One of the exciting new components of the version 4 CCIE Sec lab is the Identity Services Engine (ISE). It is interesting how many students and even some instructors I speak to that have never even heard of it. In this first post of many that I will feature on this new product for the lab, we will gain a high level understanding of what this product does for us.

First of all, there are lots of variations on how you can implement this service in your network. Let us be clear on our hardware and software focus for the lab. It is the Cisco ISE 3300 Series Identity Services Engine running 1.1x software.
Read Full Entry »

It is here – 9.X code for Cisco’s premier security product – the Adaptive Security Appliance (ASA). While these features are not currently relevant for any of Cisco’s professional certifications, it is certainly relevant for those wanting to implement these new features that engineers may ave been waiting for! Here is a quick list for you of the new features, and a link where you can obtain more information!

• Cisco TrustSec integration - builds upon an existing identity-aware infrastructure to ensure data confidentiality between network devices and integrate security access services on one platform
• Cisco Cloud Web Security (ScanSafe) - provides content scanning and other malware protection service for web traffic; it can also redirect and report about web traffic based on user identity
• Extended ACL and object enhancement to filter ICMP traffic by ICMP code
  Read Full Entry »

Exciting promotions that are scheduled to expire October 31st, 2012. We are offering $999 CCIE Live Instructor Led courses (select dates only), 40% off CCNA Video on Demand Courses, and discounts on all of our NEW flexible online CCIE Security, CCIE Data Center, and CCIE Wireless Bootcamp courses.

October 2012 Promotions – Expire 10/31/2012

*$999 CCIE Bootcamp – R&S & Voice 1 time chance! Register Now!	Troubleshooting Class Recording Save $500! Don’t Miss	2013 CCIE Bootcamp Schedule Reserve your seat
Operation & Troubleshooting Box Set Get ALL 4 Guides for ONLY $399	CCIE R&S Written & Lab Fund Bundle Only $699 with Bootcamp Seat!	CCIE Troubleshooting Bundle Only $999 with Bootcamp Seat
CCIE Data Center Lab Workbook Save $100. Now Available – Chap 1- 5	CCNA VOD – 40% Off Use Coupon Code NA40PRO	Online CCIE Security Bootcamp Use Code SECOLBC – Save $250
Online CCIE Data Center Bootcamp Use Code CCIEOLBC – Save $599	Online CCIE Wireless Bootcamp Use Code CCIEOLBC – Save $599!	This Month’s Promotions View All Promotions

I am still deep into my weakest area – VPNs. I want to send a huge thank you to my friend and quadruple CCIE – Rohit of ACIT.in. He provided a workbook dedicated to just one thing – VPNs!

What are the labs I am working through now? How about every variation we can conceivably run into in the lab exam! For those of you that might be able to benefit – this list is as follows:

• LAN-to-LAN VPN between IOS and ASA without NAT
• Above with NAT-control Enabled
• LAN-to-LAN Between IOS to IOS
• IOS to IOS Using GRE
• SVTI
• DMVPN
• IOS ezVPN Server
• IOS ezVPN Client
• IOS ezVPN Remote Network Extension Mode
• IOS ezVPN Remote Network Plus
• IOS ezVPN Server Using DVTI
• IOS ezVPN Remote Using DTVI Client Mode
• IOS ezVPN Remote Using DTVI – NEM
• IOS ezVPN Remote Using DTVI – Network Plus
• ASA ezVPN Server
• ASA Clientless SSL VPN
• ASA SSL VPN
• IOS WebVPN
• GET VPN

Anthony Sequeira
Twitter: @compsolv
Facebook: http://www.facebook.com/compsolv

Well hello everyone! Several of the blog followers have requested that I detail each day of this final push to CCIE Security 3.0. They realize (correctly) that these final days can be make or break in the pursuit of CCIE and they wanted a glimpse of exactly what I am doing and what my psychology  is. What an awesome idea and I am happy to oblige.

First  - an announcement. My CCIE Security 3.0 Flash Cards are now available on the ANKI Flash Card 2.0 web site. You can go there to get the latest deck each day. Please note – I am indeed adding more Flash Cards everyday! So if you want the latest and greatest – be sure to visit there and download the new deck each day. Here is the link to the ANKI 2.0 Web site where you can retrieve the latest deck using a search on CCIE:

https://ankiweb.net

You should also note that this deck is appropriate for those studying for the CCIE Security 4.0 blueprint  - it will just lack the new devices like the ISE. The deck is also wonderful for those in pursuit of CCNP Security.

So what am I up to in these last days of prep. Well first, I need to tell you about a crossroads I hit a while back. Sure enough, I hit a point where I really had to decide if I would continue this pursuit. I was suddenly questing why in the world I was even doing it! Fortunately, that was right when a friend and coach introduced me to the Tony Robbins RPM Life Management System. This was pretty funny that I got turned on to an Anthony Robbins product since I have always been referred to as the Tony Robbins of Certification Training. A huge compliment indeed now that I have used one of his products and know what he is about.

You see, this system had me focus on what I REALLY want. That is the R in RPM. I decided, yes, I REALLY want the Security CCIE. But then the system makes you focus on the PURPOSE. Why do you really want it?!?! That was the piece that was missing for me. I thought about it and came up with the following list, in no particular order:

• To improve my live online training classes through a deeper understanding of security technologies
• To gain much needed hands on experience with the various security technologies
• To gain additional credibility in the Certification training space
• To be able to assist a much larger pool of students in their Certification goals
• To have a much cooler auto-signature in emails
• To feed my passion for network security in general
• To make my family even more confused about exactly what I do for a living

This step was so critical. And this step might be missing for many of our readers. Once I had this – I had an amazingly renewed energy for the M in RPM and that is my Massive Action Plan. I already had this plan laid out well and I have talked about it in previous posts – but if you are not completely clear on why you are doing the work, it is really tough to get the work done!

So what am I doing today (and for the next 20) – I am tackling only my weakest subject areas! You see, I do not need to worry about full labs as I have completed some and I know I can attack a full lab successfully from a strategic standpoint since I have done this so many time with the R&S track. All I need to do now is really deep, deep dive into the technologies that I am the weakest with. Today – I am tearing apart the GET VPN, and sure enough – NOT THAT HARD!!!! Woohoo! And it is fun!

You see, a hazard with leaving your weak areas till the last days as I have done is that you might let this undermine your confidence. You start allowing that fear of failure in the exam creep into your computer between your ears. No way Jose! Not for me. After all, if I experience a NOT PASS, I have the joy of what I have learned from the experience, and I have the privilege of learning some cool new devices for CCIE Security Version 4.

Thanks for reading, now I have to get back to some routers running the GET VPN, with a couple of ASA devices in between them!

Anthony Sequeira
Twitter: @compsolv
Facebook: http://www.facebook.com/compsolv