Understanding HTTPS to Decrypt it
|
|
- Moses Lang
- 5 years ago
- Views:
Transcription
1
2 Understanding HTTPS to Decrypt it James Everett
3 Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot# 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
4 Agenda Overview of HTTPS Understanding SSL handshake Working with SSL packet captures Building SSL Policy SSL Policy best practices Troubleshooting SSL in Firepower
5 Your Presenter James Everett Tech Lead for Firepower TAC 4+ Years of experience 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
6 This presentation will not cover Firepower Device Manager Firepower Configuration (excluding SSL) TCP stream (Handshakes ) Basic Wireshark usage Web server configurations 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
7 Overview of HTTPS
8 HTTPS on the web HTTP inside SSL tunnel HTTPS starts as asymmetric encryption Public Key Infrastructure 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
9 Public Key Infrastructure Security of the unknown CERT Cisco.com Cisco.com CERT CERT Cisco.com 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
10 Public Key Infrastructure Building trust Trusted Certificates CERT CERT CERT CERT CERT Cisco.com CERT 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
11 Public Key Infrastructure Malicious Certificates Trusted Certificates CERT CERT CERT CERT Cisco.com CERT 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
12 Public Key Infrastructure Man in the middle on employees Trusted Certificates Company Certificate Authority CERT CERT CERT CERT CERT Cisco.com CERT Cisco.com CERT CERT 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
13 Public Key Infrastructure Man in the middle on guests Trusted Certificates Company Certificate Authority CERT CERT CERT CERT Cisco.com CERT Cisco.com CERT CERT 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
14 Public Key Infrastructure Stolen private key CERT CERT CERT Cisco.com CERT CERT CERT 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
15 Questions? 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
16 Understanding SSL Handshake
17 Client Hello Calling an office Ext: English, French, Spanish Video 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
18 Server Hello Company answers English Badge ID 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
19 Certificate Verify the badge ID Ciscolive.com Badge ID C1sc02018 Directory Snort.org Badge ID IPS Snort.org Badge ID IPS 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
20 Handshake completed We feel safe talking to him 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
21 Client Hello Let us think security this time 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
22 Server Hello and Certificate Thinking security asymmetrically 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
23 Client Key Exchange This is looking better 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
24 Server Change Cipher Spec Now to complete the handshake 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
25 SSL Handshake Complete Now we are talking symmetrically 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
26 Questions? 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
27 Working with SSL packet captures
28 Understanding HTTPS with packet captures High level overview Standard session/deep Dive Decrypt Re-sign
29 Icon Key Stop and wait TAC Tip Reference Slide Platform specific 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
30 Client Hello Unfiltered and full 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
31 Server Hello Reduced in half 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
32 Certificate Showing their credentials 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
33 Client Key Exchange Here starts the encrypted messages 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
34 Standard SSL Session Example 1 Standard non-decrypted SSL session to Example1.pcap 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
35 Example Cisco and/or its affiliates. All rights reserved. Cisco Public 35
36 Example 1 Wireshark tip for following a stream 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
37 Example 1 HTTP to HTTPS re-direct 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
38 Example 1 HTTP to HTTPS Re-direct zoomed in 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
39 Example 1 HTTPS connection to Cisco and/or its affiliates. All rights reserved. Cisco Public 39
40 Client Hello Starting at the top 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
41 Client Hello Cipher Suites 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
42 Client Hello Extensions Server Name Indication (SNI) Issue prior to 6.1 Potential new issue 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
43 Client Hello Extensions continued 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
44 Server Hello 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
45 Certificate Summarized view 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
46 Certificate Take a look before continuing 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
47 Certificate Looking into the presented server certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
48 Certificate Manually checking the certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
49 Certificate Expanding the extensions 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
50 Example 2 Decrypt Re-sign Decrypt Re-sign traffic to Example2.pcap CiscoLiveConnectionEvent-Example2.pdf CiscoLiveConnectionEvent-Example2.csv 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
51 Example 2 Overview of pcap 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
52 Example 2 Verify decryption 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
53 Example 2 Verify decryption continued 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
54 Example 2 PDF of the connection event 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
55 Example 3 Practice your skills (challenging) Example3.pcap FMC.crt (FMC s web certificate) 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
56 Example 3 Questions Was this traffic decrypted? How do you know? 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
57 Example 3 Answers Was this traffic decrypted? How do you know? Was this a fair question? Yes Serial numbers do not match No 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
