Image Swap: ASA to FTD

Firewalls are a necessary component in any network environment, especially in an enterprise. Take a look at your front door, would you remove it permanently? Firewalls have evolved over the years from simple gatekeepers to complex security solutions that integrate with the rest of the network. Imagine if you could program your front door to only allow people in who wore green shirts. Once inside they would only be able to walk into the living room…on a Tuesday. My own firewall journey started years back on Juniper SSG350s then onto ASA and Palo Alto. I am currently looking into Cisco’s Firepower Threat Defense (FTD). As a fan of most things Cisco (ASA CX anyone?), FTD adds visibility to the rest of the ecosystem that might include AMP, ISE and Stealthwatch. With an ASA 5512-X in hand, my mission is to replace its ASA image with FTD. Continue reading Image Swap: ASA to FTD

MPLS: Creating an Internet Off-ramp

Yes, MPLS circuits are still being used by companies out there. Shocking! Well, actually it’s not. Even though there continues to be growth in low-cost broadband connections, some companies still utilize MPLS circuits back to their data centers from their branches around the world. Companies continue to use these circuits to connect their sites to each other. The reasons for this varies from company to company. Perhaps it is security, stability or even just a long provider contract that keeps them out there. Either way, MPLS will still be in play for some time. Many companies have not fully embraced the cloud. They host important applications in-house in a data center. Some companies funnel their branch traffic through their data center as its heads out to the internet. This has its benefits. You might only need centralized firewalls or other appliances since all traffic exits via the same egress. Companies still do this as it does save money; however as the adoption of cloud grows, this method starts to see issues. Continue reading MPLS: Creating an Internet Off-ramp