or your FTD (Firepower Threat Defense) devices look at DNS requests and deny requests if they are malicious. These have to be applied on your access control policy to be able to use it and in this post we are going verify some of the domain names that are in this lists. Continue reading “Verifying DNS Lists – FMC”
No management centers here, sometimes a standalone firewall is all you need. In this post I have a FTD appliance and there really isn’t a need tie this into Cisco’s Firepower Management Center. So we’ll configure appliance in standalone mode and go through the initial first steps that are required to get it online and walk through Firepower Device Manager. If you worked with Cisco FMC you’ll find its pretty similar, so with introductions out-of-the-way let’s get started!
Continue reading “Cisco FTD Standalone”