As technology continues to advance, so do the threats and risks to our cybersecurity. One of the most common defenses against these threats is the use of firewalls and intrusion prevention systems (IPS). However, these systems are not foolproof and can encounter problems that may leave your organization vulnerable to attacks.

Everyone’s Favorite

Anyone operating a PKI or an application whose functionality requires one, can attest to the ever-increasing amount of time spent keeping certificates up-to-date and compliant with the contemporary cryptography standards. When certificates expire, things break. When cryptography standards evolve, things break. For these reasons, the typical network/systems operator may find it...

Endpoint Captive Portal Detection - Why?

This blog assumes that you have a general understanding of ISE Central Web Authentication. Endpoint Captive Portal Detection plays a critical role in improving the end-user experience when connecting to a captive portal protected WiFi network, such as an ISE CWA protected WiFi network. The captive portal detection brings to the attention of the user that...

In the first entry of this series, we looked at the high-level mechanics involved in using AnyConnect with the ISE Posture module to perform endpoint host inspection (posture) when connecting to an AnyConnect VPN head-end (ASA/FTD). In the second entry of this series, we narrowly focused on getting the ISE posture module provisioned. In the third entry, we took stock of all the available posture...

The topic of backing up is not always linear. Backing up a system can sometimes be confusing topic among System and Network Engineers. There are always multiple ways to back up and restore, but is it the recommended for the system? For example, experience has shown me that enabling virtual machine snapshots to systems like ISE can present itself with larger operational issues like sporadic...

In the first entry of this series, we looked at the high-level mechanics involved in using AnyConnect with the ISE Posture module to perform endpoint host inspection (posture) when connecting to an AnyConnect VPN head-end (ASA/FTD). In the second entry of this series, we narrowly focused on getting the ISE posture module provisioned. If you haven’t check those out yet, please do, links below!

In the last entry of this series, we looked at the high-level mechanics involved in using AnyConnect with the ISE Posture module to perform endpoint host inspection (posture) when connecting to an AnyConnect VPN head-end (ASA/FTD). If you haven’t read that one yet, you can find it here!

In this entry, we will be narrowly focused on provisioning the ISE posture module. Enjoy!

Project Manager: “We need to give them access to our network.”

IT Security: “No.”

Project Manager: “We really need to give them access to our network.”

IT Security: “Still no.”

Project Manager: “C’mon, pleeease??”

IT Security: “Ok fine. But we’ll need to assess their computer for vulnerabilities.”

It’s been a while, but we’re finally back to close this blog series on Cisco TrustSec (CTS). If you haven’t yet, go check out the other entries in this series.

Learn what Cisco TrustSec is and why we care here.

Dip your toes into the components involved here.

Begin your Cisco TrustSec classification journey here.

Propagate yourself over here to learn about Cisco TrustSec propagation.

Now that...

Welcome back! In this blog we’re going to continue where we left off in the last entry where we looked at using Microsoft Intune to provision the native wired 802.1x supplicant on Windows 10. This time, we shift our focus to the wireless 802.1x supplicant. If you missed that one, be sure to check it out! OK! Let’s go!