58 Example 3 How did you find the serial number difference? FMC.crt Example3.pcap 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
59 Example 3 What if we cannot get the certificate? From another network Example3.pcap 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
60 Example 3 Why is the issuer wrong 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
61 Example 3 A simple checkbox 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
62 Example 3 Reasons Let the client decide to trust this certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
63 Example 4 QUIC A look at QUIC Example4.pcap 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
64 Example 4 Open Chrome and wireshark 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
65 Example 4 QUIC is UDP 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
66 TAC skills you learned What the SSL Policy is doing How to follow an SSL session From FMC to the wire How to read in-depth: Client Hello Server Hello Certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
67 Questions? 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 67
68 Building SSL Policy
69 Lab 1: Building the SSL policy Open chrome and select the FMC bookmark Should be the home page Naviage to Object > Object Management Open Lab 1 on your desktop Ca.crt Ca.key.pem Open both files with Notepad++ Right click, edit with Notepad Cisco and/or its affiliates. All rights reserved. Cisco Public 69
70 Importing Certificates 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
71 Importing Certificates Sourcefire 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
72 Importing Certificates Internal CA Import CA Import an Internal CA If generated on Windows, use Certificate Template of Subordinate CA Generate CA Generate a self signed certificate Root CA Generate CSR Sign as a Subordinate CA certificate Windows use Subordinate CA 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
73 Importing Certificates Certificate Install Example If you were not given a password you can leave it blank This accepts Base64 or a certificate file.cer.crt.pem.der If you receive a.pkcs12 or.pkcs7 you need to convert it to a.pem Copy the entire Base64 test in the CSR box to a note pad and save it as a.csr It should look similar to below, the important parts are be sure to include the entire text BEGIN CERTIFICATE REQUEST END CERTIFICATE REQUEST----- Do not add character returns or correct spacing, it could cause issues Use Notepad or something similar, wordpad or Microsoft Word add hidden characters that could cause issues Cisco and/or its affiliates. All rights reserved. Cisco Public 74
74 Importing Certificates Certificate Example -----BEGIN CERTIFICATE REQUEST----- MIIC6zCCAdMCAQAwZTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1EMQ8wDQYDVQQH DAZGdWx0b24xDDAKBgNVBAoMA1RBQzEMMAoGA1UECwwDVEFDMRwwGgYDVQQDDBNG axjlcg93zxiuy2lzy28uy29tmiibijanbgkqhkig9w0baqefaaocaq8amiibcgkc AQEA3P8Q6Kp/LRa+uGqmiHBzyxux63NNRjMfuiRZjAUPWpUPJkooKQs5SwCjuecG BU+aOKe7n6oxmYgNStBCLn0pBHeYYOR4ycTjNs0cyGzLRhkFdvMHfYMSd2oeRN2u X2ZegisTMee0h1+BtmpfuQnCzqTcl3MpfxP8UtjMEixtIr+c5CQdi4WIona8+UQ0 mnodvsgzbtwsaqelmbthfwy/1mfds4zg1ohtobibom6yefu86yuzjaywlilupevl 3iVFCAcjvu02fvGZuPyws+6TsW/+7YVHh2WSXiiIxSU3PuOMyRvQnfiK95JQBChU W1aZ920PKBZMzAIAknFf5nrTvwIDAQABoEEwPwYJKoZIhvcNAQkOMTIwMDAdBgNV HQ4EFgQULVRSd/wf9+EvpfB9DcXMRyglUAswDwYDVR0TAQH/BAUwAwEB/zANBgkq hkig9w0baqsfaaocaqeavncjebpzf2odf7j5ek6dhwkf+lrfnu/dy9xiwmhfaxwb 1p1iS1q93Sekq1uRO+hUGaVEfWr08tCVTrZ69Lo4t8PUHctcspUANCd9bRko1aV3 +4pD2mVudckjHcYmI/kr39BnOSxH0QxkFCGYHhG5nF4Hl4FYcmmhm1QPpkEPadIe J7kUntGJ6QxCIlUZsMMmQIvXVnMc1F2C/QTi20scvEhnX/txJ8GfKqFEsNdjSuk1 dhujvw6nqucyo7mwbbcitxgyszaaw8m2shg4cwdsrbqjuhalegvkogqsxujbgylr 3OMOao+JJMNgKFLKWSuif02Z+bcTHDxB55O1KcG6Aw== 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 75
75 Importing Certificates 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
76 SSL Policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
77 SSL Policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 78
78 SSL Policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 79
79 SSL Policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
80 SSL Policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 81
81 SSL Policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 82
82 SSL Policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 83
83 Undecryptable Actions Compressed Session The SSL session applies a data compression method SSLv2 Session The session is encrypted with SSL version 2 Note that traffic is decryptable if the ClientHello message is SSL 2.0, and the remainder of the transmitted traffic is SSL 3.0. Unknown Cipher Suite The system does not recognize the cipher suite Software update may be required Unsupported Cipher Suite The system does not support decryption based on the detected cipher suite 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
84 Undecryptable Actions Session not cached The SSL session has session reuse Mid-stream pickup (SSL handshake not seen) Snort restart (SSL session tables) Handshake Errors An error occurred during SSL handshake negotiation Unsupported extension in SSL Handshake Extended Master Secret prior to 6.1 would cause this. Decryption Errors An error occurred during traffic decryption Not possible to allow this traffic, if this error occurs the session is blocked Cisco and/or its affiliates. All rights reserved. Cisco Public 85
85 SSL Policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 86
86 Using the SSL policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
87 Using the SSL policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 88
88 Using the SSL policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 89
89 Using the SSL Policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 90
90 Using the SSL Policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 91
91 Deploy our changes 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 92
92 Deploy our changes 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 93
93 Deploy our changes 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
94 Lab 2 Decrypting Traffic RDP into Should be a link on your desktop Administrator/C1sco12345 Navigate to Cisco and/or its affiliates. All rights reserved. Cisco Public 95
95 Decrypting traffic Untrusted Certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
96 Decrypting traffic Bypassing the untrust warning 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 97
