Cisco Champion 2016 !

 

 

You’ve probably seen this kind of tweet with hashtag #CiscoChampion, where nominees showed their gratitude for having been elected  Cisco Champion by Cisco.

ciscochampion2016CiscoChampion2015

Yeeaaah !!! For the second year I was honored by Cisco  to be a Cisco Champion in Security. Thank you once again Cisco to renew me your trust.

So What is a Cisco Champion ?

Just be passionate about technology Cisco (and others in general) and especially eager to share his knowledge through social networks such as twitter, Cisco’s Blog or a blog like mine.

In addition to sharing their insights and expertise, Cisco Champions make a difference by:

  • Supporting their peers in social communities, forums, and networks
  • Sharing their relevant experiences and thoughts on Cisco blogs
  • Providing valuable feedback directly to Cisco
  • And more

Cisco Champions have a unique opportunity to contribute to and enhance the way people use the latest technologies. They also receive:

  • Recognition for their contributions
  • Invitations to exclusive events
  • Opportunities to directly communicate with Cisco employees

Benefits of being a Cisco Champion?

Benefits of the Cisco Champions program include, but are not limited to:

  • Exclusive meeting and event opportunities
  • Special access to certain technology groups and executives
  • Invitations to provide feedback to Cisco on various topics
  • Access to a private online community initiated by and for Cisco Champions
  • Sneak peeks
  • A digital Cisco Champion badge that can be used in email signatures, websites, and social networks during the membership years.

I received last year this Certificate  follow by some stick CiscoChampion, Probably we will receive the same for this year …

 

My favorite is the badge that can be stapled to the jacket !!!

Beyond all these goodies, share knowledge, learn new technologies and receive such recognition is the most important thing.

 

 

Src:  Cisco Blog 

Cisco Next-Generation Firewall (NGFW)

In our Technomaxresdefaultlogies Category I would like to talk about  Cisco Next Generation Firewalls.

Last year , Cisco gained strength in next-generation firewalls via Sourcefire code.The official acquisition of Sourcefire by Cisco on October 2013, has allowed him to build a firewall unique its kind.

With this acquisition, Cisco has been able to expand its range and skills in security area.  This approach is a vision of security that is to intervene before the attack, during the attack and After attack.

Cisco – SourceFire …

Cisco is historically known for his expertise on before the attack, this is the security access where Cisco  excelled for many years, while SourceFire is rather an expert after the attack, Forensic, the detection of intrusion, the management of security events. So the fusions of two companies in terms of skills and technology solutions provide completeness that can provide new solutions related to the attacks.

Historically …
There’s 10 years iASA 5500-2t was used firewalls that were intended to  open  and control ports because of attacks of the protocols types. But hackers have moved quickly their interest to take part of application vulnerabilities to launch attacks, so we started talking about Application Firewall , Next-Generation Firewall.Today almost all the attacks are carried through illegal and authorized applications. So we must be interested in the threat, to attack itself to be able to make good decisions; just the application control is not enough.

Example …

If weimages (2) imagine an attack whose goal is to exfiltration of data, then the first phase of the attack is to send a phishing email to a user to control his machine.Typically this will pass through an authorized port and an authorized application:email application.

So far there was no Exploit on the mall itself, it’s just the content that contains the threat ; we will have much interest to know the threat in order to make a decision.
As this attack aims to exfiltration information, so hackers will make sure to pass through authorized flows, in order to get out of the network and outputs the data (it will be https, ssh).
Once again as are authorized flows, we will have fewer means to make the right decision based on the application only : It will take several correlate security events that match informations managing the threat. Hence the Firewall Next-Gen with IPS next-Gen.

What is this Firewall ? …

It encompasses several areas, the basic of connection and routing is Cisco ASA technology, which is known for its advanced-threat-security-cyber-security-for-the-real-world-15-638robustness and performance, and is now the most deployed firewall in the world. The part of application control and IPS Next-Gen intelligence are the legacy of SourceFire.

Customers…
All customers who have an ASA X in their network have the ability to implement the full functionality of next generation firewall by upgrading, the aim is to bring more functionality on what already works.

Securing Cisco Network with Threat Detection and Analyst – (SCYBER)

CyberSecurity Specialist
CyberSecurity Specialist

I would like to introduce you to the  Cisco Certification called SCYBER.

The Securing Cisco Networks with Threat Detection and Analysis (SCYBER) (600-199) is a 1.5-hour exam with 50−60 questions.

This exam is associated with the Cisco Cybersecurity Specialist certification. Candidates can prepare for this exam by taking the Interconnecting “Securing Cisco Networks with Threat Detection and Analysis”course.This exam tests a candidate’s knowledge and skills required to proactively detect and mitigate network security threats by leveraging features that exist in Cisco and other industry network security products today.

Designed for professional security analysts, the exam covers essential areas of competency including event monitoring, security event/alarm/traffic analysis, and incident response. The exam is closed book and no outside reference materials are allowed.

My experience with this certification is the following:

Some months ago ( February) after I passed my CompTia Security + Certification , I was looking for the  next certification to prepare.

My search leads me to CEH of EC-Council , GSEC of SANS Institute and Cybersecurity Essentials of Prometric. In the same time I received some Cisco ads  about their new SCYBER  Certification and that caught my attention.

To make my choice , I discarded CEH and GSEC because the sources materials for these certifications were scarse and not fully available on Pi****bay ;)!(shuuuuuut !!! I took almost all y sources materials on it ).

I started compare SCYBER and Cyber Security Essentials of Prometric , and for me this last looked like Security + Certification that I passed . Then I focused on SCYBER , but it was a new certification , that means no sources materrials available,  only in the training center !

I decided to come back to CEH. some months have passed and I started to see the new version V8 of the certification available, but my mind was always in the SCYBER  may be due to of lack of materials  to correctly setup my CEH Lab.., it was difficult for me to perform CEH Labs  ( I had 2 computers one Mac Book Air “11”, and an old Windows PC 32bits  😦  ,  not enough memory for different VMs Machine to setup  …and so on ) .

This is how the true CEH Lab looks like according to EC-Council.

Capture d’écran 2014-10-01 à 14.40.41

But I don’t give up , I keep trying my best by download and learn about Computer Forensic , Hacking , Cybersecurity … ( I have a 700 GB data  hard disk so I can always  do news things :)) .

Few week ago , after an interview I saw one Cisco Live conference gived by James Risler , the Topic was about Cisco Cyber Security Analyst Specialist Certification, that convince me to prepare SCYBER.

For me , it was not too difficult , besides I think that the SCYBER exam was  easy more  than the preparation I  made (may be I did too much  preparation ?!?!). I so  much appreciated all subjects I learned and experienced more  than the exam itself.  I just failed one question on 58  🙂 .

The official sources material it not yet available excepted some cisco presses . The official  preparation is given by a  cisco instructor led courses.

I used some Cisco presses , mainly  my own searchs among my 700 GB data of my hard disk ( Computer Forensic , Ethical Hacking , TCP/IP fundamental , TCPdumps , Wireshark , Incidence Response procedure , …) and some forum .

Capture d’écran 2014-10-01 à 17.49.57

Some subjects seems basic, but for example if you can not read the information contained in the TCP header , payload ..how can you investigate?

Even if  it’s Cisco certification , the subjects are not based on cisco technologies or products, but mainly on Cybersecurity in general like a neutral vendor certification can proceed .

And the winner is … 😉

Capture d’écran 2014-10-23 à 23.22.07

That’s what I can say about this certification I recommend you to watch this video if you want more details.