Although I primarily prepared this blog in advance, last week I presented my session at Cisco Live Barcelona in which I presented three tips to start your journey on Intent Based Networking. In this post I would like to provide a bit more thought about why software defined access is needed and what it is gonna entail for every organisation. Continue reading “Intent Based Networking is a journey”
My wireless network has been based on a WLC2504 controller with two 2602 AP’s. The network has been running quite well, with of course the caveats that came with the different WLC releases. With the maturity of Mobility Express (ME), the need for a dedicated controller for such as small sized wireless network has basically become obsolete as one of the AP’s becomes the master controller in the network. I was able to acquire 2 1852 AP’s with ME, time to upgrade my wireless network to 802.11ac with ME..
Continue reading “Deploying a Cisco Mobility Express network”
With Firepower Threat Defense (FTD) version 6.2 Cisco has introduced the remote access VPN functionality from the ASA firewall software. For an overview of the differences, you could read a previous post. With FTD 6.2.2 (released in september) this feature is now also avaialble on the ASA platforms. With a week of PTO planned, it was time to configure and test RA VPN on my home environment. Continue reading “FTD 6.2 and Remote Access VPN (anyconnect) configuration”
In a previous blog I’ve written about the differences between Firepower Threat Defense and ASA software. And although the basic OS appears to be ASA with Snort set in between ASA ingress and egress, some basic concepts of the ASA (or actually the PIX) have dissappeared in FTD. And it will have an impact once you migrate from ASA (with or without firepower) to FTD devices.. Continue reading “FTD access policy behaviour”
Yesterday (5 sept) Cisco finally released Firepower Threat Defense 6.2.2 Now is a new update not always a big thing but this specific release had me waiting for quite some time. Key to this release is the support of remote access VPN (e.g. anyconnect) in the FTD image. So FTD was already available on ASA5500-X platform, but if you used anyconnect on your ASA, you just had to wait for this release. But what now is the difference between Firepower on ASA and FTD.. Continue reading “Firepower on ASA, Firepower Threat Defense, what is what?”
Green IT was one of the hot issues back in 2009 during the hype of server virtualization and the introduction of 10 Gig. During the Cisco Networks in 2009 (Barcelona) Cisco EnergyWise was then greatly pushed as an innovation and as a cornerstone for Smart Buildings and Green IT.
The principle thought behind the technology is that the network can also communicate with the endpoints connected to the network and that the network can ask / tell the endpoints to lower down the power consumption in order to reduce the power footprint of the environment. For example, at night time IP Phones in an office network don’t need to have full power, as nobody is working. So EnergyWise can power down the IP phones during the night.
Continue reading “My first steps with EnergyWise”
Cisco introduced Digital Network Architecture (DNA) last year as a new architecture for the digitialized agile world that is becoming a reality at a very fast pace. The DNA is built upon design principles such as security everywhere, automation (enabling centralized service management), virtualize everything, analytics and openness. Key to these design principles is that software is not only defining the datacenter (SDN), the WAN (SD-WAN) anymore but also the access layer. So it should be possible to deploy any service anywhere in your network, whether it’s in your Datacenter, the cloud or at the branch.
Continue reading “Cisco enables a mini (mini) cloud at the branch”
I recently ran across the following issue on a DMVPN Hub-Spoke network with some sites. The network was behaving perfectly fine and spokes were happily communicating with the servers behind the hub until windows 10 came along… Continue reading “Windows 10, Delivery Optimization, SSDP and blocking multicast”
So, last thursday I received an e-mail from Cisco that I was selected as one of the Cisco Champions for 2017. I’m very proud and happy to be part of this program for this year and as far as I’m concerned, more years to come. Continue reading “Cisco Champion 2017”
With the advance of vDSL, Fiber, cable Internet and the appropriate SLA’s bussiness Internet connections have become increasingly reliable. By choosing the local ISP’s carefully it is much more interesting for a company to replace the MPLS connections for an Overlay network based on redundant Internet connections. As a result businesses quite often obtain a higher speed connection for much lower rates. One of the business cases I made in 2006/2007 had a 70% decrease in annual costs compared to their European WAN line based on an MPLS service provider including High Availability. Continue reading “DMVPN DualHub EIGRP Traffic Engineering”