Network documentation is arguably both the most important and most over looked tasked a network administrator does. A good network diagram is invaluable for understanding how a network is working, for troubleshooting when its not working, and a great source of information when onboarding new employees to the network team or, more important to me, getting vendors and partners up to speed on how...
Continue readingFirepower FTD Remote Access VPN SSO using SAML and Azure AD, with Azure AD Conditional Access to Duo 2FA, and Cisco ISE for Authorization and Group Policy Assignment
There are multiple components to this solution, and while there are a few different approaches to accomplish the end goal, I wanted to focus on a solution that didn’t require an onsite Duo Authentication Proxy server. This blog will...
Continue readingIn the first entry of this series, we looked at the high-level mechanics involved in using AnyConnect with the ISE Posture module to perform endpoint host inspection (posture) when connecting to an AnyConnect VPN head-end (ASA/FTD). In the second entry of this series, we narrowly focused on getting the ISE posture module provisioned. In the third entry, we took stock of all the available posture...
Continue readingIn the first entry of this series, we looked at the high-level mechanics involved in using AnyConnect with the ISE Posture module to perform endpoint host inspection (posture) when connecting to an AnyConnect VPN head-end (ASA/FTD). In the second entry of this series, we narrowly focused on getting the ISE posture module provisioned. If you haven’t check those out yet, please do, links below!
Continue readingIn the last entry of this series, we looked at the high-level mechanics involved in using AnyConnect with the ISE Posture module to perform endpoint host inspection (posture) when connecting to an AnyConnect VPN head-end (ASA/FTD). If you haven’t read that one yet, you can find it here!
In this entry, we will be narrowly focused on provisioning the ISE posture module. Enjoy!
Continue readingProject Manager: “We need to give them access to our network.”
IT Security: “No.”
Project Manager: “We really need to give them access to our network.”
IT Security: “Still no.”
Project Manager: “C’mon, pleeease??”
IT Security: “Ok fine. But we’ll need to assess their computer for vulnerabilities.”
Continue readingToday we are getting a little SASE 😊 We are talking about the Secure Access Service Edge. Before I talk about the components of SASE, let's talk a little bit about what it is. It moves these secure access services to the edge, which I know sounds pretty obvious right, but what's the edge? You may have remote users working out of their homes, maybe they are not near an office location. SASE moves...
Continue readingHello All,
With the world of remote work continuing to evolve into more of a standard workflow, it is becoming more and more important to secure your company’s data, while still providing access to employees to allow for work. Cisco continues to lead the way with VPN technology and providing solutions to meet the needs of business. Like many blogs out there already, AnyConnect is no new thing and...
Continue reading<Insert Creative/Witty/Charming Intro Here>.
How to Setup Anyconnect Remote Access VPN w/ Cisco FMC and FTD Firewalls, utilizing ISE & Duo 2FA for authentication and authorization, that’s a mouthful, isn’t it? For those who aren’t sure what I’m talking about, the goal of this blog is to pass along what I learned getting Anyconnect remote access VPN working with ISE and Duo 2FA for...
Continue reading