97 Find the connection event Easy Search 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 98
98 Find the connection event 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 99
99 Challenge Navigate to Cisco and/or its affiliates. All rights reserved. Cisco Public 100
100 Challenge Why is this happening? 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 101
101 Challenge Answer Images, CSS, other page data is pulled from other sites. Fail because the certificate is untrusted Cisco and/or its affiliates. All rights reserved. Cisco Public 102
102 Lab 3 Installing the certificate RDP into Should be a link on your desktop Administrator/C1sco12345 Open Lab 1 Double click the CA certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 103
103 Lab 3 Installing the certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 104
104 Lab 3 Installing the certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 105
105 Lab 3 Installing the certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 106
106 Lab 3 Installing the certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 107
107 Lab 3 Installing the certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 108
108 Lab 3 Testing 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 109
109 Challenge Why did I put Chrome/IE in the top right and not include Firefox? Safari is the same as IE in this example 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 110
110 Challenge Answer Firefox uses it s own Certificate Authority repository Cisco and/or its affiliates. All rights reserved. Cisco Public 111
111 Install the certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 112
112 Install the certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 113
113 Challenge You just installed the SSL Policy You just installed the certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 114
114 Challenge 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 115
115 Challenge Answer HSTS is comparing a cached certificate to the newly received Clear cache 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 116
116 Questions? 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 117
117 SSL Policy Best Practices
118 Typical deployment: Decrypt Resign 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 119
119 Typical deployment: Decrypt Known-key 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 120
120 Required before you begin Best Practices Internal root Certificate Authority (CA) Import all CAs in Trusted CA* 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 121
121 Typical basic policy Decrypt Resign 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 122
122 Typical basic policy Decrypt Known Key 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 123
123 Typical basic policy Decrypt Combo 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 124
124 Good practice policy Aware of government laws 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 125
125 Good practice policy For general purposes 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 126
126 Good practice Notice 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 127
127 What to expect Currently an 80% performance hit May required webserver modifications Perfect Forward Secrecy (ECDHE) does not work in Decrypt Known-key 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 128
128 Questions? 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 129
129 Troubleshooting SSL in Firepower
130 Interpreting the connection events Enable the column Success Error 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 131
131 Interpreting the connection event Certificate deep dive 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 132
132 Check the SSL policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 133
133 Check the SSL policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 134
134 Check the SSL policy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 135
135 Packet capture on Firepower Threat Defense (firepower) >capture-traffic SHELL Please chose domain to capture traffic from: 0 br1 1 Router Selection? 1 Please specify tcpdump options desired. (or enter? for a list of supported options) Options: ^C Caught interrupt signal Exiting. Ctrl+C to end Always write to a file!!! 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 136
136 Packet capture on Firepower Threat Defense (Lina) SHELL >capture capin interface Inside match tcp host any eq 443 >show capture capture capin type raw-data interface Inside [Capturing - 0 bytes] match tcp host any eq https > > >copy /pcap capture:capin disk0: Source capture name [capin]? Destination filename [capin]?!!!!!!!!!! 353 packets copied in 0.40 secs > 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 137
137 Client Hello Tuning SHELL >system support ssl-client-hello-tuning SSL Client Hello tuning of attributes ciphers_allow, ciphers_remove, extensions_allow, extensions_remove, curves_allow, curves_remove handshake attribute > system support ssl-client-hello-tuning extensions_remove 16,13172 Using tuning file: /etc/sf/ssl_client_hello.conf Parameter and value successfully added to configuration file. Configuration file contents (defaults added automatically): extensions_remove=16, = Application Layer Protocol Negotiation = Next protocol negotiation You must restart snort before this change will take affect This can be done via the CLI command 'pmtool restartbytype DetectionEngine'. > system support ssl-client-hello-reset Using tuning file: /etc/sf/ssl_client_hello.conf Are you certain that you wish to delete the current SSL tuning configuration file? (y/n) [n]: y This example is used to fix block pages in HTTPS traffic. Configuration file successfully deleted Cisco and/or its affiliates. All rights reserved. Cisco Public 138
138 Lab 4 Seeing Decryption at a packet level RDP into Should be a link on your desktop Administrator/C1sco12345 Put in place the SSL Policy from Lab 1 Should already be installed SSH into FTD Open putty, should be a saved session (NGFW) admin/c1sco12345 Capture packets Download and inspect 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 139
139 Lab 4 SHELL >capture capin interface inside buffer match tcp host any eq 443 >capture capout interface outside buffer match tcp any any eq 443 >show capture capture capin type raw-data interface inside [Capturing - 0 bytes] match tcp host <ip> any eq https capture capin type raw-data interface outside [Capturing - 0 bytes] match tcp host <ip> any eq https --> Now navigate to Cisco and/or its affiliates. All rights reserved. Cisco Public 140
