- 58
- 787 541
Networking with Ehsan
Canada
Приєднався 28 лис 2019
Join me on a cutting-edge journey through the world of networking! As a seasoned expert with four CCIEs, CCDE, CISSP, and many various industry certifications, I'm here to bring you the latest in technologies and beyond. Dive into hands-on tutorials that not only teach but also entertain, turning complex theories into practical, real-world solutions. Together, let's unlock the full potential of modern networking and make a lasting impact in the tech world!"
Installing Custom Remediation Modules on FMC: Taking Your Firewall Beyond Its Limits
In this video, I introduce a revolutionary concept: installing custom remediation modules on Cisco FMC for the first time. This game-changing approach enables you to extend your firewall's capabilities and tackle complex security challenges with ease.
With this innovative application, you can dynamically respond to threats, integrate with tools like VirusTotal, and even customize solutions tailored to your organization's unique needs. From blocking malicious IPs to automating advanced remediation workflows, this module takes your firewall beyond traditional boundaries.
Want to explore this solution? Download the application now from www.networkingwithehsan.com. If you have specific requirements, reach out, and I can help create a custom application for you.
networkingwithehsan.com/site/download
Don't miss the next video, where I'll share more case studies and advanced use cases. Let's unlock the full potential of FMC together!
With this innovative application, you can dynamically respond to threats, integrate with tools like VirusTotal, and even customize solutions tailored to your organization's unique needs. From blocking malicious IPs to automating advanced remediation workflows, this module takes your firewall beyond traditional boundaries.
Want to explore this solution? Download the application now from www.networkingwithehsan.com. If you have specific requirements, reach out, and I can help create a custom application for you.
networkingwithehsan.com/site/download
Don't miss the next video, where I'll share more case studies and advanced use cases. Let's unlock the full potential of FMC together!
Переглядів: 30 142
Відео
Integrating Cisco ACI with RADIUS/TACACS with MFA Using Microsoft Entra ID (Azure AD)
Переглядів 4 тис.Місяць тому
In this comprehensive tutorial, I'll show you how to authenticate users by enforcing Multi-Factor Authentication (MFA) using Microsoft Azure (Entra ID). We'll explore various scenarios: - Integrate Cisco ACI Fabric with RADIUS and TACACS using Cisco ISE. - Remove Cisco ISE and integrate Cisco ACI with Network Policy Server (NPS) and Azure MFA Extension. You'll see all the detailed configuration...
Integrating Cisco ACI with Microsoft Using OAuth2: A Step-by-Step Guide
Переглядів 5 тис.2 місяці тому
In this video, we dive into a practical setup of integrating Cisco ACI with Microsoft Azure AD using OAuth2 for secure access management. Instead of focusing on OAuth2 theory, we walk you through each configuration step needed to enable seamless authentication and role-based access control for Cisco ACI. From setting up the necessary parameters to testing our configuration in Postman, you’ll le...
Cisco Secure Network Analytics(Stealthwatch): Migrating from Non-Datastore to Datastore Architecture
Переглядів 3,8 тис.4 місяці тому
In this video, we dive into the key differences between non-datastore and datastore architectures in #cisco #SNA. Cisco Secure Network Analytics( formerly Stealthwatch) We walk through a step-by-step lab to show you how to migrate your setup from a non-datastore to a datastore deployment, enhancing your network's performance and security analytics. Got questions? Leave them in the comments, and...
Resolving Music on Hold (MoH) Update Failure in Cisco CUCM: A Step-by-Step Guide
Переглядів 3,3 тис.5 місяців тому
In this video, we tackle the common issue of Music on Hold (MoH) update failures in Cisco Unified Communications Manager (CUCM). Often, these failures are due to strict security policies on the operating system that prevent file modifications.
How to Configure SNMP and NetFlow on Cisco SD-WAN
Переглядів 14 тис.5 місяців тому
In this video, I will guide you through the steps to configure SNMP and NetFlow on Cisco SD-WAN. Learn how to set up and manage these essential monitoring tools to ensure optimal network performance and visibility. Whether you're a network administrator or an SD-WAN enthusiast, this tutorial will provide you with practical insights and hands-on instructions. Don't forget to like, comment, and s...
