Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Security Videos

62 Views
0 Comments

This video introduce viewer to Site-to-Site on Firepower Thread Defence (FTD) and showcase how to deploy a simple Site-to-Site configuration to devices managed by Firepower Management Centre.

Read more...

13 Views
0 Comments

Test

614 Views
0 Comments

(view in My Videos)

This video describes what steps are needed while performing a replacement of a ASA, ASA w/ Firepower, Firepower Threat defense. The information used in the video is also available in a power point presentation attached.

 

17 Views
0 Comments

Test

17 Views
0 Comments

(view in My Videos)

Test

27 Views
0 Comments

(view in My Videos)

61 Views
0 Comments

      Join the Discussion : Cisco Ask the Expert   

 

(view in My Videos)

 

Identity Services Engine (ISE) - Guest and Posture Troubleshooting
(Live Webcast Tuesday August 30th, 2016 at 10 am Pacific/ 1 pm Eastern)

 

Cisco ISE manages role-based security policy. It simplifies network-access delivery across wired, wireless, and VPN connections. ISE then integrates, consolidates, and automates the sharing of user and device data with other Cisco security and technology partners. This dynamic network access control improves IT operations as well as stopping and containing threats. As the modern network expands, the complexity of marshaling resources, managing disparate security solutions, and controlling risk grows as well. The potential impact of failing to identify and remediate security threats becomes very large indeed.
A different approach is required for both the management and the security of the evolving mobile enterprise. With superior user and device visibility, Cisco ISE delivers simplified mobility experiences to enterprises. It also shares vital contextual data with integrated technology partner solutions. The identification, containment, and remediation of threats are all accelerated through the integration, consolidation, and automation that Cisco ISE provides.  


This session provides an overview of: Guest and Posture Flow Troubleshooting We’re expecting a basic knowledge being the initial configuration for ISE redirect flows for Guest and Posture. If you want to review these setups, we recommend checking out these links.

Centralized Web Authentication Flow | Posture configuration

 

Agenda:

    • Overview
    • Troubleshooting Common Scenarios with Guest
    • Troubleshooting Common Scenarios with Posture
    • Best Practices
    • QnA

Featured Speakers

 

Sam Hertica has been a Customer Support Engineer in the Technical Assistance Center AAA team in RTP since 3.5 years. He initially started out of college as an Intern on the RTP-AAA team supporting the latest ACS 5.3 and 5.4. Since then, he’s grown to support full ISE deployments, as well as creating tools and resources for his team to troubleshoot complex deployments. Sam graduated from Rochester Institute of Technology with a BS in Applied Networking and Systems Administration in 2012.

 

 

 

 

Maciej Podolski is a member of Technical Assistance Center AAA team in Krakow Poland. He enables customer everyday by resolving complex ISE / dot1x / ACS issues. Maciej graduated from the Warsaw University of Technology with a BS in Electrical and Computer Systems engineering, with major in Telecommunications. He has been passionate about the cyber security since his university years, his final thesis was about steganography in cloud storage. He is also involved in developing tools for the AAA TAC engineers. His favorite hobby is skiing.

 


Do you have more questions? Our experts are available for the next two weeks to answer your questions. Join the Ask the Expert discussion at https://supportforums.cisco.com/expert-corner/events ">https://supportforums.cisco.com/expert-corner/events.

We look forward to your participation. This event is open to all, including partners. Please Share this event in your social channels. You have a chance to win a prize by filling out the survey after attending the live event.

Have a technical question? Get answers before opening a TAC case by visiting the Cisco Support Community.

      

       

19 Views
0 Comments

(view in My Videos)

63 Views
0 Comments

(view in My Videos)

 

This video covers an overview of a Python-based tool that can be used to interact and query the Cisco PSIRT openVuln API using the command line and retrieve additional fields out of Common Vulnerability Reporting Framework (CVRF) XML documents.