140 Lab 4 Testing 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 141
141 Lab 4 SHELL >copy /noconfirm /pcap capture:capin disk0: Source capture name [capin]? Destination filename [capin]?!!!!!!!!!! 353 packets copied in 0.40 secs >copy /noconfirm /pcap capture:capout disk0: Source capture name [capout]? Destination filename [capout]?!!!!!!!!!! 364 packets copied in 0.40 secs >expert #sudo cp /mnt/disk0/capin /ngfw/var/common/capin.pcap Password: #sudo cp /mnt/disk0/capout /ngfw/var/common/capout.pcap Password: 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 142
142 Lab 4 Retrieve pcap 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 143
143 Lab 4 Retrieve pcap continued 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 144
144 Lab 4 Compare the Client Hellos 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 145
145 Lab 5 Decrypt Known Key Find Outside.cer and outside.key in Certificates Install the certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 146
146 Lab 5 Importing Internal Certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 147
147 Lab 5 Internal Certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 148
148 Lab 5 Rule 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 149
149 Lab 5 Navigate to from RDP session 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 150
150 Challenge Why are you getting certificate errors? Is the certificate installed? 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 151
151 Challenge Hint 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 152
152 Challenge Answer Answer 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 153
153 Questions? 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 162
154 Scenarios Based on TAC cases
155 Scenario 1 Put a block social media URL rule at the top of the SSL policy Navigate to facebook.com, ciscolive.com, cisco.com 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
156 Scenario 1 Questions Is traffic decrypted as expected? Why? 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
157 Scenario 1 Answers SSL Policy will default to the default action if URL filtering fails lookup Cisco and/or its affiliates. All rights reserved. Cisco Public
158 Scenario 1 Answers Continued 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
159 Scenario 2 Your company has a wildcard certificate (Outside.cer) Import Outside.cer and Outside.key as an Internal CA This simulates a Public CA Certificate(DigiCert/RapidSSL) Use it to Decrypt Re-sign 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
160 Scenario 2 common questions Why can I not use our company s wildcard certificate? This certificate was not meant for this 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
161 Scenario Cisco and/or its affiliates. All rights reserved. Cisco Public
162 Scenario 2 Answer You must use a Subordinate or Root Certificate Authority Certificate When getting CSR signed, Windows in particular requires the Subordinate Certificate Template 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
163 Scenario 3 We have a ticket from an end user who cannot get to Facebook.com from their computer 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
164 Scenario 3 Domain joined machine Using Active Directory to push out the Root Certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
165 Scenario 3 Answer Firefox Install the certificate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
166 Scenario 4 (Challenging) We have a ticket from an end user who cannot use the Facebook app on their phone Cisco and/or its affiliates. All rights reserved. Cisco Public
167 Scenario 4 Certificate pinning can happen with phone app Having the certificate stored in the application to prevent MitM Check SSL Flow Errors 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
168 Common Tac cases That you have learned to avoid Certificate not installed on clients Active Directory gives an option to push certificates to domain joined machines. Wrong certificate type Block rule/default action in SSL Policy URL filtering rules 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 177
169 TAC Case open template For questions about SSL errors or unexpected actions to speed up the TAC case please open with the following: CSV report output of Connection Events matching this traffic Packet capture Client Sensor Server side Explanation of the applications and errors seen Include any recent changes you are aware of Troubleshoot from the sensor 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 178
170 Questions? 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 179
171 Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot# 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
172 Please complete your Online Session Evaluations after each session Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt All surveys can be completed via the Cisco Live Mobile App or the Communication Stations Complete Your Online Session Evaluation Don t forget: Cisco Live sessions will be available for viewing on-demand after the event at Cisco and/or its affiliates. All rights reserved. Cisco Public
173 Continue Your Education Demos in the Cisco campus Walk-in Self-Paced Labs Tech Circle Meet the Engineer 1:1 meetings Related sessions 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 182
174 Thank you
175
176
This document describes the configuration of Secure Sockets Layer (SSL) decryption on the FirePOWER Module using ASDM (On-Box Management).
Contents Introduction Prerequisites Requirements Components Used Background Information Outbound SSL Decryption Inbound SSL Decryption Configuration for SSL Decryption Outbound SSL decryption (Decrypt
More informationStart Creating SSL Policies
The following topics provide an overview of SSL policy creation, configuration, management, and logging. SSL Policies Overview, on page 1 SSL Policy Default Actions, on page 2 Default Handling Options
More informationUnderstanding Traffic Decryption
The following topics provide an overview of SSL inspection, describe the prerequisites for SSL inspection configuration, and detail deployment scenarios. Traffic Decryption Overview, page 1 SSL Handshake
More informationNXOS in the Real World Using NX-API REST