Cisco UCM Migration - Fresh Install with Data Import
Переглядів 5 тис.7 місяців тому
In our lab demonstration, we'll focus on the Direct Refresh Install with Data Import method, showcasing its efficiency and practicality for modern deployments. We've used the Data Import method via SFTP to successfully migrate to CUCM 15, ensuring a smooth and effective transition. Don't miss out on this detailed walkthrough, and make sure to like, share, and subscribe for more insightful tutor...
sdwan-draw
Переглядів 1,1 тис.7 місяців тому
hank you to everyone who participated. Stay tuned for more exciting challenges and opportunities to learn and grow together. Don't forget to like, share, and subscribe to stay updated with our latest content. See you in the next video!
Deep Dive into Cisco SD-WAN: Single DMZ Scenario | Answer & Win!
Переглядів 33 тис.7 місяців тому
Welcome to an in-depth exploration of Cisco SD-WAN! In this video, we take you through the deployment of a specific scenario where we utilize a single DMZ, and all fabrics are set within the same site ID. You will also see how to onboard IOS-XE device into the SD-WAN fabric. Firewall configuration and related NATs are also explained.I am using Cisco Secure Firewall solution. Stay tuned till the...
Unlocking Cisco Intersight: Benefits and UCS Manager Integration
Переглядів 3,5 тис.8 місяців тому
Welcome to the first video in our series on mastering Cisco Intersight! In this video, we delve into the incredible benefits of Cisco Intersight, a cloud operations platform that revolutionizes IT management. We'll guide you through the seamless process of integrating UCS Manager into Cisco Intersight, providing you with practical insights and step-by-step instructions. Whether you're looking t...
Deep Dive into Cisco EVE: Detecting QUIC Applications
Переглядів 7 тис.8 місяців тому
How do you stop QUIC applications? How do you stop malware hidden inside encrypted packets? Do you think your IPS is up to the challenge? Dive into the Cisco's Encrypted Visibility Engine (EVE). In this video we reveal how to effectively detect QUIC applications and other encrypted threats. Discover how Cisco EVE enhances your network's security capabilities, watch now and learn how to keep you...
Cisco ACI - Seamless Upgrade
Переглядів 3,9 тис.8 місяців тому
Dive into the world of #Cisco #ACI as we explore how to upgrade your APIC cluster and switches seamlessly-without any #downtime. This guide not only walks you through the step-by-step process but also compares the visual and functional differences between the older Version 4 and the newer Version 6. Perfect for network engineers looking to stay current with Cisco's latest technologies.#CiscoACI...
Ehsan Emad Channel Intro
Переглядів 12 тис.8 місяців тому
Its All About Us! visit www.networkingwithehsan.com
CiscoLive EMEA 2024 - Amsterdam - Back Stage
Переглядів 27311 місяців тому
Hello Friends, Today, I had the privilege of being backstage at Cisco Live EMEA 2024, surrounded by incredible individuals who were putting in their utmost effort to create an unforgettable event! I sincerely hope you enjoy watching the video. A big thank you to Cisco and everyone involved. #cisco #ciscolive #ciscoliveemea
Internet support in sky!!! #aircanada #tech #wifionboard
Переглядів 29211 місяців тому
Internet support in sky!!! #aircanada #tech #wifionboard
Cisco FDM - LDAP Attribute and LDAP mapping
Переглядів 3,1 тис.2 роки тому
Cisco FDM - LDAP Attribute and LDAP mapping
Cisco LISP Configuration Guide - Basic Config
Переглядів 2,9 тис.3 роки тому
Cisco LISP Configuration Guide - Basic Config
Cisco ASAv VPN Split Tunnel and Group URL
Переглядів 2,9 тис.3 роки тому
Cisco ASAv VPN Split Tunnel and Group URL
Cisco Segment Routing - Lab 2 - "SR without LDP "
Переглядів 23 тис.4 роки тому
Cisco Segment Routing - Lab 2 - "SR without LDP "
Cisco Segment Routing - Lab 1 - "SR with MPLS Dataplane"
Переглядів 13 тис.4 роки тому
Cisco Segment Routing - Lab 1 - "SR with MPLS Dataplane"
CISCO BGP Training, Route Reflector- Part 3
Переглядів 8 тис.4 роки тому
CISCO BGP Training, Route Reflector- Part 3
Cisco BGP Route Reflector Training *** Part 2 *** next-hop-self and RR ***
Переглядів 8 тис.4 роки тому
Cisco BGP Route Reflector Training Part 2 next-hop-self and RR
BGP Soft-Reconfiguration - Route Refresh
Переглядів 2,9 тис.4 роки тому
BGP Soft-Reconfiguration - Route Refresh
Cisco BGP Route Server - Concept and Configuration
Переглядів 4,1 тис.4 роки тому
Cisco BGP Route Server - Concept and Configuration
Great overview. Thank you! However, I have some questions. I want to keep same ip and same hostnames. What if you are in an environment where you need to keep phones running? Does this mean you do one host at a time? Will the phones register to the new hosts?
