Martin Casado explains in an Interop Las Vegas keynote that while infrastructure is going through a transitional phase, this changing of the guard offers exciting growth and a low barrier of entry for new companies and technologies.
I wanted to jot down some quick notes relating to running a virtual Firepower sensor on ESXi and how to validate that all the settings are correct for getting traffic from the physical network down into the sensor.
Firepower is the name of Cisco’s (formerly Sourcefire’s) so-called Next-Gen IPS. The IPS comes in many form-factors, including beefy physical appliances, integrated into the ASA firewall, and as a discrete virtual machine.
Since the virtual machine (likely) does not sit in-line of the traffic that needs to be monitored, traffic needs to be fed into the VM via some method such as a SPAN port or a tap of some sort.
This is probably not a very real-world example since most environments will be running some form of distributed vSwitch (dvSwitch) and not the regular vSwitch, but all I’ve got in my lab is the vSwitch, so work with me. The same considerations apply when running a dvSwitch.
Ensure that the port-group where you’re attaching the NGIPSv allows promiscuous mode. The NGIPSv acts as sniffer and will attempt to put its NICs into promisc mode.
Set this either at Continue reading
In this video, Tony Fortunato shows how TFTP can be problematic when transferring files between network devices.
The DevOps tool isn't easy to learn, but the payoff is increased efficiency in your server room. Shawn Powers explains.