NXOS in the Real World Using NX-API REST Adrian Iliesiu Corporate Development Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationCisco Firepower NGIPS Tuning and Best Practices
Cisco Firepower NGIPS Tuning and Best Practices John Wise, Security Instructor High Touch Delivery, Cisco Learning Services CTHCRT-2000 Cisco Spark How Questions? Use Cisco Spark to communicate with the
More informationAn Introduction to Monitoring Encrypted Network Traffic with "Joy"
An Introduction to Monitoring Encrypted Network Traffic with "Joy" Philip Perricone (SE) Bill Hudson (TL) Blake Anderson (TL) David McGrew (Fellow) Cisco Spark How Questions? Use Cisco Spark to communicate
More informationHands-On with IoT Standards & Protocols
DEVNET-3623 Hands-On with IoT Standards & Protocols Casey Bleeker, Developer Evangelist @geekbleek Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this
More informationUnderstanding Traffic Decryption
The following topics provide an overview of SSL inspection, describe the prerequisites for SSL inspection configuration, and detail deployment scenarios. About Traffic Decryption, page 1 SSL Inspection
More informationUser Identity Sources
The following topics describe Firepower System user identity sources, which are sources for user awareness. These users can be controlled with identity and access control policies: About, on page 1 The
More informationManaging SSL/TLS Traffic Flows
Some protocols, such as HTTPS, use Secure Sockets Layer (SSL) or its follow-on version, Transport Layer Security (TLS), to encrypt traffic for secure transmissions. Because encrypted traffic cannot be
More informationDEVNET Introduction to Git. Ashley Roach Principal Engineer Evangelist
DEVNET-1080 Introduction to Git Ashley Roach Principal Engineer Evangelist Twitter: @aroach Email: asroach@cisco.com Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the
More informationYour API Toolbelt Tools and techniques for testing, monitoring, and troubleshooting REST API requests
DEVNET-1631 Your API Toolbelt Tools and techniques for testing, monitoring, and troubleshooting REST API requests Adam Kalsey, Spark Developer Relations Cisco Spark How Questions? Use Cisco Spark to communicate
More informationSetup SSL Insight in a Single Partition with dynamic port & non-http intercept
TECH NOTE WRITING TEMPLATE Setup SSL Insight in a Single Partition with dynamic port & non-http intercept Overview This tech note will provide the reader with the information to understand, configure,
More informationTransport Layer Security
CEN585 Computer and Network Security Transport Layer Security Dr. Mostafa Dahshan Department of Computer Engineering College of Computer and Information Sciences King Saud University mdahshan@ksu.edu.sa
More informationGetting Started with Access Control Policies
Getting Started with Control Policies The following topics describe how to start using access control policies: Introduction to Control, page 1 Managing Control Policies, page 6 Creating a Basic Control
More informationAbout DPI-SSL. About DPI-SSL. Functionality. Deployment Scenarios
DPI-SSL About DPI-SSL Configuring Client DPI-SSL Settings Configuring Server DPI-SSL Settings About DPI-SSL About DPI-SSL Functionality Deployment Scenarios Customizing DPI-SSL Connections per Appliance
More informationGet Hands On With DNA Center APIs for Managing Intent
DEVNET-3620 Get Hands On With DNA Center APIs for Managing Intent Adam Radford Distinguished Systems Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session
More informationUser Identity Sources
The following topics describe Firepower System user identity sources, which are sources for user awareness. These users can be controlled with identity and access control policies: About, page 1 The User
More informationCloud Mobility: Meraki Wireless & EMM
BRKEWN-2002 Cloud Mobility: Meraki Wireless & EMM Emily Sporl Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile
More informationServiceability of SD-WAN
BRKCRS-2112 Serviceability of SD-WAN Chandrabalaji Rajaram & Ali Shaikh Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live
More informationPnP Deep Dive Hands-on with APIC-EM and Prime Infrastructure
LTRNMS-2007 PnP Deep Dive Hands-on with APIC-EM and Prime Infrastructure Thomas Gerneth, Julian Mueller,Tobias Huelsdau Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after
More informationBGP in the Enterprise for Fun and (fake) Profit: A Hands-On Lab
BGP in the Enterprise for Fun and (fake) Profit: A Hands-On Lab Michael Kowal, Principal Systems Engineer, @ciscomk Dash Thompson, Systems Engineer, @dash_thompson Abel Ramirez, Systems Engineer, @ramirezabel21
More informationTRex Realistic Traffic Generator
DEVNET-1120 TRex Realistic Traffic Generator Hanoch Haim, Principal Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco
More informationThe following topics explain how to get started configuring Firepower Threat Defense. Table 1: Firepower Device Manager Supported Models
The following topics explain how to get started configuring Firepower Threat Defense. Is This Guide for You?, page 1 Logging Into the System, page 2 Setting Up the System, page 6 Configuration Basics,
More informationDissecting Firepower-FTD & Firepower-Services Design & Troubleshooting
BRKSEC-3455 Dissecting Firepower-FTD & Firepower-Services Design & Troubleshooting Foster Lipkey, Technical Leader Veronika Klauzova, TAC Tech Lead Cisco Spark How Questions? Use Cisco Spark to communicate
More informationThe following topics provide more information on user identity. Establishing User Identity Through Passive Authentication
You can use identity policies to collect user identity information from connections. You can then view usage based on user identity in the dashboards, and configure access control based on user or user
More informationRealms and Identity Policies
The following topics describe realms and identity policies: About, page 1 Create a Realm, page 8 Create an Identity Policy, page 15 Create an Identity Rule, page 15 Manage a Realm, page 20 Manage an Identity
More informationVII. Corente Services SSL Client
VII. Corente Services SSL Client Corente Release 9.1 Manual 9.1.1 Copyright 2014, Oracle and/or its affiliates. All rights reserved. Table of Contents Preface... 5 I. Introduction... 6 Chapter 1. Requirements...
More informationAutomation with Meraki Provisioning API
DEVNET-2120 Automation with Meraki Provisioning API Courtney M. Batiste, Solutions Architect- Cisco Meraki Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1.
