Monday, February 27, 2017

White Rhino Security's Website

I put this together for my new company. It's a work in progress, but I've now got a web presence for my company.

Home Projects: Dining Room Table

My wife and I decided to make a slim dining room table. That's it below, minus the stain. Not too bad for a first run.

Thursday, February 23, 2017

April 1999

You have to hand it to Cisco. They have some good uptimes. This 5500 is still in production today. Although coming out soon...
Here is the manufacturing date on this production access closet...

Tuesday, February 21, 2017

Quote For The Day: 46

There are no problems, only opportunities for growth.  ~~Rebbetzin Dena Weinberg

Monday, February 20, 2017

Cisco ISE: "mounted filesystem without journal" Error Message

Well, let me make this post short and sweet. If you get this message, you are looking at a re-image of the box.

Friday, February 17, 2017

Brocade ICX 7450 Stack

Here is the hardware stacking config on the 7450s. This is the 2x40 (80gig) stacking ports on the back of the units.

Thursday, February 16, 2017

Wednesday, February 15, 2017

Elvis And Johnny Cash

Had a great evening tonight with my wife going to see Scot Bruce and Neil Morrow in concert. Bruce as Elvis Presley and Morrow as Johnny Cash. It's was just a good time.

Saturday, February 11, 2017

Pic Of The Week: Road Trip Weekend

A New Favorite...

A new favorite for me. I don't watch a lot of TV, but once I saw this first episode, I watched them all in two nights. The Kindness Diaries". Check it out.

Friday, February 10, 2017

The Sales People...

I'm sure they are probably mad. After all, it didn't go the way they expected...
Have you ever been on a sales call, and you, being technical, just wanted some real answers?  This call started off with this presales engineer telling us all about his credentials. He named all sorts of things, including finishing up his CISSP and two classes away from having a "masters in security".  His background sounded really impressive.  At least until I started questioning their product.  Something that he claimed had been out for 15 years.
If you recall, I mentioned before that if you put something on your resume, I'm probably going to ask you some technical questions about it. That seems fair to me. Same goes for if you are trying to sell me something. If you come trying to sell, don't be surprised if I nail you with technical questions about your product.
So in this call, I simply started asking some questions that I wanted to understand. DDoS was the topic. I won't go into all the details, but several times I heard nothing but crickets, as I waited for an answer. Honestly, the product was weak. And after asking the hard questions, it became very obvious. It just stunned me that after asking some technical questions about their product to a guy who bragged about almost having his "masters in security", that he couldn't tell me how his product could determine "good traffic from the bad traffic". I mean, IPS was the simple answer. Along with "we filter the bad and send you the good".  I understand IPS, and if you are selling me an IPS product, you should too. And when you come at me with reasons why "I wouldn't want them to make the decision to scrub the traffic themselves", when that is actually what the product is supposed to do and what they are selling, don't be surprised if I pass on the "opportunity". I mean, you are the ISP. You see the traffic before I do, the customer. You are telling me you can't make the decision to scrub the bad traffic, a DDoS attack, before I tell you to do so? And then you can't tell me how that works? And I'm paying you for this? I'm going to go with a "no thanks" for sure.
If you try to sell me something that is big dollars monthly, you need to understand how your product works and it needs to make sense before I'm going to buy it. Real simple folks.

Wednesday, February 8, 2017

Cisco Nexus: How To Span A Port On A Nexus 9K

I came across a need where I had to create a monitor session across a vPC across two Nexus 9Ks.  Otherwise known as spanning a port.  Port-mirroring.  etc.  Pick a name, its all the same.  Either way, I needed all traffic going across two vPCs to go to a firewall where I was waiting eagerly to capture the traffic and see what was going on.  Check Point and Palo Alto firewalls are excellent for this sort of thing.
Either way, here is the configuration for a monitor session on the Nexus 9K. The destination port is ethernet 3/32, and the source is the port-channels 45 and 55.
Nexus9K# config t
Enter configuration commands, one per line. End with CNTL/Z.
Nexus9K(config)# monitor session 1
Nexus9K(config-monitor)# exit
Nexus9K(config)# int eth 3/32
Nexus9K(config-if)# switchport monitor
Nexus9K(config-if)# exit
Nexus9K(config)# monitor session 1
Nexus9K(config-monitor)# destination int eth 3/32
Nexus9K(config-monitor)# source interface port-channel 45 both
Nexus9K(config-monitor)# source interface port-channel 55 both
Nexus9K(config-monitor)# exit
Nexus9K(config)# no monitor session 1 shut

Nexus9K(config)# sh monitor session 1
   session 1
type              : local
state             : up
acl-name          : acl-name not specified
source intf       :
    rx            : Po45          Po55
    tx            : Po45          Po55
    both          : Po45          Po55
source VLANs      :
    rx            :
    tx            :
    both          :
filter VLANs      : filter not specified
source fwd drops  :
destination ports : Eth3/32
PFC On Interfaces :

Monday, February 6, 2017

Just Putting It On Your Resume

It's very interesting what people say that they can do on their resumes. I have been interviewing candidates for a couple of senior network engineer positions, and it's been interesting. My thought is this: if you put it on your resume, I'm going to ask you about it. And I don't mean "Have you ever worked with this product?"
My thought is, if you put down firewalls as something you are experienced with, I'm going to ask you how ACLs work. I'm going to ask you how NAT works. I'm going to ask you how VPNs work. You get my point.
If you put it on your resume, it's fair game to ask about it. Make sure you want to put it on, because I'm going to ask.

Friday, February 3, 2017

This Caught My Ear Tonight....

Just caught my ear tonight.  I hope you like it, and know the truth of the words in this song.  Elvis - You Will Never Walk Alone

Thursday, February 2, 2017

Plan B...

God always has the best plan for our lives, to live for His honor and His glory. I'm convinced of that. And I'm not sad about the road I've traveled. But if there could have been a "plan B", this would have been it for me.  Plan B...