 

356 Views
2 Comments

 

  Join the Discussion : Cisco Ask the Expert 

(view in My Videos)

 

Webcast: DMVPN troubleshooting
(Live Webcast Tuesday June 7th, 2016 at 10 am Pacific/ 1 pm Eastern)

Dynamic Multipoint VPN (DMVPN) is a Cisco IOS/IOS-XE Software solution for building scalable IPsec Virtual Private Networks (VPNs). Cisco DMVPN uses a centralized architecture to provide easier implementation and management for deployments that require granular access controls for diverse user communities, including mobile workers, telecommuters, and extranet users.
Cisco DMVPN allows branch locations to communicate directly with each other over the public or private WAN or Internet but doesn't require a permanent VPN connection between sites. It enables zero-touch deployment of IPsec VPNs and improves network performance by reducing latency and jitter, while optimizing head office bandwidth utilization.  


This session provides some insight into the base components involved in DMVPN and the different phases of deployment (hub-spoke model v. dynamic full mesh). It will focus on the layered troubleshooting approach required when working on DMVPN-related network issues and how it can be used to troubleshoot commonly seen problems in the field.

Agenda:

    • DMVPN Phase 1/2/3 Overview
    • Deep Dive on Phase 3
    • Layered Troubleshooting Approach for DMVPN
    • Live Demonstration of Phase 3 Operation
    • Live Troubleshooting of Common DMVPN Issues
    • Best Practices

Featured Speakers

 

Frank DeNofa has been a Customer Support Engineer in the Technical Assistance Center VPN team in RTP since 2013. He has expertise in VPN technologies with a focus on site-to-site VPN solutions such as DMVPN, GETVPN, and FlexVPN. Frank holds a Bachelor's Degree in Applied Networking and Systems Administration with a focus on routing and security from Rochester Institute of Technology in Rochester, NY. His non-networking interests include hockey, CrossFit, and cooking.

 

 

 

 

 

 

 

 

 

Hamzah Kardame has been a Customer Support Engineer in the Technical Assistance Center Security team at Cisco since 2010. His area of expertise lies in the VPN space on both IOS/IOS-XE based platforms as well as on ASAs, focusing on VPN solutions such as DMVPN, GETVPN and FlexVPN, in addition to Public Key Infrastructure (PKI). He holds a CCIE certification in Security (#35596). Hamzah graduated with a Bachelor’s Degree in Electronics and Communication from PESIT at Bangalore, India. His other areas of interest include reading, soccer and traveling.

 

 


Do you have more questions? Our experts are available for the next two weeks to answer your questions. Join the Ask the Expert discussion at https://supportforums.cisco.com/expert-corner/events ">https://supportforums.cisco.com/expert-corner/events.

We look forward to your participation. This event is open to all, including partners. Please Share this event in your social channels. You have a chance to win a prize by filling out the survey after attending the live event.

Have a technical question? Get answers before opening a TAC case by visiting the Cisco Support Community.

      

 

15 Views
0 Comments

(view in My Videos)

202 Views
0 Comments

 

(view in My Videos)

 

Join the Discussion : Cisco Ask the Expert   

 

Webcast: Performance Troubleshooting on Cisco FirePOWER
(Live Webcast Wednesday April 27th, 2016 at 10 am Pacific/ 1 pm Eastern)

 

Safeguarding your network assets and data from today’s threats isn’t easy. You need detailed visibility into all your network layers and resources. With the Cisco Firepower solutions, that’s what you get. This visibility provides the contextual awareness you need to properly evaluate the users, hosts, and applications running in your network, detect multi-vendor threats, and mount an automated defense response.
Plus, the Firepower solution not only protects your network against known and unknown threats before at attack - but does so during and after an attack as well. In independent tests at NSS Labs, among the world’s leading information security research and advisory companies, the Firepower solution was rated 99.4 percent effective in stopping threats and a perfect 100 percent effective in not allowing evasion techniques to succeed. 