More informationConfiguring F5 for SSL Intercept
Configuring F5 for Welcome to the F5 deployment guide for configuring the BIG-IP system for SSL intercept (formerly called with Air Gap Egress Inspection). This document contains guidance on configuring
More informationRealms and Identity Policies
The following topics describe realms and identity policies: Introduction:, page 1 Creating a Realm, page 5 Creating an Identity Policy, page 11 Creating an Identity Rule, page 15 Managing Realms, page
More informationICE / TURN / STUN Tutorial
BRKCOL-2986 ICE / TURN / STUN Tutorial Kristof Van Coillie, Technical Leader, Services Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationCreate Decryption Policies to Control HTTPS Traffic
Create Decryption Policies to Control HTTPS Traffic This chapter contains the following sections: Overview of Create Decryption Policies to Control HTTPS Traffic, page 1 Managing HTTPS Traffic through
More informationAgility2018-TCPdump Documentation
Agility2018-TCPdump Documentation Release.01 David Larsen Aug 10, 2018 Switches 1 F5 tcpdump and Wireshark 3 1.1 tcpdump Switches............................................ 3 1.2 tcpdump Filters..............................................
More informationBRKCOC-2399 Inside Cisco IT: Integrating Spark with existing large deployments
Inside Cisco IT: Integrating Spark with existing large deployments Jan Seynaeve, Sr. Collaborations Engineer Luke Clifford, Sr. Collaborations Engineer Cisco Spark How Questions? Use Cisco Spark to communicate
More informationCatalyst 9K High Availability Lab
LTRCRS-2090 Catalyst 9K High Availability Lab Minhaj Uddin Technical Marketing Engineering Sai Zeya Technical Marketing Engineering Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker
More informationHow to Configure SSL Interception in the Firewall
Most applications encrypt outgoing connections with SSL or TLS. SSL Interception decrypts SSL-encrypted traffic to allow Application Control features (such as the Virus Scanner, ATD, URL Filter, Safe Search,
More informationDevice Management Basics
The following topics describe how to manage devices in the Firepower System: The Device Management Page, on page 1 Remote Management Configuration, on page 2 Add Devices to the Firepower Management Center,
More informationConfiguring SSL Security
CHAPTER9 This chapter describes how to configure SSL on the Cisco 4700 Series Application Control Engine (ACE) appliance. This chapter contains the following sections: Overview Configuring SSL Termination
More informationDeploying Cloud-Agnostic Applications with Cisco CloudCenter
LTRCLD-2303 Deploying Cloud-Agnostic Applications with Cisco CloudCenter Zack Kielich CloudCenter Product Manager Vince Motto Sr. Technical Leader Andrew Horrigan Consulting Engineer Matt Tarkington Consulting
More information2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco ACI App Center Fabrice Servais, Software Engineer, Data Center Networking, Cisco Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationApplication Detection
The following topics describe Firepower System application detection : Overview:, on page 1 Custom Application Detectors, on page 6 Viewing or Downloading Detector Details, on page 14 Sorting the Detector
More informationIdentity Policies. Identity Policy Overview. Establishing User Identity through Active Authentication
You can use identity policies to collect user identity information from connections. You can then view usage based on user identity in the dashboards, and configure access control based on user or user
More informationThe World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to
1 The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to compromises of various sorts, with a range of threats
More informationCisco SD-Access Hands-on Lab
LTRCRS-2810 Cisco SD-Access Hands-on Lab Larissa Overbey - Technical Marketing Engineer, Cisco Derek Huckaby - Technical Marketing Engineer, Cisco https://cisco.box.com/v/ltrcrs-2810-bcn2018 Password:
More informationMagical Chatbots with Cisco Spark and IBM Watson
DEVNET-2321 Magical Chatbots with Cisco Spark and IBM Watson Lauren Ramgattie, Technical Marketing Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session
More informationConfiguring SSL. SSL Overview CHAPTER
7 CHAPTER This topic describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section are:
More informationHow to Configure SSL Interception in the Firewall
Most applications encrypt outgoing connections with SSL or TLS. SSL Interception decrypts SSL-encrypted HTTPS and SMTPS traffic to allow Application Control features (such as the Virus Scanner, ATP, URL
More informationAccess Control Using Intrusion and File Policies
The following topics describe how to configure access control policies to use intrusion and file policies: About Deep Inspection, page 1 Access Control Traffic Handling, page 2 File and Intrusion Inspection
More informationConfiguring SSL CHAPTER
7 CHAPTER This chapter describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section
More informationPASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year
PASS4TEST \ http://www.pass4test.com We offer free update service for one year Exam : 300-210 Title : Implementing Cisco Threat Control Solutions Vendor : Cisco Version : DEMO Get Latest & Valid 300-210
More informationDPI-SSL. DPI-SSL Overview
DPI-SSL Document Scope This document describes the DPI-SSL feature available in SonicOS 5.6. This document contains the following sections: DPI-SSL Overview section on page 1 Using DPI-SSL section on page
More informationUsing SourceTree on the Development Server
Using SourceTree on the Development Server This content has been modified to exclude client information. Such omissions include the client name and details of the client s infrastructure, such as domain
More informationCisco Firepower Troubleshoot File Generation Procedures
Cisco Firepower Troubleshoot File Generation Procedures Contents Introduction Prerequisites Using the Web Interface of FMC Generate a Troubleshoot File Download a Troubleshoot File Using the Command Line
More informationTetration Hands-on Lab from Deployment to Operations Support
LTRACI-2184 Tetration Hands-on Lab from Deployment to Operations Support Furong Gisiger, Solutions Architect Lawrence Zhu, Sr. Solutions Architect Cisco Spark How Questions? Use Cisco Spark to communicate
More informationCNIT 121: Computer Forensics. 9 Network Evidence
CNIT 121: Computer Forensics 9 Network Evidence The Case for Network Monitoring Types of Network Monitoring Types of Network Monitoring Event-based alerts Snort, Suricata, SourceFire, RSA NetWitness Require
More informationThreat Centric Network Security
BRKSEC-2056 Threat Centric Network Security Ted Bedwell, Principal Engineer Network Threat Defence Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this
More informationInstall the ExtraHop session key forwarder on a Windows server
Install the ExtraHop session key forwarder on a Windows server Published: 2018-07-23 The ExtraHop session key forwarder runs as a process on a monitored Windows server running SSL services. The forwarder
More informationConfiguring SSL. SSL Overview CHAPTER
CHAPTER 8 Date: 4/23/09 This topic describes the steps required to configure your ACE (both the ACE module and the ACE appliance) as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination.
