Blog

I am using kali as my Linux Distro , Also I recommend to use Ubuntu or Debian if you do not like Kali.
https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/

My Hypervisor-type 2 is VMware® Workstation 15 Pro.

How to install Install Visual Studio Code on Kali Linux 2020

sudo apt update
sudo apt install curl gpg software-properties-common apt-transport-https
curl -sSL https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add
echo “deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main” | sudo tee /etc/apt/sources.list.d/vscode.list
sudo apt update
sudo apt install code

How to Install docker
sudo apt update
sudo apt install -y docker.io
sudo systemctl enable docker –now

How to Install ansible
sudo apt install ansible

How to Install puppet
sudo apt-get install puppet

How to Install git
sudo apt install git

Python 3 already installed in kali 2020.x to run it type python3
How to Install pip for python3
sudo apt-get install python3-pip

How to Install geany (Sometimes I used instead of VSC)
sudo apt-get install geany

VMS you might need like gitlab and MongoDB ,Neo4j ,PostgreSQL ,MySQL ,ELK ,NGINX Open Source:
https://bitnami.com/stacks/virtual-machine

You will need also GNS3 to practice with ansible

https://www.gns3.com/software/download

Python libraries you will work with during the course:
flask
socket
MySQLdb
os
sys
argparse
subprocess
json
unittest
requests
urllib3
netmiko
meraki
pprint
time
datetime
yaml
logging
fdm
ucsmsdk

Devnet Sandboxes to practice with webex teams , Intent API , Meraki , etc:
https://developer.cisco.com/site/sandbox/

Play with docker online:
https://labs.play-with-docker.com/

UCS Platform Emulator UCSPE 4.1
You will need UCS Manager so you can communicate with it using APIs

https://community.cisco.com/t5/unified-computing-system/ucs-platform-emulator-downloads-ucspe-4-1-2cpe1-ucspe-4-0-4epe1/ta-p/3648177

Terraform basic files structure is required , you can use the following links:

https://collabnix.github.io/terraform/

https://mikhail.io/lab/terraform/

Webex Teams and Meraki and how to ChatOps between them

You can use DevNet Sandboxs but first create account in webex Teams

Kindly note that

kubernetes and kubectl command are also required from you

For practice you can use https://www.katacoda.com/

Graylog from https://www.graylog.org/

HAProxy from http://www.haproxy.org/

Good Luck

Yasser Ramzy Auda

Legend :
Cisco CDO = Cisco Defense Orchestrator
Cisco FTD = Cisco Firepower Threat Defense
Cisco FMC = Cisco Firepower Management Center
Cisco FDM = Cisco Firepower Device Management
Cisco FXOS = Cisco Firepower eXtensible Operating System

————————————————————————————————–

Cisco FTD is unified code for firewall capabilities AND IPS capabilities
Cisco FMC is your application to manage FTD devices (off-box)
Cisco FDM is your application to manage one FTD device (on-box)
Cisco FXOS is underlay OS in Cisco Firepower 4100/9300 chassis where you can install above it ASA , FTD , Radware DDoS software ( AS three physical modules in one chassis )

Cisco CDO is your cloud application to manage ASA , ASA 5500-X with FirePOWER Services , Firepower 2100/4100/9300

Cisco Firewalls that can use FTD are ASA 5500-X with FirePOWER Services , Firepower 2100/4100/9300.

Cisco FMC can manage also Firepower 7000/8000 and Firepower Services for Cisco ASA.

Cisco FXOS is the underlying operating system that manages hardware platforms like FP4100 and FP9300.

Those platforms can run different applications on them, such as FTD  ,Cisco ASA image, or even a third-party software like Radware anti-DoS.

————————————————————————————————–

In old days we used to have the following:
ASA is device with code for firewall capabilities only
ASDM is your application to manage ASA devices
Firepower 7000/8000 device with code for IPS capabilities only
Cisco FMC (aka FireSIGHT)  is your application to manage Firepower 7000/8000 and other Firepower devices
ASA with Firepower is device for firewall capabilities AND IPS capabilities, this code could be unified (FTD) or separate ASA code + Firepower (ips) code , in this case only Firepower code can be managed by Cisco FMC , for ASA we use ASDM.

————————————————————————————————–

Lets not forget Cisco firewall for ICS and IoT networks ISA 3000:
Cisco Industrial Security Appliance 3000 platforms can run either the Cisco ASA Firewall, Cisco ASA Firewall plus Sourcefire FirePOWER (ASA+FP) or Cisco Firepower Threat Defense (FTD).

