Cisco Tac Security Podcast Series

Justin, John and Tim from the Cisco Voice TAC teams join Magnus to discuss the basic concepts behind voice security. They then cover best practices, and common problems that administrators encounter when deploying secure voice technologies.

Jay and David and Joe discuss OnePK technology and how to get started writing custom OnePK apps.

Jay and David discuss the new NAT configuration style introduced with ASA version 8.3. The overall approach to configuring NAT are discussed, along with troubleshooting techniques, and best practices.

Joe and the podcast team discuss managing the network at Cisco Live! this year, and what specific steps, tools and best practices were employed to make the network successful.

Jesse Dubois, TAC engineer, and Aaron Woland, Identity Services Engine (ISE) Technical Marketing Engineer, discuss version 1.2 of the ISE solution. Discussion focuses on new features, the upgrade process, and tips and tricks to get the most out of your ISE deployment.

The panel set up a recording table in the hallways of Cisco Live! 2013 in Orlando Florida, to talk to our customers and partners about security technologies and the Cisco Live event.

This episode focuses on some of Cisco's Virtual Security Appliances, the ASA1000v, the Virtual Security Gateway (VSG) and the Virtual Network Management Center (VNMC). Rama Darbha and Michael Robertson discuss how administrators can use these products in their virtual environments, as well as the packet forwarding path and troubleshooting techniques for these products.

The panel discusses best practices for configuring devices to generate syslogs, and how the TAC investigates syslogs provided by customers. Tips and tricks for parsing through large syslog files, as well as techniques and tools for finding useful information are discussed.

This episode provides a peek behind the scenes at Quality Assurance for the Cisco ASA Software, featuring special guest Paul Larue (Technical Leader with Cisco Engineering). The panel discusses the different types of tests that occur at all stages of the ASA software development lifecycle and the continued focus on quality.

Magnus interviews a panel of VPN experts on a new shift in VPN technologies, Flex VPN. The panel includes VPN escalation engineers Wen and Jay Young as well as a special guest, Frederic Detienne. Fred hails from our Brussels location and is a Distinguished Support Engineer specializing in VPN and crypto technologies. The crew talks about Flex VPN and the new IKEv2 technology.

The podcast team returns to Cisco Live! in San Diego to give presentations, deliver lab trainings, and tape an episode of the Cisco TAC Security Podcast! The team talks to several customers about topics such as ASA VPN Client to Anyconnect migration, IPv6 use at Cisco Live, and much more.

Jay and David discuss the history of the PIX platform. Topics include the different PIX hardware types, how the software changed over time, the motivation for some of the features that were added, and also how the history of the Firewall Services Module, PIX and ASA are intertwined.

Special guest Joe Clarke discusses the capabilities of IOS Embedded Event Manager. The panel discusses some very interesting use cases for EEM, and how it can be used to add new features to IOS as well as aid in troubleshooting complex network problems. A special listener challenge is given at the end of the show!

Special guests Wen Zhang (Cisco TAC) and returning guest Jay Young Taylor (Cisco TAC) discuss the methodologies and approaches to troubleshooting IPSec VPN problems. The team discusses the best way to use show commands, debug output, and troubleshooting tools to get your VPN tunnels up and passing traffic!

Special guests Wen Zhang (Cisco TAC) and returning guest Jay Young Taylor (Cisco TAC) discuss the differences between the DMVPN and GETVPN technologies. Deployment scenarios, as well as case studies and common customer TAC cases are discussed.

Special guests Jesse Dubois (Cisco TAC) and Aaron Woland (Cisco TrustSec Engineer) talk with the team about the new Cisco Identity Services Engine. The discussion provides an overview of the ISE solution, deployment best practices and common problems, and hot issues and troubleshooting techniques, as well as monitoring.

This episode features discussion about the new Cisco ASA Services Module (ASASM). Topics discussed include the hardware architecture differences between the ASASM and the Firewall Services Module (FWSM), new features introduced with the ASASM, and FWSM to ASASM migration tools and strategies.

Jeff Bollinger (Cisco Information Security Investigator), and Zack Shaikh (Cisco TAC engineer specializing in the Ironport Web Security Appliance) join the panel for a discussion about the WSA product. Then Jeff shares how Cisco is dploying WSAs to protect its own network from threats on the web, and some lessons he's learned along the way.

The podcast team brought their recording equipment along to Cisco Live! in Las Vegas to talk to Cisco customers about their impressions of Cisco Live and some of the classes they are taking, and also how they use Cisco security products.

This episode features discussion about interesting customer TAC cases that were tackled this week by the Firewall team in Research Triangle Park, North Carolina. Rama Darbha walks us through a problem with CPU HOGS and SNMP monitoring on an ASA. Justin Betz discusses a DHCP-Relay problem caused by a NAT translation issue on a FWSM. Mike Robertson discusses a FWSM issue where a UDP network attack was taking place, and David White Jr. discusses how he determined what extra padding data was being added to ICMP packets that were so small they violated a RFC.