Activity in Security
NAC using Hybrid Joined Devices with Entra and On Prem
Hello Greg, @Greg Gibbs If User Device is Entra Joined and Users are Entra Joined and AD Joined in other words Hybrid is this use case is tested with ISE ? Is there a reference document you can share ? If users are Hybrid joined can we still do NAC ...
Difference between Rule state and Rule action in FTD intrusion policy
I am reading doc on Cisco FTD intrusion policy, can anyone explain to me what the difference is between Rule state and Rule action in Cisco FTD firewall intrusion policy?
Single ISE guest portal and multiple global PSNs
We have a global deployment of multiples PSNs ( 2 US-WEST, 2 US-EAST, 2 EU and 2 APAC). Currently we have a single guest hotspot portal with a single URL (guest.portal.XXXXX.com). Each site has a local FortiGate which acts as the DHCP server and a lo...
DDOS protection services - how do they work
Hi AllI am currently looking into ddos protection services to protect some main internet links.What options are out there? I assume it would need to be further up the chain i.e in the ISP / Cloud ? Also, I see lots of them use BGP flowspec, what trig...
Beware: FTD 1120 7.0.8 hotfix is not working
I upgraded from 7.0.8.1-4 to 7.0.8.2-2, the pre-check was OK but I encountered the following error in the log file: EXPORT ERROR: The source parameter ("/var/cisco/deploy/sandbox/snort3-pkg/usr/local/sf/bin/snort-75-3.1.0.800-9") did not pass the Typ...
AMER Expert Insights Series: Monitoring with Splunk AppDynamics
This webinar series guides participants through proactive monitoring in Splunk AppDynamics. Across five sessions, Cisco experts cover setting up Health Rules, Policies, and Actions, fine-tuning thresholds and error detection, leveraging AI for event...
AMER Serie de Expert Insights | Cisco Secure Access: SASE Platform
Este seminario web guía a los equipos de TI y seguridad en la migración de Cisco Umbrella a Cisco Secure Access mediante el Upgrade Manager. Abarca los requisitos previos, las mejores prácticas, las recomendaciones clave, una descripción general d...
Resolved! Unable to add Crypto host_key add host - Host not found in /root/.ssh
Hello, i have configured a Sftp server as repository but i'm unable to add the Crypto host_key add host <server ip/fqdn> on the secondary PAN and MON and PSN.The cluster is made of Primary PANSecondary PANPrimary MONSecondary MONPsn1Psn2 on the prima...
Duo Restore without Google Drive
Hello! I’m using Duo Authenticator on my mobile but trying to move away from Google ecosystem. The Duo Restore functionality is really neat, but I couldn’t find a way to set it to backup to another cloud service (e.g. Nextcloud) or even locally. Is t...
ISE Administration Node Replacement
Morning Cisco Forums,I'm looking for some guidance on the process of replacing ISE administration nodes, in a 4 node cluster. In our current environment, we're running ISE version 3.4p4, and have a primary/secondary administration node, and 2 policy...
Resolved! Management interface for logical FTD on Firepower 4100
Hi, I'll shortly have to deploy a physical firepower of the 4100 family "4115". I know that the first MGMT interface showing up is for chassis FXOS purpuses. In Cisco videos I've seen that the management interface used for FTD "logical instance" is t...
FTD Prevent IP addresses from being shunned
I have some firewalls running FDM locally and not managed by an FMC that keep shunning specific IP Addresses. How do I configure the FTD to prevent these IP addresses from being shunned like you can in an ASA or with the FMC?
SNA redundant site and HA
I need to use on-prem SAL to increase FMC events retention on SNA and need to provide high availability between two data centers for my deployment. i also have have cisco telemetry broker. Would it be the same if 1- i configured ftd syslog to point t...
ASA Firewall Assessment
On GitHub is available a new firewall analyzer tool: https://github.com/WatchThisFirewall/WTF.v1Watch-This-Firewall is a firewall assessment tool designed to connect to firewalls and perform a comprehensive analysis of their configurations. It checks...
Resolved! ASA External Interface Lease renewal ?
Hi folks, We have a ASA on 9.12(4)67. There is an ONT that is connected on the external interface and we use DHCP to retrieve our IP and gateway etc. for out internet connection. If this interface drops and then recovers (ONT is in a different room ...
| User | Helpful Count |
|---|---|
| 51 | |
| 23 | |
| 20 | |
| 7 | |
| 6 |