This session provides an overview of Firepower solution, use-case scenarios and insights on basic troubleshooting and best practices recommended by engineering.

 

Agenda:

    • Overview of FirePOWER Devices
    • How we process traffic
    • Triggers of poor performance
    • Troubleshooting Performance issues
    • Live Demo of Common Scenarios
    • Best Practices

Featured Speakers

 

Aastha Bhardwaj has been a Customer Support Engineer in the Technical assistance Center Firepower team at Cisco Systems since May 2012. Aastha has 7 years of overall experience in security. She works with engineering and customers to resolve complex issues and creates documents and trainings to help customers use the product more fluidly. She is an expert in security technologies and products such as ASA, IPS, CX, FWSM, and Firepower. Aastha holds a CCIE Certification in Security (#46900), as well as Sourcefire Certified Expert (SFCE#126176). She graduated with a Bachelors’ Degree in Information Technology from Graphic Era Institute of Technology at Dehradun India. She also loves cooking and enjoys traveling the world.

 

 

 

 

John Bennion has been a Customer Support Engineer in the Technical Assistance Center Firepower team in RTP since 2013. He has expertise in Cisco Firepower. John holds the CCNA and CCNP certifications in Routing as Switching and has obtained a Bachelors’ Degree in Computer Information Systems with minors in business and mathematics from the University of Colorado at Pueblo, CO.

 

 

 

 


Do you have more questions? Our experts are available for the next two weeks to answer your questions. Join the Ask the Expert discussion at https://supportforums.cisco.com/expert-corner/events ">https://supportforums.cisco.com/expert-corner/events.

We look forward to your participation. This event is open to all, including partners. Please Share this event in your social channels. You have a chance to win a prize by filling out the survey after attending the live event.

Have a technical question? Get answers before opening a TAC case by visiting the Cisco Support Community.

      

Join the Discussion : Cisco Ask the Expert

463 Views
0 Comments

(view in My Videos)

 

Iot Sec Tips - Security lessons for IT Security practitioners about OT (operational technology) environments.

If you are a security worker within an IT environment and think you might need to prepare for providing security within an OT deployment then this series is for you. This first session goes over some basics of things to know about why these OT spaces are different and what you should consider.

309 Views
0 Comments

(view in My Videos)

Join the Discussion : Cisco Ask the Expert

      

 

 

Webcast: Threat Defense for a Secure Enterprise Branch
(Live Webcast Tuesday March 22, 2016 at 10 am Pacific/ 1 pm Eastern)

 

This video is the recording of the live Webcast. The branch network is key to service delivery and success of many enterprises. After all, most staff don’t work (or shop!) at the data center—they are out in the branches. With the recent massive breaches on the news, security is top of mind concern for many enterprise customers, especially those looking to offload Internet access from their branches directly.
Threat landscape has evolved and attackers have become sophisticated at taking advantage of gaps in security to hide and conceal malicious activity. Traditionally, branch users Internet access was provided through Data Center where sophisticated security tools and policies were in place to protect the users. With the direct Internet breakout, the branch network must provide a good experience with robust security to any user as a part of any new initiative.
This session provides an overview of threat landscape, risks and integrated security tools and techniques available on ISR branch routers to prevent/protect/mitigate these threats.

 

Agenda​

    • Overview and Use Cases
    • How to use tools such as ZBFW, Snort IPS, CWS, FirePower & TrustSec
    • How to deploy and manage security policies and events using Cisco Prime and FireSight
    • Use of third party tools such as LiveAction and Splunk

FeaturedSpeakers

 

