Configuring GRE Tunnel Through a Cisco ASA FirewallHarris Andrea
As you might know, Cisco ASA can not terminate GRE tunnels. However, you can pass GRE traffic through a Cisco ASA 5500 firewall as described in this tutorial.
A
PROJECT REPORT
On
CISCO CERTIFIED NETWORK ASSOCIATE
A computer network, or simply a network, is a collection of computer and other hardware components interconnected by communication channels that allow sharing of resources and information. Where at least one process in one device is able to send/receive data to/from at least one process residing in a remote device, then the two devices are said to be in a network. Simply, more than one computer interconnected through a communication medium for information interchange is called a computer network.
Webinar topic: VLAN vs VXLAN
Presenter: Achmad Mardiansyah
In this webinar series, We are discussing VLAN vs VXLAN
Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback
Check our schedule for future events: https://www.glcnetworks.com/schedule/
Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram
The recording is available on Youtube
https://youtu.be/HDo7XVLRd9E
Mise en place d'un reseau securise par Cisco ASAOusmane BADJI
De nos jours, avec le développement exponentiel des
réseaux et télécommunications, chaque ordinateur
connecté à internet (ou à un réseau) est susceptible d’être
victime d’une intrusion (risque d’altérer l’intégrité du
système et des données).
Les pirates informatiques ayant l’intention de s’introduire
dans les systèmes recherchent des failles dans les
protocoles, les systèmes d’exploitations et les
applications. Ils examinent donc le réseau avec soins dans
le cadre de la recherche d’une machine connectée puis ils
cherchent une faille de sécurité afin de l’exploiter et
d’accéder aux données.
RAPID - Building a highly usable API Design language with XTextTed Epstein
The challenge: Create a highly readable, user-friendly design language for REST APIs, suitable for use by cross-functional enterprise teams.
The toolkit: XText language framework for Eclipse IDE.
The result: RAPID -- the Resource API Design language, used in RepreZen API Studio.
In this presentation, RepreZen's Tanya Fesenko and Ted Epstein show why they decided to create a new API language in this already crowded space, and how they differentiated by raising the bar on usability. This presentation demonstrates to XText language developers some of the techniques required to build this kind of language.
Configuring GRE Tunnel Through a Cisco ASA FirewallHarris Andrea
As you might know, Cisco ASA can not terminate GRE tunnels. However, you can pass GRE traffic through a Cisco ASA 5500 firewall as described in this tutorial.
A
PROJECT REPORT
On
CISCO CERTIFIED NETWORK ASSOCIATE
A computer network, or simply a network, is a collection of computer and other hardware components interconnected by communication channels that allow sharing of resources and information. Where at least one process in one device is able to send/receive data to/from at least one process residing in a remote device, then the two devices are said to be in a network. Simply, more than one computer interconnected through a communication medium for information interchange is called a computer network.
Webinar topic: VLAN vs VXLAN
Presenter: Achmad Mardiansyah
In this webinar series, We are discussing VLAN vs VXLAN
Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback
Check our schedule for future events: https://www.glcnetworks.com/schedule/
Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram
The recording is available on Youtube
https://youtu.be/HDo7XVLRd9E
Mise en place d'un reseau securise par Cisco ASAOusmane BADJI
De nos jours, avec le développement exponentiel des
réseaux et télécommunications, chaque ordinateur
connecté à internet (ou à un réseau) est susceptible d’être
victime d’une intrusion (risque d’altérer l’intégrité du
système et des données).
Les pirates informatiques ayant l’intention de s’introduire
dans les systèmes recherchent des failles dans les
protocoles, les systèmes d’exploitations et les
applications. Ils examinent donc le réseau avec soins dans
le cadre de la recherche d’une machine connectée puis ils
cherchent une faille de sécurité afin de l’exploiter et
d’accéder aux données.
RAPID - Building a highly usable API Design language with XTextTed Epstein
The challenge: Create a highly readable, user-friendly design language for REST APIs, suitable for use by cross-functional enterprise teams.
The toolkit: XText language framework for Eclipse IDE.
