Author: René Jorissen

René Jorissen works as Solution Specialist for 4IP in the Netherlands. Network Infrastructures are the primary focus. René works with equipment of multiple vendors, like Cisco, Aruba Networks, FortiNet, HP Networking, Juniper Networks, RSA SecurID, AeroHive, Microsoft and many more. René is Aruba Certified Edge Expert (ACEX #26), Aruba Certified Mobility Expert (ACMX #438), Aruba Certified ClearPass Expert (ACCX #725), Aruba Certified Design Expert (ACDX #760), CCNP R&S, FCNSP and Certified Ethical Hacker (CEF) certified. You can follow René on Twitter and LinkedIn.

Firewalling, Security

Cisco IOS Security

René Jorissen on June 24, 2008 • 0 Comments • Tags: #cisco #classic #firewalling #ios #zonebased

The first session I attended is about Deploying IOS Security. The session is about using the Cisco IOS as firewall to protect branch offices. We discussed normal classic firewalling and zone-based firewalling. I normally use classing firewalling, but I guess I have to try zone-based firewalling in the future. The advantage of zone-based firewalling is … Read More

Other stuff...

Cisco Live 2008

René Jorissen on June 22, 2008 • 1 Comment

It took a while to finally register for Cisco Networkers / Live. First we wanted to attend last year, then we wanted to attend in Barcelona, Spain, but there were no more tickets. Now I am sitting in my hotel room in Orlando, Florida after a long trip getting here. My colleague and I left … Read More

Configuration Example, Security

MAC Authentication Bypass – Continued

René Jorissen on June 20, 2008 • 1 Comment • Tags: #8021x #authenticate #bypass #caveats #guestvlan #ias #lan #mac #nac #nap #on #radius #wake #wol

Finally I had a day “off” and could test MAC Authentication Bypass (MAB) in our test environment at the office. I created the following test environment: There are 4 different VLAN’s and a Cisco Catalyst 3750 connects the VLAN’s to each other. I wanted to create an environment with the following properties: All switch ports … Read More

Security

ID Control

René Jorissen on June 19, 2008 • 0 Comments • Tags: #handyid #idcontrol #keystrokeid #manager #password #pki #rsa #secure #securid #strongauthentication #usbtoken #vpn #whatyouare #whatyouhave #whatyouknow

Ictivity received via via an e-mail about strong authentication products from ID Control. Strong authentication is authentication were you need multiple factors (what you have, what you know, what you are) to actual authenticate to a system, network or something else. We, as Connectivity Consultant, were asked to look at the different products and start … Read More

Configuration Example, Firewalling

PIX / ASA – Threat Detection

René Jorissen on June 19, 2008 • 0 Comments • Tags: #80 #asa #basic #detection #intrusion #pix #prevention #scanning #threat

From software release 8.0 and later the Cisco PIX and Cisco ASA firewalls support the feature called Threat Detection. In the default configuration Basic Threat Detection is enabled on the security appliance. Using Threat Detection the appliance monitors the rate of dropped packets and security events due to these reasons (Source): Denial by access lists; … Read More

Configuration Example, Firewalling

PIX Failover not working

René Jorissen on June 18, 2008 • 0 Comments • Tags: #error #failover #normal #not #pix #waiting #working

Today I received the question why a PIX failover configuration wasn’t working. The customer accidentally disconnected the power cable from the primary PIX firewall. The secondary PIX firewall became the active one, but multiple DMZ segments weren’t working anymore. After rebooting the PIX firewall and making that the primary one again, the DMZ segments were … Read More