Kureli Sankar  started with Cisco in Aug, 2006 as a TAC engineer in the firewall team in Research Triangle Park, North Carolina. As a TAC engineer she supported Cisco's security products. Since, May 6th 2013, she has taken up a new role as Technical Marketing Engineer, Enterprise Infrastructure and Solutions Group responsible for security features on Cisco's IOS and XE products. She has presented at Cisco Live US in 2013, 2014 and Cisco Live Berlin 2016. She has also done quite a few Live Web Casts and ATE (Ask The Expert) events for our forum. Prior to joining Cisco, Sankar worked for John Morrell Co., Cincinnati, Ohio where she was the network administrator in charge of the company's enterprise network covering 27 locations in the United States. She also was an adjunct professor at the University of Cincinnati, teaching undergraduate level networking courses. Sankar holds an engineering degree in Electrical and Electronics Engineering from Regional Engineering College, Trichirappalli, India, CCSP and CCIE Security #35505 certifications. While working full time, she volunteers at various organizations like Citizen School, Durham Performance Learning Center, NC First Robotics, Girl Scouts - Carolina, Raleigh Rescue Mission and gives back to the community.

 

Kural Arangasamy has over 20 years of experience in the networking field and has been with Cisco since 2005. He, is a Technical Marketing Engineer in the Enterprise Infrastructure and Solutions Group. He is responsible for SNORT IPS on ISRs/CSRs and MACSec security features.  Kural lives in San Jose, California with his wife and son.


Do you have more questions? Our experts are available for the next two weeks to answer your questions. Join the Ask the Expert discussion at https://supportforums.cisco.com/expert-corner/events ">https://supportforums.cisco.com/expert-corner/events.

We look forward to your participation. This event is open to all, including partners. Please Share this event in your social channels. You have a chance to win a prize by filling out the survey after attending the live event.

Have a technical question? Get answers before opening a TAC case by visiting the Cisco Support Community.

 

Join the Discussion : Cisco Ask the Expert       

 

 

28 Views
0 Comments

Webcast: Threat Defense for a Secure Enterprise Branch
(Live Webcast Tuesday March 22, 2016 at 10 am Pacific/ 1 pm Eastern)

This video is the recording of the live Webcast. The branch network is key to service delivery and success of many enterprises. After all, most staff don’t work (or shop!) at the data center—they are out in the branches. With the recent massive breaches on the news, security is top of mind concern for many enterprise customers, especially those looking to offload Internet access from their branches directly.
Threat landscape has evolved and attackers have become sophisticated at taking advantage of gaps in security to hide and conceal malicious activity. Traditionally, branch users Internet access was provided through Data Center where sophisticated security tools and policies were in place to protect the users. With the direct Internet breakout, the branch network must provide a good experience with robust security to any user as a part of any new initiative.
This session provides an overview of threat landscape, risks and integrated security tools and techniques available on ISR branch routers to prevent/protect/mitigate these threats.

Agenda​

    • Overview and Use Cases
    • How to use tools such as ZBFW, Snort IPS, CWS, FirePower & TrustSec
    • How to deploy and manage security policies and events using Cisco Prime and FireSight
    • Use of third party tools such as LiveAction and Splunk

FeaturedSpeakers

Kureli Sankar  started with Cisco in Aug, 2006 as a TAC engineer in the firewall team in Research Triangle Park, North Carolina. As a TAC engineer she supported Cisco's security products. Since, May 6th 2013, she has taken up a new role as Technical Marketing Engineer, Enterprise Infrastructure and Solutions Group responsible for security features on Cisco's IOS and XE products. She has presented at Cisco Live US in 2013, 2014 and Cisco Live Berlin 2016. She has also done quite a few Live Web Casts and ATE (Ask The Expert) events for our forum. Prior to joining Cisco, Sankar worked for John Morrell Co., Cincinnati, Ohio where she was the network administrator in charge of the company's enterprise network covering 27 locations in the United States. She also was an adjunct professor at the University of Cincinnati, teaching undergraduate level networking courses. Sankar holds an engineering degree in Electrical and Electronics Engineering from Regional Engineering College, Trichirappalli, India, CCSP and CCIE Security #35505 certifications. While working full time, she volunteers at various organizations like Citizen School, Durham Performance Learning Center, NC First Robotics, Girl Scouts - Carolina, Raleigh Rescue Mission and gives back to the community.