The result: RAPID -- the Resource API Design language, used in RepreZen API Studio.
In this presentation, RepreZen's Tanya Fesenko and Ted Epstein show why they decided to create a new API language in this already crowded space, and how they differentiated by raising the bar on usability. This presentation demonstrates to XText language developers some of the techniques required to build this kind of language.
I will outline the process and steps to create your own layered network architecture and build your own range that can be used for practicing your defensive techniques, offensive skills or even to build your own Capture The Flag (CTF) environment. The process you will learn has been used to create CTFs for DEFCON, Hacker Halted and Showmecon; furthermore, the presentation is an introduction to the process in the instructors book Building Virtual Pentesting Labs for Advanced Penetration Testing
Building with Watson - Interpreting Language Using the Natural Language Class...IBM Watson
What is the Natural Language Classifier API? How can it enhance you current app development efforts? Rahul Garg, a Strategy and Offering Manager focused on NLC, walks through this unique API. Also receive specific examples on how to train and call the classifier.
Watch the live replays and learn how to build cognitive apps using other Watson APIs during our Building With Watson web series: https://www.ibm.com/smarterplanet/us/en/ibmwatson/building-with-watson-webinar.html
Gohan : YAML-based REST API Service Definition Language
API Definition Generation (including Swagger)
DB Table Generation & OR Mapping
Support Custom Logic using Gohan Script (Javascript, and Go)
Extensible Role-Based Access Control
etcd integration
Slides de suporte da aula de Redes de Computadores - Continuar pesquisas nas bibliografias:
TANENBAUM, Andrew S. Redes de Computadores. Editora Campus, 4 Edição. 2003.
COMER, Douglas E. Interligação de Redes com TCP/IP, volume 1. Editora Campus, 5 Edição. 2006.
TORRES, Gabriel. Redes de Computadores Curso Completo. 1 ed. Editora Axcel Books. 2001.
Cohesive Networks Support Docs: VNS3 Setup for Cisco ASACohesive Networks
VNS3 Setup Guides for Popular Security Appliances (IPsec Configuration Instructions)
Learn how to set up VNS3 with Cisco ASA ASDM 9.2 5.2.2 IPsec devices to get the most out of your VNS3 virtual network device.
LAN to LAN VPN also known as Site to Site VPN is the most basic and the most simplest of all the VPN’s used on CISCO devices. It helps in connecting networks in different geographical location.
Make an IPSEC VPN which will be a redundant one with two VyOS firewalls per site.
I made this document so that people who check for vpns/ipsec has a place to implement a free router/firewall appliance virtually on any hardware and have the necessity going on.
VyOS is a fork from Vyatta which happily runs on a Intel Atom based hardware with at least 256 MB RAM and a HDD with 500 GB storage.
It supports dot1q VLANs, IPSec Site-to-Site/Remote Access VPNs over GRE for B2B connectivity. It supports RIP/OSPF/BGP dynamic protocols. It has support for both interface based and zone based firewalls.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
Site-to-Site IPSEC VPN Between Cisco ASA and Pfsense
1. Site-to-Site IPSEC VPN Between Cisco ASA
and pfSense
IPSEC is a standardized protocol (IETF standard) which means that it is supported by many
different vendors. Therefore if you want to create a VPN between different vendor devices, then
IPSEC VPN is the way to go.
In this article we will see a site-to-site VPN using the IPSEC protocol between a Cisco ASA and
a pfSense firewall. PfSense is an open source distribution of FreeBSD customized for use as a
firewall and router. You can install pfSense on a PC with two (or more) NICs, essentially turning
it into a flexible security appliance. You can obtain your copy of pfSense from the Downloads
section of www.pfsense.org. At the time of this writing, the latest available release is 2.0.2 and
the same has been used in this tutorial.
In this article, we will focus on site-to-site IPsec implementation between a Cisco ASA and a
pfSense firewall, as shown in Figure 1 below.
