802.1x VLAN User Distribution (VLAN Group)

In this blog post, I will be going over 802.1x VLAN User Distribution (sometimes referred to as "VLAN Groups") in Cisco IOS and a use case scenario that involves Cisco ISE (Identity Services Engine). First, some background around VLAN Groups. Based on my research it seems there are two major types of VLAN Groups: The … Continue reading 802.1x VLAN User Distribution (VLAN Group)

Advertisements

Cisco ISE REST API & Python

I've been faced with a fun little challenge on how to make sure our ISE deployment has every NAD (Network Access Device) configured appropriately to allow for successful EAP communications. Originally I was planning on utilizing a CSV and the bulk import tool to regularly import new devices into ISE as they were built. This allows … Continue reading Cisco ISE REST API & Python

IKEv2 with RSA Signatures

Currently my studies have taken me on an adventure into the wonderful world of Cisco Security. I am studying for the 300-209 (SIMOS) certification exam which is VPN technologies including DMVPN, FlexVPN, and a few other flavors of VPN.I find it interesting that so many try very hard to avoid having to implement security because its … Continue reading IKEv2 with RSA Signatures

Hiding (filtering) a specific user from reporting in Cisco ISE

I ran into an interesting problem preparing for an 802.1x deployment - the authentications report in Cisco ISE was full of all the network devices checking to make sure ISE was still available (health checks). As seen below the load balancer's keep alive fill the logs pretty much on their own, imagine trying to troubleshoot a … Continue reading Hiding (filtering) a specific user from reporting in Cisco ISE

Controlling Traffic to a Virtual Server on F5

There are multiple ways to control what traffic is allowed or not allowed through a BIG-IP F5 system or for specific Virtual Servers (VS). The following method uses F5's AFM (Application Firewall Manager) module to create security policies which are then applied to a specific VS. For this method example, traffic from three specific hosts … Continue reading Controlling Traffic to a Virtual Server on F5