More informationAccess Control Using Intrusion and File Policies
The following topics describe how to configure access control policies to use intrusion and file policies: Intrusions and Malware Inspection Overview, page 1 Access Control Traffic Handling, page 2 File
More informationRealms and Identity Policies
The following topics describe realms and identity policies: About, page 1 Create a Realm, page 8 Create an Identity Policy, page 14 Create an Identity Rule, page 15 Manage a Realm, page 17 Manage an Identity
More informationConnection and Security Intelligence Events
and Security Intelligence Events The following topics describe how to use connection and security events tables. Event Basics, page 1 Using and Security Intelligence Event Tables, page 22 Viewing the Summary
More informationThere are two ways for a sensor device to detect the Security Group Tag (SGT) assigned to the traffic:
Contents Introduction Components Used Overview The User-IP Mapping Method The Inline Tagging Method Troubleshooting From the Restricted Shell of a Firepower Device From the Expert Mode of a Firepower Device
More informationNew Features and Functionality
This section describes the new and updated features and functionality included in Version 6.2.1. Note that only the Firepower 2100 series devices support Version 6.2.1, so new features deployed to devices
More informationConfiguration and Operation of FTD Prefilter
Configuration and Operation of FTD Prefilter Policies Contents Introduction Prerequisites Requirements Components Used Background Information Configure Pre-filter Policy Use Case 1 Pre-filter Policy Use
More informationOverview of SSL/TLS. Luke Anderson. 12 th May University Of Sydney.
Overview of SSL/TLS Luke Anderson luke@lukeanderson.com.au 12 th May 2017 University Of Sydney Overview 1. Introduction 1.1 Raw HTTP 1.2 Introducing SSL/TLS 2. Certificates 3. Attacks Introduction Raw
More informationDevOps CICD for VNF a NetOps Approach
DevOps CICD for VNF a NetOps Approach Renato Fichmann Senior Solutions Architect Cisco Advanced Services Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1.
More informationCloudCenter for Developers
DEVNET-1198 CloudCenter for Developers Conor Murphy, Systems Engineer Data Centre Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the
More informationRouting Underlay and NFV Automation with DNA Center
BRKRST-1888 Routing Underlay and NFV Automation with DNA Center Prakash Rajamani, Director, Product Management Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session
More informationSSL Custom Application
feature enables users to customize applications that run on any protocol over Secure Socket Layer (SSL), including HTTP over Secure Socket Layer (HTTPS), using the server name, if it exists in the Client
More informationHybrid Cloud Automation using Cisco CloudCenter API
Hybrid Cloud Automation using Cisco CloudCenter API Ray Doerr, Advanced Services Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationAccess Control. Access Control Overview. Access Control Rules and the Default Action
The following topics explain access control rules. These rules control which traffic is allowed to pass through the device, and apply advanced services to the traffic, such as intrusion inspection. Overview,
More informationTroubleshoot. Locate chip.log File. Procedure
Locate chip.log File, page 1 Locate chip.dmp File, page 2 Reset Admin Password for Administration, page 2 Reset Root Password for Server, page 2 Audio and Video Issues, page 4 Call Links Redirect to Cisco
More informationSystem Administration
Most of SocialMiner system administration is performed using the panel. This section describes the parts of the panel as well as other administrative procedures including backup and restore, managing certificates,
More informationInstall the ExtraHop session key forwarder on a Windows server
Install the ExtraHop session key forwarder on a Windows server Published: 2018-10-09 The ExtraHop session key forwarder runs as a process on a monitored Windows server running SSL services. The forwarder
More informationInstall the ExtraHop session key forwarder on a Windows server
Install the ExtraHop session key forwarder on a Windows server Published: 2018-07-19 The ExtraHop session key forwarder runs as a process on a monitored Windows server running SSL services. The forwarder
More informationAccess Control. Access Control Overview. Access Control Rules and the Default Action
The following topics explain access control rules. These rules control which traffic is allowed to pass through the device, and apply advanced services to the traffic, such as intrusion inspection. Overview,
More informationFile Reputation Filtering and File Analysis
This chapter contains the following sections: Overview of, page 1 Configuring File Reputation and Analysis Features, page 5 File Reputation and File Analysis Reporting and Tracking, page 14 Taking Action
More informationSharkFest 17 Europe. 20 QUIC Dissection. Using Wireshark to Understand QUIC Quickly. Megumi Takeshita. ikeriri network service
SharkFest 17 Europe 20 QUIC Dissection Using Wireshark to Understand QUIC Quickly ParkSuite Classroom 11 November 2017 11:15am-12:30pm Megumi Takeshita ikeriri network service supplimental files http://www.ikeriri.ne.jp/sharkfest
More informationDevNet Workshop-Hands-on with CloudCenter and Jenkins
