Guest

Security

TAC Security Show Podcasts

The Cisco TAC Security Podcast Series is created by Cisco TAC engineers. Each episode provides an in-depth technical discussion of Cisco product security features, with emphasis on troubleshooting.

Subscribe to Podcast Series:   RSS icon iTune icon

Current Episodes

26 August 2014

Episode 43 - TAC Security Podcast - ASA Version 9.2 and Interesting TAC Cases

Speakers: Jay Johnston, Magnus Mortensen, Michael Robertson, Kevin Klous

The podcast panel discusses some of the new features introduced in ASA Version 9.2. Then they discuss recent TAC cases that were triggered by very interesting network problems.
Listen Now (MP3 - 24.4 MB; 57:15 min)
Read Show Notes

05 May 2014

Episode 42 - TAC Security Podcast - The Cisco Secure Development Lifecycle

Speakers: Jay Johnston, David White Jr., Chris Romeo, Lisa Meyers McDonald

The podcast panel talks with Chris Romeo and Lisa Meyers McDonald from the Cisco Trustworthy Systems Organization all about the Cisco Secure Development Lifecycle.
Listen Now (MP3 - 24.7 MB; 25:42 min)
Read Show Notes

01 April 2014

Episode 41 - TAC Security Podcast - Troubleshooting ASA Clustering

Magnus Mortensen, Jay Johnston, David White Jr.

This the second podcast episode focusing on ASA Clustering technology. The podcast panel explains the 'life of a packet' through a cluster of ASAs, and the different connection types introduced with the clustering feature. Finally, the team discusses how to troubleshoot connectivity problems through a cluster.
Listen Now (MP3 - 43.0 MB; 44:47 min)
Read Show Notes

05 February 2014

Episode 40 - TAC Security Podcast - Intro to ASA Clustering

Magnus Mortensen, Jay Johnston, David White Jr.

The podcast panel discuss the motivations for using the new ASA clustering feature, and the basics for how a cluster of ASAs handles traffic. Different cluster deployment modes (Spanned Etherchannel vs. Layer 3 mode) and clustering concepts are discussed, along with best practices for a successful cluster deployment.
Listen Now (MP3 - 40.2 MB; 41:50 min)
Read Show Notes

18 December 2013

Episode 39 - TAC Security Podcast - Voice Security Concepts and Best Practices

Speakers: Magnus Mortensen, Justin Betz, John Casale, Tim Tesluk

Justin, John and Tim from the Cisco Voice TAC teams join Magnus to discuss the basic concepts behind voice security. They then cover best practices, and common problems that administrators encounter when deploying secure voice technologies.
Listen Now (MP3 - 35.5 MB; 36:49 min)
Read Show Notes

11 Novemenber 2013

Episode 38 - TAC Security Podcast - Introduction to OnePK

Speakers: Jay Johnston, David White Jr., Joe Clarke

Jay and David and Joe discuss OnePK technology and how to get started writing custom OnePK apps.
Listen Now (MP3 - 19.9 MB; 21:44 min)
Read Show Notes

10 September 2013

Episode 37 - TAC Security Podcast - ASA Network Address Translation (NAT)

Speakers: Jay Johnston, David White Jr.

Jay and David discuss the new NAT configuration style introduced with ASA version 8.3. The overall approach to configuring NAT are discussed, along with troubleshooting techniques, and best practices.
Listen Now (MP3 - 34.5 MB; 37:46 min)
Read Show Notes

27 August 2013

Episode 36 - Network Management at Cisco Live! 2013

Speakers: Jay Johnston, David White Jr., Joe Clarke

Joe and the podcast team discuss managing the network at Cisco Live! this year, and what specific steps, tools and best practices were employed to make the network successful.
Listen Now (MP3 - 22.1 MB; 22:58 min)
Read Show Notes

16 July 2013

Episode 35 - Identity Services Engine v1.2

Speakers: Magnus Mortensen, Jay Johnston, Jesse Dubois, Aaron Woland.