Thanks for considering this 🙏 yes can be use same information as currently cucm host (hostname-IP) 1- before to get export please check Operational cucm not be had expired certificate. 2- before start new host installation must be shutdown old cucm(so it means need downtime) after installation complete, all the phones if not have expired itl move to new host.
@@Shaida.Shahidi sorry not sure I understand your response. I can't be down. Phones are needed all the time so a downtime is not an option in my world. So, with that in mind could one host still be done one at a time as in - export, shutdown, rebuild/import to new host, repeat for other hosts ?
@@caseymckeown4680 "When installing Cisco Unified Communications Manager (CUCM), the installation process includes a built-in network check that verifies the server can successfully connect to the network using the provided network configuration, essentially ensuring that the server can reach necessary destinations, if any issues are detected, the installer will be prompted to review and correct network settings before continuing"... and not installation complete untill you have duplicated ip address. so if you don't want to have downtime must be set new ip address and hostname , after installation migration complete changing ip address. ------- or you can prepare isolated network for new installation that not accesible
😊
This is an amazing SDWAN lab from Ehsan and Navid.
Greate solution and remediation, i also liked the animations included which helped me to better understand and visualize the concept👌🏻 thanks for sharing.
Being able to choose trusted cloud providers is a game-changer
How easy is it to set up this app for a beginner
super easy!
Being able to choose trusted cloud providers is a game-changer
This is such a well-thought-out solution. Bravo
This is such a well-thought-out solution. Bravo
This is such a well-thought-out solution. Bravo
How is the weekly check feature configured? Is it customizable
yes its customization.
Could this module help with phishing attacks too
yes indeed
Do you offer any support after downloading the app
yes we can talk about it
This is such a well-thought-out solution. Bravo
Could you explain how the dynamic objects work in more detail
Dynamic objects in Cisco Firepower Management Center (FMC) are a powerful feature designed to provide flexibility in managing IP addresses and other entities without requiring frequent policy deployments
Being able to choose trusted cloud providers is a game-changer
This remediation tool which is written by our team is taking the traffic destined to unknown URLs which is not detected by the Cisco Secure Firewall itself for more analysis on our third party application, the Application can analyze the IP address status with different databases like VirusTotal and it calls the FMC for dynamic blacklisting if it is not safe, indeed wonderful idea 💯 This is just a demo task which could be done with custom remediation tools, more complex scenarios are coming soon! If you have any idea or organizational need please let us know
You've provided good explanation of the topic🔥 Would be great if you continue this topic and show the configuration of BGP, VRFs
thank you for the video, CLEAR and SMOOTH :)
Very good explanation and demo. I wish Cisco documentation could that be as straightforward like this :)
Glad you liked it!
Amazing video! This guide provides essential steps and valuable insights that are hard to find elsewhere. Great job Ehsan!
Glad you think so!
