So I am in the lucky position that in the past few weeks I’ve been working with the DNA-Center solution in different ways in a primarily automation focused project. One of the new philosophies of the Cisco DNA-C BU is to deliver updates more frequently and in a micro-update based strategy. E.g. if a package has a bug, only that package can be updated, on the fly. So DNA-Center needs to have a connection to the Internet. And it’s time to share my experiences. Continue reading “updating DNA-Center experiences”
New Challenge
This time I’m writing a more personal blog post.
Continue reading “New Challenge”
Intent Based Networking is a journey: Tip #1
In a previous blog post I explained that Intent Based Networking not only intoduces new technology but that it also requires change in the way we operate network infrastructures. And that it is in fact a journey, but how do you get started on that journey? With your existing network infrastructure? It’s impossible to throw away every piece of equiment and design and start greenfield.
Continue reading “Intent Based Networking is a journey: Tip #1”
Intent Based Networking is a journey
Although I primarily prepared this blog in advance, last week I presented my session at Cisco Live Barcelona in which I presented three tips to start your journey on Intent Based Networking. In this post I would like to provide a bit more thought about why software defined access is needed and what it is gonna entail for every organisation. Continue reading “Intent Based Networking is a journey”
Deploying a Cisco Mobility Express network
My wireless network has been based on a WLC2504 controller with two 2602 AP’s. The network has been running quite well, with of course the caveats that came with the different WLC releases. With the maturity of Mobility Express (ME), the need for a dedicated controller for such as small sized wireless network has basically become obsolete as one of the AP’s becomes the master controller in the network. I was able to acquire 2 1852 AP’s with ME, time to upgrade my wireless network to 802.11ac with ME..
Continue reading “Deploying a Cisco Mobility Express network”
FTD 6.2 and Remote Access VPN (anyconnect) configuration
With Firepower Threat Defense (FTD) version 6.2 Cisco has introduced the remote access VPN functionality from the ASA firewall software. For an overview of the differences, you could read a previous post. With FTD 6.2.2 (released in september) this feature is now also avaialble on the ASA platforms. With a week of PTO planned, it was time to configure and test RA VPN on my home environment. Continue reading “FTD 6.2 and Remote Access VPN (anyconnect) configuration”
FTD access policy behaviour
In a previous blog I’ve written about the differences between Firepower Threat Defense and ASA software. And although the basic OS appears to be ASA with Snort set in between ASA ingress and egress, some basic concepts of the ASA (or actually the PIX) have dissappeared in FTD. And it will have an impact once you migrate from ASA (with or without firepower) to FTD devices.. Continue reading “FTD access policy behaviour”
Firepower on ASA, Firepower Threat Defense, what is what?
Yesterday (5 sept) Cisco finally released Firepower Threat Defense 6.2.2 Now is a new update not always a big thing but this specific release had me waiting for quite some time. Key to this release is the support of remote access VPN (e.g. anyconnect) in the FTD image. So FTD was already available on ASA5500-X platform, but if you used anyconnect on your ASA, you just had to wait for this release. But what now is the difference between Firepower on ASA and FTD.. Continue reading “Firepower on ASA, Firepower Threat Defense, what is what?”
My first steps with EnergyWise
Green IT was one of the hot issues back in 2009 during the hype of server virtualization and the introduction of 10 Gig. During the Cisco Networks in 2009 (Barcelona) Cisco EnergyWise was then greatly pushed as an innovation and as a cornerstone for Smart Buildings and Green IT.
The principle thought behind the technology is that the network can also communicate with the endpoints connected to the network and that the network can ask / tell the endpoints to lower down the power consumption in order to reduce the power footprint of the environment. For example, at night time IP Phones in an office network don’t need to have full power, as nobody is working. So EnergyWise can power down the IP phones during the night.
Continue reading “My first steps with EnergyWise”
Cisco enables a mini (mini) cloud at the branch
Cisco introduced Digital Network Architecture (DNA) last year as a new architecture for the digitialized agile world that is becoming a reality at a very fast pace. The DNA is built upon design principles such as security everywhere, automation (enabling centralized service management), virtualize everything, analytics and openness. Key to these design principles is that software is not only defining the datacenter (SDN), the WAN (SD-WAN) anymore but also the access layer. So it should be possible to deploy any service anywhere in your network, whether it’s in your Datacenter, the cloud or at the branch.
Continue reading “Cisco enables a mini (mini) cloud at the branch”