Jesse Dubois, TAC engineer, and Aaron Woland, Identity Services Engine (ISE) Technical Marketing Engineer, discuss version 1.2 of the ISE solution. Discussion focuses on new features, the upgrade process, and tips and tricks to get the most out of your ISE deployment.
Listen Now (MP3 - 37.88 MB; 41:22 min)
Read Show Notes

15 July 2013

Episode 34 - Cisco Live! 2013 Orlando Florida

Speakers: Magnus Mortensen, Jay Johnston, David White Jr.

The panel set up a recording table in the hallways of Cisco Live! 2013 in Orlando Florida, to talk to our customers and partners about security technologies and the Cisco Live event.
Listen Now (MP3 - 55.9 MB; 58:15 min)
Read Show Notes

10 June 2013

Episode 33 - Virtual Security: The ASA1000v and Virtual Security Gateway

Speakers: Rama Darbha, Michael Robertson, Magnus Mortensen, Jay Johnston, David White Jr.

This episode focuses on some of Cisco's Virtual Security Appliances, the ASA1000v, the Virtual Security Gateway (VSG) and the Virtual Network Management Center (VNMC). Rama Darbha and Michael Robertson discuss how administrators can use these products in their virtual environments, as well as the packet forwarding path and troubleshooting techniques for these products.
Listen Now (MP3 - 32 MB; 44:25 min)
Read Show Notes

28 March 2013

Episode 32 - Investigating Syslogs: Tips and Tricks

Speakers: David White Jr., Jay Johnston, Magnus Mortensen

The panel discusses best practices for configuring devices to generate syslogs, and how the TAC investigates syslogs provided by customers. Tips and tricks for parsing through large syslog files, as well as techniques and tools for finding useful information are discussed.
Listen Now (MP3 - 15.9 MB; 22:01 min)
Read Show Notes

21 February 2013

Episode 31: A look into ASA Quality with the Quality Assurance Team

Speakers: David White Jr., Jay Johnston, Magnus Mortensen, and special guest Paul Larue

This episode provides a peek behind the scenes at Quality Assurance for the Cisco ASA Software, featuring special guest Paul Larue (Technical Leader with Cisco Engineering). The panel discusses the different types of tests that occur at all stages of the ASA software development lifecycle and the continued focus on quality.
Listen Now (MP3 - 17.73 MB; 25:50 min)
Read Show Notes

12 September 2012

Episode 30: Introducing FlexVPN

Speakers: Magnus Mortensen, Jay Young, Wen Zhang and Frederic Detienne

Magnus interviews a panel of VPN experts on a new shift in VPN technologies, Flex VPN. The panel includes VPN escalation engineers Wen and Jay Young as well as a special guest, Frederic Detienne. Fred hails from our Brussels location and is a Distinguished Support Engineer specializing in VPN and crypto technologies. The crew talks about Flex VPN and the new IKEv2 technology.
Listen Now (MP3 - 38.7 MB; 40:16 min)
Read Show Notes

22 August 2012

Episode 29: Cisco Live! 2012 San Diego

Speakers: David White Jr., Jay Johnston, Magnus Mortensen, Blayne Dreier, Tom Alexander, Jay Young-Taylor, Wen Zhang, Andrew Yourtchenko, Randy Riviera

The podcast team returns to Cisco Live! in San Diego to give presentations, deliver lab trainings, and tape an episode of the Cisco TAC Security Podcast! The team talks to several customers about topics such as ASA VPN Client to Anyconnect migration, IPv6 use at Cisco Live, and much more.
Listen Now (MP3 - 18.2 MB; 25:19 min)
Read Show Notes

14 June 2012

Episode 28: The History of the PIX

Speakers: David White Jr., Jay Johnston

Jay and David discuss the history of the PIX platform. Topics include the different PIX hardware types, how the software changed over time, the motivation for some of the features that were added, and also how the history of the Firewall Services Module, PIX and ASA are intertwined.
Listen Now (MP3 - 15.7 MB; 22:57 min)
Read Show Notes

23 May 2012

Episode 27: IOS Embedded Event Manager

Speakers: David White Jr., Jay Johnston, Magnus Mortensen, Joe Clarke

Special guest Joe Clarke discusses the capabilities of IOS Embedded Event Manager. The panel discusses some very interesting use cases for EEM, and how it can be used to add new features to IOS as well as aid in troubleshooting complex network problems. A special listener challenge is given at the end of the show!
Listen Now (MP3 - 19.3 MB; 28:13 min)
Read Show Notes