Fantastic video! very rare to find knowledge!
Please forgive me if I'm slow, but the description says "we reveal how to effectively detect QUIC applications" yet in the demo all it showed was that it can detect that an app is using UDP/443, but it can't detect what app it is. What am I missing here?
In the first scenario, where we aimed to block the Tor application, you can see that before enabling EVE, the client application was identified as QUIC Client so firewall could not block Tor application. After enabling EVE, the client application was identifies as Tor and firewall effectively blocked Tor, The process name also shows as Tor in the EVE logs. In the second scenario, we attempted to block ChatGPT. Before enabling EVE, ChatGPT was only partially blocked because, as you can see in the video (the firewall logs in FMC), Firewall could only identify the TCP 443 part of the connection. The other part, which was using UDP 443, wasn’t identified by the firewall, so it couldn't determine the application. Since ChatGPT uses both TCP 443 and UDP 443 for its website, this caused the partial block. After enabling EVE, the firewall was able to recognize the UDP 443 traffic as ChatGPT, resulting in the entire ChatGPT connection being blocked.
excellent demonstration of the Data Import feature for mirating CUCM to version 15. if I've a cluster of 4 nodes should I export the remaining node in the same /export folder ?
Existing phones registered with previous version of CUCM, will they register with newer version of CUCM. Will this also import ITL/CTL, CDR to new CUCM? Please clarify..
yes,if old cucm not have expired certificate after new cucm host installtion complete ipphone move to new host.
Hi how can we get BGP-LU and MPLS-L3VPN stats pls
To gather statistics for BGP-Labeled Unicast (BGP-LU) and MPLS Layer 3 VPNs (MPLS-L3VPN) on a Cisco router, you can use several commands depending on the specific information you're looking for. Here are some key commands and what they do: To view BGP-LU prefixes: -->show bgp ipv4 labeled-unicast To view BGP neighbor statistics for BGP-LU:show ip bgp neighbors <neighbor-ip> labeled-unicast To view MPLS forwarding statistics:-->show mpls forwarding-table To view detailed BGP neighbor statistics for BGP-LU:-->show ip bgp neighbors <neighbor-ip> This command will display detailed statistics for a specific BGP neighbor, including message counts (e.g., updates, keepalives) and any issues with the BGP session. For BGP-LU, you would need to focus on the labeled-unicast section.
The ongoing background music is kind of loud and annoying sometimes …
noted!
Great Video, thanks 👌👌
Great video! I was looking for this! Now that is clear to me how to transition to the Data Store
This video is a valuable resource for anyone looking to enhance their network's performance and security analytics using Cisco Secure Network Analytics
The tutorial is clear and well-paced, making it easy to follow along with the migration steps
It's great to see the focus on improving network performance and security in Cisco Secure Network Analytics through this migration process
Thank you for this insightful tutorial on how to migrate SNA datastore, it's definitely going to help me optimize my network infrastructure
I appreciate the detailed explanation provided in this video about how to utilize datastore in Cisco Secure Network Analytics for improved functionality
The comparison between non-datastore and datastore architectures really helps in understanding the benefits of the migration for better network management
The hands-on approach in this tutorial is beneficial for gaining a practical understanding of the migration process
I'm looking forward to implementing these tips for migrating to a datastore deployment in my Cisco Secure Network Analytics setup
This video is very informative about the migration process from a non-datastore to a datastore architecture in Cisco Secure Network Analytics
awesome explanation, thank you so much sir.
Ehsan and Navid are the best, this is amazing and one-in-a-kind SDWAN design. I am learning a lot with this video.
👌👌👌👌🙏🙏🙏🙏
Common issues in cucm 12.5 for uploading new MoH files there was a bug with permissions on the MoH folder
Thanks for sharing 👌
Thanks for shedding light on this common issue!
MoH updates always seem to be tricky in CUCM
The troubleshooting tips are very helpful
Security policies causing this problem make sense now
I'll check my security policies after watching this
Understanding the root cause is key in fixing MoH problems
I appreciate the detailed breakdown of the issue