Remote password recovery for admin user on Secure Firewall Threat Defense

Alexander Viftrup Andersen published on 2023-10-09

It is required that you're able to push platform setting policies to the device(s) and possibility for external SSH authentication either through LDAP or RADIUS in order to perform this kind of recovery

What is the nlp_int_tap interface and its functionality

Alexander Viftrup Andersen published on 2023-09-03

Do you actually know what all the interfaces present on your Cisco ASA or FTD installation are doing behind the scenes?

I’m sure you’ve seen some of them, or atleast you’ve stumbled accross the interfaces “nlp_int_tap” or “Internal-Data0/1” recently during troubleshooting or debugging.

(You might have noticed other interfaces like Internal-Control and other Internal-Data interfaces. These aren’t covered in this post, but they mainly relate to internal interfacing for high-availability and clustering functionalities)

Maintain Secure Client configurations and package management with SecureX

Alexander Viftrup Andersen published on 2023-07-24

This article is outdated as SecureX has reached EoL. Last year, Cisco rebranded their famous and widely known VPN product, AnyConnect, into the Cisco Secure Client (CSC).

Intercepting HTTPS traffic and redirecting to custom block page

Alexander Viftrup Andersen published on 2022-11-25

Blocking specific internet categories or malicious activity based on DNS is becoming more popular, and often requires very little effort by the IT-department to implement.

It introduces an efficient protection/enforcement of security and policies, with relatively low “time-to-action”

Especially Cisco Umbrella which offers a range of DNS protection mechanisms does this very well - however there is a lot of different vendors which provides this kind of protection. (NGFWs might also be able to do parts of this)