Dec
19
The recording of last week's seminar on Introduction to DMVPN for CCIE R&S v5 Candidates is now available to view here.  This is the first of many new free seminars on new topics that have been added to the CCIE R&S version 5 blueprint.  New upcoming sessions will include IPv6 First Hop Security, IPsec LAN-to-LAN tunnels, GET VPN, IGP Convergence & Scalability, and BGP Convergence & Scalability, just to name a few. Feel free to submit requests for additional topics in the comments below. Read More
Oct
07
Another new update is now available for the CCIE Security Advanced Technologies Class. This update adds an additional 15 hours of videos to the series, which includes the rest of IPsec, IPS, and AAA. All Access Pass subscribers and customers who purchased download access can login to the INE members site to see the new additions.  This brings the series up to about 40 hours of videos, which will be further increased with some minor updates I'll be adding over the next few weeks. If there is a... Read More
Jan
10
I. Security Fundamentals a. Why Needed? i. A closed network allows no connection to a public network; although security is still an issue due to a majority of attacks coming from inside networks today Read More
Nov
06
High availability solutions often utilize virtual gateway protocol to avoid single point of failure. We are going to discuss high availability for the IPsec tunnel in the sample topology presented below. In this topology we need to protect traffic between VLAN67 and VLAN58 travelling across VLAN146 segment. In order to accomplish this, we will configure R6 to establish an IPsec tunnel with a virtual gateway representing both R1 and R4. Read More
Oct
24
One of the new technologies to be featured in the CCIE Security 3.0 blueprint is the GET VPN. This blog post will give you the basics of this new and exciting technology. Read More
Aug
02
DMVPN stands for Dynamic Multipoint VPN and it is an effective solution for dynamic secure overlay networks. In short, DMVPN is combination of the following technologies: 1) Multipoint GRE (mGRE) 2) Next-Hop Resolution Protocol (NHRP) 4) Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP) 3) Dynamic IPsec encryption 5) Cisco Express Forwarding (CEF) Assuming that reader has a general understanding of what DMVPN is and a solid understanding of IPsec/CEF, we are going to describe the role and... Read More
Jan
11
Inbound 1. QoS Policy Propagation through Border Gateway Protocol (BGP) (QPPB) 2. Input common classification 3. Input ACLs 4. Input marking (class-based marking or Committed Access Rate (CAR)) 5. Input policing (through a class-based policer or CAR) 6. IP Security (IPSec) 7. Cisco Express Forwarding (CEF) or Fast Switching Read More

Subscribe to INE Blog Updates

New Blog Posts!