Today I kicked off my Cisco Live 2018 conference in Barcelona. This is my first visit to the city and my first Cisco Live event which I am very excited about. Especially after I’ve carried out a lot of research in the build-up to this event by looking back at previous years to learn what to expect while attending.
Within my role as Senior Professional Services Consultant at Concorde Technology Group, I act as the technical lead for Cloud and Security. With this in mind, my focus for the week ahead will be based around these Cisco technologies and I have booked in a number of sessions throughout the week, which cover both of these topics (more blogs to come in the next few days).
My focus today, however, was to explore what else the event has to offer (which is a lot), including some hands-on labs, and visit some of the different Cisco booths including meeting the engineers and the very impressive DevNet Sandbox team!
After the very easy registration process, I decided to take a trip to the “Hub” area to explore what it had to offer. Being a very hands-on type of person I was itching to do some labs, so I went across to the DevNet Sandbox team. The DevNet Sandbox offers a host of different free labs that customers and partners can take part in while in a sandboxed environment. The subject matter is also very impressive and includes multiple Networking, Cloud and Security sandboxed environments. I spent about 1 hour with the DevNet team going through the process of accessing the material and I was really impressed with the content and the skill set it covers. Regardless if you are new to the subject or very technical and need to test something, the content covers it all.
For more information, I would recommend visiting developer.cisco.com/sandbox and have a play with the different sandboxed labs that are available.
Speaking to the DevNet Sandbox team made me, even more, itchier for some hands-on labs so I headed over to the ‘Walk in hands-on labs’. Again the subject matter covered a lot of different aspects including Cloud, Security and IOT (to mention a few). One thing on my Cisco Live bucket list was to set up and demo Cisco Umbrella. For those of you reading that are unaware of this product, Cisco Umbrella uses the Internet’s infrastructure to block a malicious destination before a connection is ever established and delivers security from the cloud.
The lab I took part in included setting up this platform for an internal network, Integrating with Active Directory, configuring and installing roaming clients (both AnyConnect and Umbrella) and customising different policies. Firstly, setting up the portal and adding my internal network to use the service took minutes which was a big surprise. All I needed to do was add my public IP address to a network, and update the DNS forwarders on my Domain controllers to point to Open DNS. The only part it didn’t cover in the lab was a requirement for opening ports 443 if you have a firewall, as in the lab environment was already open.
Once my network was working with Cisco Umbrella I was then able to configure the Active Directory integration. This allowed Umbrella to listen to the Domain controllers for user and computer logins via Security Event log, as well as enabling IP-to-user and IP-to-Computer mappings for the reporting which is a feature a lot of customers require when it comes to reporting. The roaming clients feature was also very impressive as it enables you to protect machines that are not on your network. You are able to use both Cisco AnyConnect (if you already use this) or the Umbrella Roaming client (If you don’t use AnyConnect) and install this on devices that are going to be away from your internal network. I was really impressed at the ease of deploying this, which included a ready to download script which can be deployed via Group Policy.
The final part of the lab was configuring the policies which dictate the security protection settings as well as block/allow lists and policies that control log levels and block splash page. All in all, I found the Cisco Umbrella product very user-friendly and a comprehensive tool that will protect your network and Infrastructure against malware and virus attacks from outside your network. The one drawback is that this product does not cover email scanning, but does include some level of SMTP protection.
The final part of my day included a visit to the Cisco Live library for some last minute cramming for my CCNA Routing & Switching exam…but you will need to wait for another blog later this week to hear about that.
Author: Shabaz Darr, Senior Professional Services Consultant at Concorde Technology Group