FMC – AMP Malware Inspection
KB ID 0001159 Problem If you take a look in your SourceFire dashboard, and there is no data shown on the malware threat section like so; Solution The message is pretty descriptive, and it’s telling you exactly what you need to do. Now I’m making the assumption that you have added a valid AMP / Malware licence like so; Policies > Access Control > Edit your access control policy > Then Edit the file policy. Add in...
Windows 10 – Installing IIS
KB ID 0001158 Problem I needed to get a web server up and running today, so I could upload some files into a firewall via http. I have a copy of Windows 10 running on my mac in VMware fusion, so that’s what I thought I would use. Solution Open a command window and run appwiz.cpl > Turn Windows features on or off > Internet Information Services > OK > Follow the instructions. Now to test, open a browser window and...
Mac OSX and Linux – Quick and Dirty Web Server
KB ID 0001157 Problem I was clearing out some old emails yesterday, and saw one my colleague Steve had sent me. It was info on how to fire up a quick web server on your mac. It wasn’t until I took a look at it, I realised how handy it was. After some reading, I found that it was not only possible on a mac, but on other flavours of Linux as well, (as long as they support ‘python’ and have it loaded). WHAT USE IS...
AnyConnect Group Authentication With Cisco ISE and Downloadable ACLs (Part 2)
KB ID 0001156 Problem Carrying on from PART 1 Solution Add > Create Before. Edit the Policy Giv the policy set a name and description > Create a new condition. Set Description to Device Type. Equals > All Device Types (The Device Group You Created Above). Add attribute value. Set Description to RADIUS. NAS-Port-Type-[61]. Equals > Virtual. Edit the Authentication Policy. Change the identity source to the the identity...
AnyConnect Group Authentication With Cisco ISE and Downloadable ACLs (Part 1)
KB ID 0001155 Problem To be honest it’s probably a LOT easier to do this with Dynamic Access Policies, but hey, if you have ISE then why not use it for RADIUS, and let it deploy downloadable ACL’s to your remote clients and give them different levels of access, based on their group membership. I’m going to keep things simple, I will have a group for admins that can access anything, and a group for users that can only...