Kural Arangasamy has over 20 years of experience in the networking field and has been with Cisco since 2005. He, is a Technical Marketing Engineer in the Enterprise Infrastructure and Solutions Group. He is responsible for SNORT IPS on ISRs/CSRs and MACSec security features.  Kural lives in San Jose, California with his wife and son.


Do you have more questions? Our experts are available for the next two weeks to answer your questions. Join the Ask the Expert discussion at https://supportforums.cisco.com/expert-corner/events ">https://supportforums.cisco.com/expert-corner/events.

We look forward to your participation. This event is open to all, including partners. Please Share this event in your social channels. You have a chance to win a prize by filling out the survey after attending the live event.

Have a technical question? Get answers before opening a TAC case by visiting the Cisco Support Community.

41 Views
0 Comments

CWS Linux Connector Configuration Walkthorugh by Dhiren Tailor

Read more...

443 Views
2 Comments

 

This Video demonstrates Configuring AnyConnect Secure Mobility Client Using ASDM VPN Wizard on ASA (with and without split tunnel options).

 

https://www.youtube.com/watch?v=rlLl0Ee_kcM

34 Views
0 Comments

(view in My Videos)

 

The issue is described here: https://supportforums.cisco.com/discussion/12865061/anyconnect-certificate-authentication-strange-behavior

61 Views
0 Comments

Learn about deployment and upgrade of AnyConnect WebSecurity through an ASA.

Read more...

292 Views
0 Comments

(view in My Videos)

This video shows how to operate Packet-Trace on Cisco ASA. This video contains CLI and ASDM example.

36 Views
0 Comments
93 Views
2 Comments
312 Views
1 Comment

(view in My Videos)

This Video Explains the way ACS process the incoming authentication request. All requests are processed on the basis of rules.

 

 

 

961 Views
0 Comments

(view in My Videos)

FirePOWER Threat Defense for Integrated Services Routers ( ISR )
(Live Webcast July 8, 2015 at 10:00 am Pacific Time / 1:00 pm Eastern Time)

Ask questions from July 8, 2015 through July 17, 2015 
 Cisco Ask the Expert

In October 2013 Cisco acquired Source Fire, an industry leader in the security solution space. Since the acquisition, Cisco has integrated Source Fire in the ASA platforms as well as in the ISR platforms.

In this session you will learn about Source Fire company history, the rebranding of Source Fire as FirePOWER Services and how to use FirePOWER effectively on the ISR G2 and 4K platforms on the UCS-E blade to secure the network from attacks and malware.

Featured Speaker

Kureli Sankar started with Cisco in Aug, 2006 as a TAC engineer in the firewall team in Research Triangle Park, North Carolina. As a TAC engineer she supported Cisco's security products. Since, May 6th 2013, she has taken up a new role as Technical Marketing Engineer, Enterprise Infrastructure and Solutions Group responsible for security features on Cisco's IOS and XE products.

She has presented at Cisco Live 2013 and 2014. She has also done quite a few Live Web Casts and ATE (Ask The Expert) events for our forum.

Prior to joining Cisco, Sankar worked for John Morrell Co., Cincinnati, Ohio where she was the network administrator in charge of the company's enterprise network covering 27 locations in the United States. She also was an adjunct professor at the University of Cincinnati, teaching undergraduate level networking courses. Sankar holds an engineering degree in Electrical and Electronics Engineering from Regional Engineering College, Trichirappalli, India, CCSP and CCIE Security #35505 certifications.While working full time, she volunteers at various organizations like Citizen School, Durham Performance Learning Center, NC First Robotics, Girl Scouts - Carolina, Raleigh Rescue Mission and gives back to the community

Need more information? Have more questions? Find more experts and topics by visiting https://supportforums.cisco.com/expert-corner/events.

We look forward to your participation. This event is open to all, including partners. Please Share this event in your social channels.