06 Mar 2012

Episode 26: Troubleshooting IPSec VPNs

Speakers: David White Jr., Blayne Dreier, Jay Johnston, Magnus Mortensen, Jay Young-Taylor, Wen Zhang

Special guests Wen Zhang (Cisco TAC) and returning guest Jay Young Taylor (Cisco TAC) discuss the methodologies and approaches to troubleshooting IPSec VPN problems. The team discusses the best way to use show commands, debug output, and troubleshooting tools to get your VPN tunnels up and passing traffic!
Listen Now (MP3 - 29.3 MB; 42:42 min)
Read Show Notes

27 Jan 2012

Episode 25: Understanding DMVPN and GETVPN

Speakers: David White Jr., Blayne Dreier, Jay Johnston, Magnus Mortensen, Jay Young-Taylor, Wen Zhang

Special guests Wen Zhang (Cisco TAC) and returning guest Jay Young Taylor (Cisco TAC) discuss the differences between the DMVPN and GETVPN technologies. Deployment scenarios, as well as case studies and common customer TAC cases are discussed.
Listen Now (MP3 - 39.4 MB; 57:26 min)
Read Show Notes

Contact Us

Have questions about an upcoming podcast? Want to offer feedback about a specific episode?
Submit question or feedback

Related Tools
Related Links

Past Episodes

05 Dec 2011

Episode 24: The Cisco Identity Services Engine

Speakers: David White Jr., Blayne Dreier, Jay Johnston, Magnus Mortensen, Jesse Dubois, Aaron Woland

Special guests Jesse Dubois (Cisco TAC) and Aaron Woland (Cisco TrustSec Engineer) talk with the team about the new Cisco Identity Services Engine. The discussion provides an overview of the ISE solution, deployment best practices and common problems, and hot issues and troubleshooting techniques, as well as monitoring.
Listen Now (MP3 - 26 MB; 37:50 min)
Read Show Notes

31 Oct 2011

Episode 23: The Cisco ASA Services Module

Speakers: David White Jr., Blayne Dreier, Jay Johnston, Magnus Mortensen

This episode features discussion about the new Cisco ASA Services Module (ASASM). Topics discussed include the hardware architecture differences between the ASASM and the Firewall Services Module (FWSM), new features introduced with the ASASM, and FWSM to ASASM migration tools and strategies.
Listen Now (MP3 - 21.9 MB; 32:02 min)
Read Show Notes

08 Sep 2011

Episode 22: How Cisco uses the Web Security Appliance to protect its network

Speakers: David White Jr., Blayne Dreier, Jay Johnston, Magnus Mortensen, Zack Shaikh, Jeff Bollinger

Jeff Bollinger (Cisco Information Security Investigator), and Zack Shaikh (Cisco TAC engineer specializing in the Ironport Web Security Appliance) join the panel for a discussion about the WSA product. Then Jeff shares how Cisco is dploying WSAs to protect its own network from threats on the web, and some lessons he's learned along the way.
Listen Now (MP3 - 36.5 MB; 51:51 min)
Read Show Notes

03 Aug 2011

Episode 21: Cisco Live! Las Vegas 2011

Speakers: David White Jr., Blayne Dreier, Jay Johnston

The podcast team brought their recording equipment along to Cisco Live! in Las Vegas to talk to Cisco customers about their impressions of Cisco Live and some of the classes they are taking, and also how they use Cisco security products.
Listen Now (MP3 - 21.9 MB; 31:56 min)
Read Show Notes

06 Jun 2011

Episode 20: This Week In TAC!

