Troubleshooting Cisco VIRL – Video 1

June 8, 2018 at 4:39 pm


Here is the first in a new series of videos where we will troubleshoot the most common issues with Cisco VIRL. Enjoy!

What’s New in 2018 with AWS Solutions Architect – Associate

June 7, 2018 at 5:58 pm

Interested in cloud certification, specifically the AWS platform? During his recent webinar, Anthony Sequeira discussed the updated AWS Solutions Architect – Associate exam, which can help you get up to speed with AWS, sooner rather than later.

Here are the timestamps of Anthony’s key points:

01:11 – Which exam should you take? The old one or the new one?
02:27 – A quick AWS certification disclaimer
04:35 – The new exam specs
08:58 – Why the new exam might be easier
09:44 – Breaking down domains

Solutions Architect

AWS Solutions Architect – Associate 2018 – Decoupling

June 1, 2018 at 1:23 am

Solutions Architect

As you might know – decoupling is a big deal in the new blueprint for the AWS Certified Solutions Architect – Associate level exam. In this post, I want to take a moment to outline some of the highlights of this interesting term and approach.

First of all, what the heck does it even mean – decoupling – it sure sounds like divorce! Decoupling refers to components remaining autonomous and unaware of each other as they complete their work for some greater output. This decoupling can be used to describe components that make up a simple application, or the term even applies on a broad scale. For example, many point to the fact that in public cloud computing, the architecture is decoupled in that someone like Amazon will completely handle the physical infrastructure of the network for us, while we work with the data and applications hosted on this hardware. We are not really sure what they are up to, while they are not entirely positive what the heck we are doing!

For your exam, you also need to be able to distinguish between two valid decoupling techniques in AWS – synchronous decoupling and asynchronous decoupling. Because, you know, we need to apply these two terms (synch/asynch) to just about any computer technology 😉

With synchronous decoupling, you have two components (for example) that must both always be available in order for the overall resource to function properly. While they both must always be available, they certainly are “unaware” of each other as this means they are truly decoupled.

With asynchronous decoupling, communication can still be achieved between the components even if one of the components is temporarily unavailable.

An example of synchronous decoupling in AWS would be using Elastic Load Balancing (ELB) to distribute traffic between EC2 instances that are hosted in multiple Availability Zones. Note that in order for this to function properly, you need at least one EC2 instance in each AZ. They are unaware of each other – but they both better be there or you have no load balancing. What is also great is the fact that you can add nodes to this configuration, and even later remove them, without disrupting anything!

An example of asynchronous decoupling is using the Simple Queue Service (SQS) to handle messaging between components. You can have a component temporarily go offline, and the message can be properly queued until the component is back online.

I hope this post has peeled back any curtains that might have been hanging in front of these concepts for you!

CCIE Security v5.0 Lab Equipment and Software

May 18, 2018 at 7:12 pm

This critical information is pretty buried on the Cisco site – so here you go! Easy to find here at in the CCIE Security category.

Virtual Machines:

Security Appliances

  • Cisco Identity Services Engine (ISE): 2.1.0
  • Cisco Secure Access Control System (ACS):
  • Cisco Web Security Appliance (WSA): 9.2.0
  • Cisco Email Security Appliance (ESA): 9.7.1
  • Cisco Wireless Controller (WLC): 8.3.102
  • Cisco Firepower Management Center Virtual Appliance: 6.0.1 and/or 6.1
  • Cisco Firepower NGIPSv: 6.0.1
  • Cisco Firepower Threat Defense: 6.0.1

Core Devices

  • IOSv L2: 15.2
  • IOSv L3: 15.5(2)T
  • Cisco CSR 1000V Series Cloud Services Router: 3.16.02.S
  • Cisco Adaptive Security Virtual Appliance (ASAv): 9.4(3)


  • Test PC: Microsoft Windows 7
  • Active Directory: Microsoft Windows Server 2008
  • Cisco Application Policy Infrastructure Controller Enterprise Module: 1.2
  • Cisco Unified Communications Manager: 8.6.(1)
  • FireAMP Private Cloud
  • AnyConnect 4.2

Physical Devices

Cisco Catalyst Switch

  • WS-C3850-24U 03.07.04E

Cisco Adaptive Security Appliance

  • 5512-X: 9.2(2)4

Cisco Aironet

  • 1602E: 15.3.3-JC

Cisco Unified IP Phone

  • 7965: 9.2(3)

Federation versus SSO

May 15, 2018 at 12:15 pm


I am writing this post as I teach another Nugget for the upcoming release of CompTIA Cloud+ (2018 version) at CBT Nuggets!

This topic comes up several times in the course, and for today’s Nugget it has to do with extending an existing infrastructure into the cloud. Something that becomes more popular every day in hybrid cloud environments!

Most of us are familiar with SSO (Single Sign On) as we have been configuring it in our IT networks for decades now. The idea is a user inputs their username and password once (typically at workstation log in) and then that information is passed to other applications and resources that need it.

So what is Federation and how is it different? Federation allows SSO, but without passwords! A Federation Server knows the username for the network entity and presents this to the application or service as a token. It is worth mentioning again here that there is no password involved. The SSO functions because of trust between the systems that the Federation Server is aware of.

Token passing in Federation is made possible thanks to standard identity protools like – SAML, OpenID, WS-Trust, WS-Federation, and OAuth.

Another term you might come across today is Enterprise SSO. Like “normal” SSO, a password is required, but here that password is input for the user thanks to specialized software.

I hope you found this interesting and I also hope you will join me in the upcoming Cloud+ course! Podcast – The AWS Certified Cloud Practitioner Exam 4/9/2018

April 9, 2018 at 5:54 pm

Certified Cloud Practitioner

The latest certification from AWS is here and it represents your foundation for all other AWS certifications. My latest podcast gives you all the details! 


April 6, 2018 at 4:49 pm

AWS Certification

I got this podcast idea from my friend Chris Riling at Cisco Systems. He was curious about AWS Certifications! Enjoy!