collapse

Search


User Info

 
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Recent Posts

Pages: 1 2 3 [4] 5 6 ... 10
31
Security / Re: Migrate IPS rules for FMC 6.4 to FMC 7
« Last post by spykas on April 22, 2022, 04:55:07 AM »
Yes , that is the case .

Thank you.
32
Security / Re: Migrate IPS rules for FMC 6.4 to FMC 7
« Last post by MC on April 17, 2022, 08:40:58 PM »
Are you talking about from two different FMC, one running 6.4 to the other running 7.0? If so, not that I know of.
33
Security / Migrate IPS rules for FMC 6.4 to FMC 7
« Last post by spykas on April 08, 2022, 11:39:52 PM »
Hello ,

is it possible to migrate (export ? ) IPS rules from 6.4 to 7.0 and convert them to SNORT 3 ?

Thank you.
34
Security / Re: New user login and expired passwords
« Last post by MC on March 13, 2022, 10:25:14 PM »
What is the exact issue you are having?
35
Security / Re: New user login and expired passwords
« Last post by cerebr0_1 on March 11, 2022, 07:06:39 AM »
Hi MC
please can you tell us how did you fix the issue
36
Routing and Switching / Re: SDA Design on behalf of Christopher L.
« Last post by MC on February 05, 2022, 10:03:33 PM »
If you use switches for border node that can be virtualized, either stackable or stackwise virtual, then do so to minimize the number of BGP connection you will need to fusion device. All the underlay links in the fabric should always be redundant and routed, so no VLAN or STP should exist. You can refer to Cisco recommended design in the SDA CVD below. It covers all the different size deployments.

You are not allowed to view links. Register or Login
37
Routing and Switching / Re: SDA Design on behalf of Christopher L.
« Last post by clemish on February 04, 2022, 06:08:25 AM »
So, for an SDA Small Deployment, a collapsed design (due to limited hardware) whereby configuring BGP and sub-interfaces on the Firewall peering with the Dist/Core switch (SW1) would be the preferred deployment, understood.  Alternatively, in an Enterprise design, I would anticipate the preferred design be to replace the BC1 "router" with a stackable or HA pair of L3 switches port-channeled to the Core/Dist pair/stack of switches (SW1) to ensure high-availability and h/w fault tolerance (replace Loopbacks with SVIs).  In other words, we would inject another HA layer in order to perform BGP peering to separate the VRF/VNs between the new layer and the SW1(Dist/Core) pair of switches (/30 VRF subnets in your design).  Would this be the appropriate design for SDA Medium/Large deployments?
38
Routing and Switching / Re: SDA Design on behalf of Christopher L.
« Last post by Administrator on February 03, 2022, 08:02:37 PM »
 If the network is not big (<25 nodes), you can make the Core/Dist switch a Border/Control Plane and the FW a fusion router. Cisco considers this a small deployment. If you need to scale, you would want to insert a separate Border/Control Plane between the Core/Dist and FW, and make the Core/Dist device a pure underlay. Edge device would never do BGP unless it is Fabric-in-a-Box.
Pages: 1 2 3 [4] 5 6 ... 10
SimplePortal 2.3.7 © 2008-2025, SimplePortal