Speakers: David White Jr., Blayne Dreier, Jay Johnston, Magnus Mortensen, Justin Betz, Michael Robertson, Rama Darbha

This episode features discussion about interesting customer TAC cases that were tackled this week by the Firewall team in Research Triangle Park, North Carolina. Rama Darbha walks us through a problem with CPU HOGS and SNMP monitoring on an ASA. Justin Betz discusses a DHCP-Relay problem caused by a NAT translation issue on a FWSM. Mike Robertson discusses a FWSM issue where a UDP network attack was taking place, and David White Jr. discusses how he determined what extra padding data was being added to ICMP packets that were so small they violated a RFC.
Listen Now (MP3 - 29.2 MB; 42:32 min)
Read Show Notes

03 May 2011

Episode 19: Troubleshooting the NAC Appliance

Speakers: Jay Johnston, Magnus Mortensen, Nevin Absher, Blayne Dreier

This episode focuses on the Network Admission Control (NAC) appliance, with special guest Nevin Absher from the Cisco AAA TAC Team in RTP, NC. The discussion starts with a basic introduction to how network administrators can use the NAC appliance to control access to the network in various deployment scenarios. The discussion then moves to NAC deployment and operation best practices as well as specific issues that some administrators encounter when deploying the solution, and how to avoid them. NAC troubleshooting methodologies and techniques are also discussed.
Listen Now (MP3 - 24.02 MB; 36:39 min)
Read Show Notes

19 Apr 2011

Episode 18: Useful ASA and IPS Commands and Features You Might Not Know About

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier

While working in the Cisco Technical Assistance Center, we utilize troubleshooting commands and techniques everyday that many Cisco customers aren't aware of. In this episode we highlight some of our favorite ASA and IPS one-line commands, and explain when to use them and how to interpret the output. In the show notes for the episode, we give sample output for each command.
Listen Now (MP3 - 28.3 MB; 41:16 min)
Read Show Notes

01 Mar 2011

Episode 17: Answering Questions From The Cisco Support Community

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier

The panel discusses the Cisco Support Community and the benefits it offers to Cisco customers, partners, and Cisco employees. Online discussions, collaborating on technical documents, as well as blogs and technical videos are discussed. Then, the group answers interesting questions raised by the community about the Cisco Advanced Security Appliance and Intrusion Prevention System.
Listen Now (MP3 - 23.3 MB; 32:22 min)
Read Show Notes

01 Feb 2011

Episode 16: Mitigating a SQL attack with ASA, IPS and IOS Firewall

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier

The panel discusses the concept of a SQL Injection Attack, and explains how this type of attack can be mitigated using the Cisco Adaptive Security Appliance (ASA), Cisco Intrusion Prevention System (IPS) and Cisco Zone-Based IOS Firewall (IOS Firewall). A real-world proof of concept is discussed, along with specifics about the various configurations required to stop the attack.
Listen Now (MP3 - 22.3 MB; 32:28 min)
Read Show Notes

12 Nov 2010

Episode 15:Using Certificates on the ASA and IOS platforms

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier, Jay Young-Taylor

This episode is all about digital certificates and how they can be used on the ASA and IOS platforms. The discussion starts with the basic concepts behind certificates and PKI, as well as the motivations for using certificate authentication. The discussion continues with best practices (such as backing up keypairs and trustpoints) and common customer problems and TAC cases.
Listen Now (MP3 - 23.9 MB; 33:09 min)
Read Show Notes

28 Sep 2010

Episode 14:TCP connections through the ASA and FWSM

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier

This episode focuses on TCP connections through the ASA and FWSM platforms. The panel discusses the TCP security checks performed by the Cisco firewalls and how to modify the TCP settings to adjust the firewall behavior for specific network conditions. TCP throughput optimization, techniques for monitoring TCP connections, and some common TAC issues are also discussed.
Listen Now (MP3 - 34.5 MB; 47:57 min)
Read Show Notes

26 Jul 2010

Episode 13:HTTP filtering on the ASA

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier

The panel discusses the http filtering capabilities of the ASA platform including custom http inspection, url-filtering, wccp capabilities and the Content Security Control (CSC) Module configuration and troubleshooting.
Listen Now (MP3 - 24.9 MB; 36:20 min)
Read Show Notes

11 Jun 2010

Episode 12:Securing Cisco Routers

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne, Dreier, Wen Zhang

Learn how to increase the security of Cisco routers. The panel discusses operational best practices and use of features such as authentication, authorization and accounting (AAA), control-plane policing, syslogging, configuration archiving, password types and Cisco IOS Embedded eEvent Manager.
Listen Now (MP3 - 49.3 MB; 35:01 min)
Read Show Notes