Also for small business we have Meraki MX Series Firewall

Cisco Firepower Compatibility Guide
https://www.cisco.com/c/en/us/td/docs/security/firepower/compatibility/firepower-compatibility.html

 

If you download Kali 2020 version
https://www.kali.org/releases/kali-linux-2020-1-release/

,You might need to read this

Default username: kali password: kali

no more root/toor by default

To type commands need admin rights such as ifconfig , you use sudo , example:
sudo ifconfig

root account still exists , if you want to use it , follow the following steps:
1: Issue command “sudo su” in terminal
2: Enter the password for the kali account
3: Issue command “passwd root” in terminal
4: Make a password for the root account and retype it
5: Click logout and type
username: “root” (no caps) and
password: “{the one that you entered at step 4}”

KALI interface can looks like Windows 10 if you want that , open terminal and type:
kali-undercover
To stop it run the above command again (its just a script)

Also PowerShell is now can be run in Kali, bring the ability to execute PowerShell scripts directly on Kali ,to install the feature type:
apt update
apt install powershell
To run powershell in your Kali terminal type:
pwsh

To run powershell in your Kali terminal type:
exit

List of Kali 2020 Hacking tools:

https://tools.kali.org/tools-listing

Be aware that some tools versions are updated and coming with new GUI as well such as Ettercap

Kali 2020 removed all tools based in Python version 2  but unfortunately Kali OS still coming by default with python 2.7 , you will need to install python 3.8 by yourself.

 

Yasser Ramzy Auda

 

I started with SD-WAN end of 2019 when a customer asked  to set with me for few days to explain Cisco SD-WAN.

I followed Cisco SD-WAN Operation and Deployment (ENSDW) course outline.

While I am preparing, I found all viptela components and terminology were really easy to understand.

The 4Vs in cisco viptela are similar to the three VeloCloud Components etc

But since I knew that my training could be change to  a  consultation session , I asked myself ,

WHY , WHY we are doing SD-WAN ?

And I found that the answer is also the same answer for another question which is

What is next?

What is next after implementing transport connections (colors) to connect my branches with HQ using MPLS , 4G …etc?

To answer that I decide to think like I am the customer and since nowadays, the majority of enterprise traffic flows to public clouds and the Internet, I found the following:

I need to see the connections between my HQ/ branches automated, smart and policy based with centralized management.

I need to have the capability to add more branches without touching or changing anything in my color

I need to have the capability to automate my QoS settings and make it change dynamically based in real time bandwidth monitoring

I need to have capability to communicate over my SD-WAN fabric with my cloud services such as office 365 & Salesforce.com (SaaS) or even communicate with branch that is completely exists in AWS (IaaS)  .

Also how all of this will be secure and how security services layer can be added dynamically to all of it.

SD-WAN try to help us with these new requirements for security, application performance, cloud connectivity, WAN management, and operations

It fully integrates routing, security, centralized policy, and orchestration into large-scale networks.

It is multi-tenant, cloud-delivered, highly-automated, secure, scalable, and application-aware with rich analytics.

With Cisco SD-WAN Cloud OnRamp, the SD-WAN fabric continuously measures the performance of a designated application through all permissible paths from a branch (i.e. MPLS, Internet, and 4G LTE).

The Cisco SD-WAN fabric automatically makes real-time decisions to choose the best-performing path between the end users at a remote branch and the cloud application.

What all of the above doing with MPLS? The simple answer is nothing

MPLS is just one of many a underlay networks we can use to have our overlay SD-WAN fabric

I can say people who compare MPLS with SD-WAN are not really understand what is SD-WAN.

Also they skip the fact that MPLS is not only MPLS L3 VPN.

Anyway , replacement for MPLS as transport option  could be a high speed Internet connection (if we can ensure privacy to it).

Another more realistic replacement option for MPLS could be SRv3 , specially when to come to MPLS TE.

I wrote this article as introduction to cisco SD-WAN:

https://learningnetwork.cisco.com/s/article/cisco-sd-wan-introduction-part-1

Also Cisco SD-WAN Viptela Resources and prerequisites:

https://learningnetwork.cisco.com/s/article/cisco-sd-wan-viptela-resources-and-prerequisites

Yasser Ramzy Auda