September 7, 2020

MAC Address Randomization

Any individual device on a modern network has a MAC address which is used to identify the indivual device on the local network. Historically the MAC address is a unique static identifier. The MAC address is assigned by the manufacturer of the NIC, which means the MAC address doesn’t change from the time it leaves the factory till the time it is reaches the trashbin. Since the MAC address is (in many cases still) static, the MAC address can be traced based on its movement from hotel, to airport, to shopping mall etc.

February 4, 2020

Firepower Logging per rule

This blogpost will give you a brief guide to implement per rule logging in Firepower Management Center. Open the rule you want to forward syslog from. Choose Logging -> Check the ‘Syslog Server’ -> Click Save Choose ‘Logging’ under the Access Control Policy and click the green plus to create a new syslog server (or use the dropdown to choose an existing syslog server). Choose Severity to specific what levels of log you would like.

September 4, 2019

Upgrading ISE?

Are you planning to upgrade Cisco ISE (Identity service Engine)? Then you should know about the upgrade readiness tool. Cisco created an Upgrade Readiness Tool (URT) which simulates an upgrade of ISE to verify your ISE deployment prior to actually performing the upgrade. The Upgrade Readiness Tool will check for possible obstacles during the upgrade, which could save you valuable time in your service window. The tool will also give you an estimate on how long the upgrade will take, which allow you to plan a suffient amount of time for your service window.

August 7, 2019

About

My name is Jesper Erbs. I am a dedicated network professional with a focus on improving IT through stable secure designs and IT automation. My focus is not (currently) on specific vulnerabilities, threathunting or the like, but rather implementing secure IT designs and automating IT to provide optimal value to the business the design will take part of. This blog is primarily to describe network and IT designs I have taken part of and oddities I have encountered.

1