Beyond the well known RADIUS service, Cisco ISE includes a module for performing TACACS+ authentication, authorization and accounting. Take into account that TACACS+ operation consumes appliance resources that might be necessary for RADIUS purposes so, depending on the size…
Security
Following my previous ISE post on phones authentication using EAP-TLS, in this new post I’ll show you how to quickly configure the access points for 802.1x authC. This require some specific configurations: They need to enable EAP-FAST as authentication…
In this post I’m gonna show you the steps for authenticating your IP phones using 802.1x and certificates. I encourage you reading the “IP Telephony for 802.1X Design Guide” before for a better understanding. Let’s start with some background…
Hi folks, In this post I’m going to show you how to perform a clean install of the Firepower module on an ASA5506X. It is an easy task but takes some time to complete since the box is not…
One cool feature included in AMP4E is the capability of running IoC scans. Once you’ve rolled out the connector among the users’ computers you just need to upload the IoC files to your AMP4E dashboard and then choose whether…
Setting up AMP for endpoints is pretty straightforward as most of the configuration is already in place and administrators just need to fine tune those parameters that best fit into their organizations. The configuration fundamentals are: Exclusions. Application Control Whitelisting.…
Here is a few funny videos from Palo Alto showing why their firewalls are better than Checkpoint’s. Of course this is not an independent comparison, but can help to gather information for any of those looking for differences between…
Hi there, Today I am going to show you how insecure our homes and certain enterprises LANs are. The basics of this issue is to perform a Man-In-The-Middle attack, just together with SSL sniffing, so we can just see…