Figure 1 Cisco ASA to pfSense IPsec Implementation
We will start with a preconfiguration checklist that will serve as a reference for configuration of
IPSEC on both devices. ISAKMP/Phase 1 attributes are used to authenticate and create a secure
tunnel over which IPsec/Phase 2 parameters are negotiated.
2. Table 1 Preconfiguration Checklist: ISAKMP/Phase-1 Attributes
Attribute Value
Encryption AES 128-bit
Hashing SHA-1
Authentication method Preshared keys
DH group Group 2 1024-bit field
Lifetime 86,400 seconds
We will use main mode rather than aggressive mode for negotiation. IPsec Phase 2 attributes are
used to encrypt and decrypt the actual data traffic.
Table 2 Preconfiguration Checklist: IPsec/Phase-2 Attributes
Attribute Value
Encryption AES 128-bit
Hashing SHA-1
Lifetime 28,800 seconds4,608,000 kB
Mode Tunnel
PFS group None
Now that we have determined what Phase 1 and Phase 2 attributes to use, we’re ready to
configure IPsec. We assume that all IP addresses are already configured and basic connectivity
exists between Cisco ASA and pfSense firewall.
3. ASA Configuration
Let’s start with configuring the ASA (Using ASA 8.4(2) in this example):
! IPsec ISAKMP Phase 1
crypto ikev1 policy 1
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
exit
!
crypto ikev1 enable outside
tunnel-group 173.199.183.2 type ipsec-l2l
tunnel-group 173.199.183.2 ipsec-attributes
ikev1 pre-shared-key Cisc0
! IPsec Phase 2
crypto ipsec ikev1 transform-set pfSense-AES128SHA esp-aes esp-sha-hmac
!
access-list outside_cryptomap_10 remark ACL to encrypt traffic from ASA to pfSense
access-list outside_cryptomap_10 extended permit ip 192.168.1.0 255.255.255.0 10.0.0.0
255.255.255.0
!
crypto map outside_map 10 match address outside_cryptomap_10
crypto map outside_map 10 set peer 173.199.183.2
crypto map outside_map 10 set ikev1 transform-set pfSense-AES128SHA
crypto map outside_map interface outside
4. PfSense Configuration
We open the URL http://173.199.183.2 in a Web browser to access the pfSense firewall and
enter the default username/password of admin/pfsense. You may have noticed that
173.199.183.2 is the WAN IP address of the pfSense firewall that indicates we are accessing it
from the Internet.
After successfully logging in you reach the Status page which reports the summary state of your
pfSense firewall. Go to VPN > IPsec using the menu and click add phase1 entry on the
Tunnels tab. Configure ISAKMP/Phase 1 parameters as given in Table 1 and shown in the
following screenshot.
5.
6. Click the Save button to save the configuration and go back to the Tunnels tab. Click add phase
2 entry to configure IPsec/Phase 2 parameters as given in Table 2 and shown in the following
screenshot.
Click the Save button to save changes and go back to the Tunnels tab where you can view a
summary of your Phase 1 and Phase 2 configuration. Check the Enable IPsec checkbox and
press the Save button. In the end, press the Apply changes button to finalize your configuration,
as shown in the following screenshot.
7. Our IPsec configuration is now complete on both devices. We can generate some traffic from a
host in subnet 192.168.1.0/24 connected to Cisco ASA to a host in subnet 10.0.0.2/24 connected
to pfSense, using the ping utility. If ping is successful between the two subnets, an IPsec tunnel
is likely to have established successfully. The same can be verified using command show crypto
ipsec stats on Cisco ASA.
In order to check IPsec tunnel status on the pfSense firewall, go to Status > IPsec. If you see a
tiny green icon in the Status column, IPsec tunnel is successfully established as shown in the
following screenshot.
8. About the Author
Harris Andrea is a Cisco Certified Professional with more than 18 years of experience
working with Cisco network technologies. He is the author of two Cisco Books
(“Cisco ASA Firewall Fundamentals” and “Cisco VPN Configuration Guide”) which
have been embraced by thousands of Cisco professionals all over the world. You can
find more Cisco configuration guides and tutorials on his blog here:
http://www.networkstraining.com