Recent posts

#21

Forum Lobby / Re: Beryl

Last post by Otanx - July 10, 2024, 03:16:57 PM

Forgot you were down that way. Glad you guys got skipped. I did see an article that people were tracking the power outages using the Whataburger app. Apparently the power company does not have an outage map, but the Whataburger app shows which stores are open or closed and because they are normally 24x7 they could track where the power outages were.

-Otanx

#22

Security / Re: Dave work fun

Last post by Otanx - July 10, 2024, 03:10:10 PM

My old place is finishing up their migrations. They have to do STIG instead of CIS, and they are doing ASA to Palo, but it is all the same at the end of the day. If it wasn't for those details I would guess you worked there. They had a window to do a big cut over on Saturday after the 4th. It took them a little longer than expected, but it was successful. I think they only have two HA pairs left to migrate which will close out a 2 year plus migration. Then they get to move on to the switching refresh. Both data center and access are hitting at EOL near the same time so it will be a lot of work.

Are you planning to migrate to FTD at some point? We looked at it when it first came out as the obvious replacement for ASA and it was missing a lot of features, but I heard it is much more feature complete now.

-Otanx

#23

Security / Re: Dave work fun

Last post by deanwebb - July 10, 2024, 11:53:19 AM

Oof, migrating configs is tedious stuff. Best of luck with that, hate to have to see you do it all again because of a stupid missed detail somewhere!

#24

Forum Lobby / Re: Beryl

Last post by deanwebb - July 10, 2024, 11:51:58 AM

We only had some passing showers, no storming at all. Most of it passed to the east of us.

Houston got hit hard - lots of power outages there.

#25

Forum Lobby / Beryl

Last post by icecream-guy - July 09, 2024, 06:05:45 PM

So deanwebb

how did Dallas fair the Beryl storm?

#26

Security / Dave work fun

Last post by icecream-guy - July 09, 2024, 05:54:42 PM

Getting tired of working firewall CIS compliance for over 200 firewalls, I've been at it for years. Yes it's a slow process with change management, but now that one of the team members left I've been tasked with firewall refresh,  standing up new hardware in parallel and migrating VLANs from the old ASA 5585 firewall to the new 4100 Running ASA. Still not quite to the FTD yet. had a 10 hour maintenance last weekend moving some 50 or so VLANs from one firewall to another updating routes and ACL's. but that's what I've been up to.


 

#27

Forum Lobby / Re: Happy July 4th

Last post by deanwebb - July 04, 2024, 04:43:51 PM

Had an internet outage yesterday, so my holiday started kinda early... and quiet... played a bunch of older games from the days when I didn't have Internet when I wasn't dialed in.

#28

Forum Lobby / Happy July 4th

Last post by icecream-guy - July 04, 2024, 03:20:26 PM

for those that celebrate.

#29

Routing and Switching / Re: Spine/Leaf for the Enterpr...

Last post by deanwebb - July 02, 2024, 04:40:20 PM

Cool, that's the ticket, looks like. Understanding the new vxlan headers. Thanks!

#30

Routing and Switching / Re: Spine/Leaf for the Enterpr...

Last post by Otanx - July 01, 2024, 03:49:41 PM

I like it. That was what I was planning for my old gig before I moved to the dark side. If they end up hiring my new company it will still be what I suggest. The goal was to use the same technologies for both access and data center. The same team is managing both parts of the network so making them match helps with operations.

Using spine/leaf does not really change much for monitoring. If you have a requirement for FPC or DPI you probably already have everything in place already. Depending on the details of where the existing capture points are it may just mean making sure the monitoring tools understand the new vxlan headers, and how to parse/strip/inspect them.

-Otanx