05 May 2010

Episode 11:ASA Anyconnect VPN

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier, Jay Young-Taylor

The ASA AnyConnect client is the next evolution in Remote Access VPN connectivity. In this episode the panel discusses the advantages of the AnyConnect client, strategies for migrating from the IPSec VPN client to AnyConnect, and package deployment tips. Additional topics include troubleshooting techniques, common AnyConnect problems, and methods for monitoring AnyConnect usage.
Listen Now (MP3 - 50.7 MB; 36:56 min)
Read Show Notes

16 Apr 2010

Episode 10:ASA Version 8.3

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier

The panel discusses the features introduced with the new Adaptive Security Appliance (ASA) version 8.3. Information about the differences between 8.3 and previous versions, new memory requirements for version 8.3, as well as information about the upgrade process are discussed.
Listen Now (MP3 - 56 MB; 40:48 min)
Read Show Notes

09 Mar 2010

Episode 9:Multiple context mode on the ASA and FWSM platforms

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier

This episode features conversation about the multiple context mode available with the Firewall Services Module (FWSM) and Advanced Security Appliance (ASA) platforms. The pros and cons of multiple context mode are discussed, along with some common deployment scenarios, best practice design considerations, and issues faced by customers who contact the TAC.
Listen Now (MP3 - 52.30 MB; 38:06 min)
Read Show Notes

08 Feb 2010

Episode 8:ASA Advanced Application Protocol Inspection

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier

In this episode, the panel reviews the application protocol inspection features available on the ASA platform. The individual operation and features of the protocols are discussed.
Listen Now (MP3 - 42.60 MB; 31:05 min)
Read Show Notes

07 Jan 2010

Episode 7:Monitoring Firewall Performance

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier

Learn about personal computing choices and software tools used in the TAC to diagnose customer problems. The panel also reviews techniques and methods for monitoring firewall performance and identifying performance problems.
Listen Now (MP3 - 49.30 MB; 34:30 min)
Read Show Notes

07 Dec 2009

Episode 6:Tips for Taking the CCIE Security Exam

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier

Learn helpful study techniques, time management, and test taking strategies for the CCIE Security Exam.
Listen Now (MP3 - 49.30 MB; 55:47 min)
Read Show Notes

04 Nov 2009

Episode 5:Troubleshooting Firewall Failover, Part 2

Speakers: Jay Johnston, Kurt Chapman, David White Jr., Blayne Dreier

The panel of experts discusses the software version terminology and release process for the ASA, PIX and FWSM platforms. The episode then continues with part 2 of troubleshooting firewall failover.
Listen Now (MP3 - 49.30 MB; 33:27 min)

01 Oct 2009

Episode 4:Troubleshooting Firewall Failover Part 1; Guest Omar Santos from PSIRT

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier, Omar Santos

Guest speaker Omar Santos from the Cisco PSIRT team discusses how Cisco handles product security vulnerabilities. Then the panel discusses the failover functionality of the ASA, PIX, and FWSM platforms in part one of our discussion of firewall failover, which spans two episodes. The next episode focuses on troubleshooting failover problems.
Listen Now (MP3 - 49.3 MB; 35:54 min)

10 Aug 2009

Episode 3:Transparent Firewall Mode; Lifecycle of a TAC Case

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier

In this episode, the panel discusses the lifecycle of a TAC service request, how customers can help expedite case resolution, and configuration and troubleshooting of transparent firewall mode on the ASA and FWSM platforms.
Listen Now (MP3 - 48.8 MB; 35:34 min)

01 Jun 2009

Episode 2:New Features Introduced with ASA Version 8.2

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier

In this episode, TAC engineers discuss how they use the Cisco labs to solve customer service requests. New features introduced with ASA version 8.2 are also discussed.
Listen Now (MP3 - 44.00 MB; 32:03 min)
Read Show Notes

29 May 2009

Episode 1:Using the Packet Capture Utility for Troubleshooting

Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier

In this episode, Cisco TAC engineers discuss the new RSS feed for customer issues currently being seen in the TAC. Learn how to resolve connectivity issues using the packet capture utility built in to the Cisco Adaptive Security Appliance (ASA), PIX Firewall, and Firewall Services Module (FWSM)platforms.
Listen Now (MP3 - 53.8 MB; 39:12 min)
Read Show Notes