DevNet Workshop-Hands-on with CloudCenter and Jenkins Tuan Nguyen, Technical Marketing Engineer, CPSG Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find
More informationSecuring Connections with Digital Certificates in Router OS. By Ezugu Magnus PDS Nigeria
Securing Connections with Digital Certificates in Router OS By Ezugu Magnus PDS Nigeria About the Presenter MikroTik Certifications My Contact details: Mikrotik Certified Engineer (MTCNA,MTCRE,MTCWE,MTCTCE,MTCUME,MTCINE)
More informationAutomation and Programmability using Cisco Open NXOS and DevOps Tools
Automation and Programmability using Cisco Open NXOS and DevOps Tools Jeff Lester Sr. Solutions Integration Architect Matt Tarkington Consulting Engineer Services Cisco Spark How Questions? Use Cisco Spark
More informationMonitoring the Device
The system includes dashboards and an Event Viewer that you can use to monitor the device and traffic that is passing through the device. Enable Logging to Obtain Traffic Statistics, page 1 Monitoring
More informationDevice Management Basics
The following topics describe how to manage devices in the Firepower System: The Device Management Page, on page 1 Remote Management Configuration, on page 2 Adding Devices to the Firepower Management
More informationVMware AirWatch Certificate Authentication for Cisco IPSec VPN
VMware AirWatch Certificate Authentication for Cisco IPSec VPN For VMware AirWatch Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.
More informationSystem Configuration. The following topics explain how to configure system configuration settings on Firepower Management Centers and managed devices:
The following topics explain how to configure system configuration settings on Firepower Management Centers and managed devices: Introduction to, page 2 Appliance Information, page 5 Custom HTTPS Certificates,
More informationData collected by Trend Micro is subject to the conditions stated in the Trend Micro Privacy Policy:
Privacy and Personal Data Collection Disclosure Certain features available in Trend Micro products collect and send feedback regarding product usage and detection information to Trend Micro. Some of this
More informationUsing the Terminal Services Gateway Lesson 10
Using the Terminal Services Gateway Lesson 10 Skills Matrix Technology Skill Objective Domain Objective # Deploying a TS Gateway Server Configure Terminal Services Gateway 2.2 Terminal Services (TS) Web
More informationCisco SD-Access Building the Routed Underlay
Cisco SD-Access Building the Routed Underlay Rahul Kachalia Sr. Technical Leader Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the
More informationConnection Logging. Introduction to Connection Logging
The following topics describe how to configure the Firepower System to log connections made by hosts on your monitored network: Introduction to, page 1 Strategies, page 2 Logging Decryptable Connections
More informationSOURCEFIRE 3D SYSTEM RELEASE NOTES
SOURCEFIRE 3D SYSTEM RELEASE NOTES Version 5.3.0.3 Original Publication: April 21, 2014 These release notes are valid for Version 5.3.0.3 of the Sourcefire 3D System. Even if you are familiar with the
More informationSonicOS Release Notes
SonicOS Contents Platform Compatibility... 1 Known Issues... 2 Resolved Issues... 4 Upgrading SonicOS Enhanced Image Procedures... 5 Related Technical Documentation... 10 Platform Compatibility The SonicOS
More informationU.S. E-Authentication Interoperability Lab Engineer
Using Digital Certificates to Establish Federated Trust chris.brown@enspier.com U.S. E-Authentication Interoperability Lab Engineer Agenda U.S. Federal E-Authentication Background Current State of PKI
More informationDevice Management Basics
The following topics describe how to manage devices in the Firepower System: The Device Management Page, page 1 Remote Management Configuration, page 2 Adding Devices to the Firepower Management Center,
More informationCisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339
Cisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339 Agenda Introduction to Lab Exercises Platforms and Solutions ASA with
More informationHW/Lab 3: SSL/TLS. CS 336/536: Computer Network Security DUE 11am on Nov 10 (Monday)
HW/Lab 3: SSL/TLS CS 336/536: Computer Network Security DUE 11am on Nov 10 (Monday) This HW/Lab assignment covers Lectures 7. Please review these thoroughly before starting to work on the assignment. It
More informationInstall the ExtraHop session key forwarder on a Windows server
Install the ExtraHop session key forwarder on a Windows server Published: 2018-12-17 Perfect Forward Secrecy (PFS) is a property of secure communication protocols that enables short-term, completely private
More informationDemystifying Machine Learning
Demystifying Machine Learning Dmitry Figol, WW Enterprise Sales Systems Engineer - Programmability @dmfigol CTHRST-1002 Agenda Machine Learning examples What is Machine Learning Types of Machine Learning
More informationConnection Logging. About Connection Logging
The following topics describe how to configure the Firepower System to log connections made by hosts on your monitored network: About, page 1 Strategies, page 2 Logging Decryptable Connections with SSL
More informationLecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.
15-441 Lecture Nov. 21 st 2006 Dan Wendlandt Worms & Viruses Phishing End-host impersonation Denial-of-Service Route Hijacks Traffic modification Spyware Trojan Horse Password Cracking IP Spoofing DNS
More information