Find other  https://supportforums.cisco.com/expert-corner/events.

**Ratings Encourage Participation! **
Please be sure to rate the Answers to Questions

 Cisco Ask the Expert

222 Views
0 Comments

(view in My Videos)

Expert Webcast:  Cisco Cloud Web Security: Comprehensive Defense, Advanced Threat Protection, and Superior Flexibility for Your Business
(Original Webcast Tuesday, April 7, 2015 at 10:00 am Pacific.)

Featuring Cisco International Product Marketing Manager Story Tweedie-Yates

This presentation will be on Cloud Web Security (CWS), with a focus on deployment options as well as the Cloud Web Security Premium offering that includes Advanced Malware Protection (AMP) and Cognitive Threat Analytics (CTA). First we will go over basic information about CWS in terms of features, benefits, deployment and pricing; then a live demo of the “real thing” and the Cloud Web Security online reporting and administration interface, including a demo of the CWS Premium offering.

Featured Speaker

Story Tweedie-Yates is an International Product Marketing Manager for Cloud Web Security at Cisco.  Her career at Cisco began in the Global Marketing and Corporate Communications MBA Leadership Development Rotational Program. She has degrees from both Stanford University (2005, B.S. Psychology) and Thunderbird School of Global Management (2013, MBA). She speaks fluent Spanish and has traveled to 37 countries. Story has pursued her passion for marketing, working with strong brands across both the CPG and High-Tech B2B industries. She worked as a Brand Management Associate for Henkel, the Fortune 500 owner of the Dial and Right Guard brands. In her first year with Cisco, she piloted a project with Sales stakeholders that resulted in a new strategic partnership between Headquarters and the Central Europe region. In the Digital group, she created and influenced the adoption of a new Tiering system for all of the Cisco.com country websites.

Need more information? Have more questions? Find more experts and topics by visiting https://supportforums.cisco.com/expert-corner/events

We look forward to your participation. This event is open to all, including partners.

Please Share this event in your social channels.

Agenda :Approximate duration: 90 minutes

 Cisco Ask the Expert   

1404 Views
0 Comments

(view in My Videos)

 

 

Cloud Web Security How to Switch Primary/Secondary Towers

103 Views
0 Comments

Hi,

In my organization, we have given VPN access to staff & they are accessing those system anytime from out of station but i want to restrict them and provide day, week & time for access. is it possible to make the restriction on day, week or time?

    

176 Views
0 Comments

(view in My Videos)

 

This is the video of a Technical Knowledge Library webinar delivered by Identity Based Networking Services (IBNS) experts Haripsarad Holla and Gokul Nair on November 20, 2014. They cover the fundamentals of IBNS 2.0, policy structures, new capabilities, and provide a short demonstration.

622 Views
0 Comments

(view in My Videos)

On Tuesday, December 16, 2014 at 10:00 a.m. Pacific Standard Time, join Cisco expert, Ankur Bajaj for a live webcast on Introduction to Cisco Trustsec Solution and Configuration.

With lot of end points coming to the network and different access method, Cisco Trustsec solution is designed to flatten the network regardless of the access method but still provide fully distributed and differentiated access control no matter whether you are coming from wired or wifi or remote access, the Trustsec solution provides a consistent access control policy.


Ankur Bajaj is a customer support engineer from the AAA team at the Cisco Technical Assistance Center in Richardson, Texas, USA. He has 14 years of total experience. He has worked on a wide range of Cisco Security Technologies such as Cisco ASA, VPN deployments, NAC solution, ACS and ISE deployment. Ankur has CCIE # 22135 in Security.
 

Agenda

  • What is TrustSec.
  • Introduction to various components of TrustSec.
  • How it works
  • Benefits over Traditional way to segment the network.
  • Configuration of the Network access device and ISE.

Need more information? Have more questions? Find more experts and topics by visiting https://supportforums.cisco.com/expert-corner/knowledge-sharing.

    Cisco Ask the Expert