The Cisco TAC Security Podcast Series is created by Cisco TAC engineers. Each episode provides an in-depth technical discussion of Cisco product security features, with emphasis on troubleshooting.
The podcast panel discuss the motivations for using the new ASA clustering feature, and the basics for how a cluster of ASAs handles traffic. Different cluster deployment modes (Spanned Etherchannel vs. Layer 3 mode) and clustering concepts are discussed, along with best practices for a successful cluster deployment. Listen Now (MP3 - 40.2 MB; 41:50 min) Read Show Notes
18 December 2013
Episode 39 - TAC Security Podcast - Voice Security Concepts and Best Practices
Speakers: Magnus Mortensen, Justin Betz, John Casale, Tim Tesluk
Justin, John and Tim from the Cisco Voice TAC teams join Magnus to discuss the basic concepts behind voice security. They then cover best practices, and common problems that administrators encounter when deploying secure voice technologies. Listen Now (MP3 - 35.5 MB; 36:49 min) Read Show Notes
11 Novemenber 2013
Episode 38 - TAC Security Podcast - Introduction to OnePK
Speakers: Jay Johnston, David White Jr., Joe Clarke
Jay and David and Joe discuss OnePK technology and how to get started writing custom OnePK apps. Listen Now (MP3 - 19.9 MB; 21:44 min) Read Show Notes
Jay and David discuss the new NAT configuration style introduced with ASA version 8.3. The overall approach to configuring NAT are discussed, along with troubleshooting techniques, and best practices. Listen Now (MP3 - 34.5 MB; 37:46 min) Read Show Notes
27 August 2013
Episode 36 - Network Management at Cisco Live! 2013
Speakers: Jay Johnston, David White Jr., Joe Clarke
Joe and the podcast team discuss managing the network at Cisco Live! this year, and what specific steps, tools and best practices were employed to make the network successful. Listen Now (MP3 - 22.1 MB; 22:58 min) Read Show Notes
16 July 2013
Episode 35 - Identity Services Engine v1.2
Speakers: Magnus Mortensen, Jay Johnston, Jesse Dubois, Aaron Woland.
Jesse Dubois, TAC engineer, and Aaron Woland, Identity Services Engine (ISE) Technical Marketing Engineer, discuss version 1.2 of the ISE solution. Discussion focuses on new features, the upgrade process, and tips and tricks to get the most out of your ISE deployment. Listen Now (MP3 - 37.88 MB; 41:22 min) Read Show Notes
15 July 2013
Episode 34 - Cisco Live! 2013 Orlando Florida
Speakers: Magnus Mortensen, Jay Johnston, David White Jr.
The panel set up a recording table in the hallways of Cisco Live! 2013 in Orlando Florida, to talk to our customers and partners about security technologies and the Cisco Live event. Listen Now (MP3 - 55.9 MB; 58:15 min) Read Show Notes
10 June 2013
Episode 33 - Virtual Security: The ASA1000v and Virtual Security Gateway
Speakers: Rama Darbha, Michael Robertson, Magnus Mortensen, Jay Johnston, David White Jr.
This episode focuses on some of Cisco's Virtual Security Appliances, the ASA1000v, the Virtual Security Gateway (VSG) and the Virtual Network Management Center (VNMC). Rama Darbha and Michael Robertson discuss how administrators can use these products in their virtual environments, as well as the packet forwarding path and troubleshooting techniques for these products. Listen Now (MP3 - 32 MB; 44:25 min) Read Show Notes
28 March 2013
Episode 32 - Investigating Syslogs: Tips and Tricks
Speakers: David White Jr., Jay Johnston, Magnus Mortensen
The panel discusses best practices for configuring devices to generate syslogs, and how the TAC investigates syslogs provided by customers. Tips and tricks for parsing through large syslog files, as well as techniques and tools for finding useful information are discussed. Listen Now (MP3 - 15.9 MB; 22:01 min) Read Show Notes
21 February 2013
Episode 31: A look into ASA Quality with the Quality Assurance Team
Speakers: David White Jr., Jay Johnston, Magnus Mortensen, and special guest Paul Larue
This episode provides a peek behind the scenes at Quality Assurance for the Cisco ASA Software, featuring special guest Paul Larue (Technical Leader with Cisco Engineering). The panel discusses the different types of tests that occur at all stages of the ASA software development lifecycle and the continued focus on quality. Listen Now (MP3 - 17.73 MB; 25:50 min) Read Show Notes
12 September 2012
Episode 30: Introducing FlexVPN
Speakers: Magnus Mortensen, Jay Young, Wen Zhang and Frederic Detienne
Magnus interviews a panel of VPN experts on a new shift in VPN technologies, Flex VPN. The panel includes VPN escalation engineers Wen and Jay Young as well as a special guest, Frederic Detienne. Fred hails from our Brussels location and is a Distinguished Support Engineer specializing in VPN and crypto technologies. The crew talks about Flex VPN and the new IKEv2 technology. Listen Now (MP3 - 38.7 MB; 40:16 min) Read Show Notes
22 August 2012
Episode 29: Cisco Live! 2012 San Diego
Speakers: David White Jr., Jay Johnston, Magnus Mortensen, Blayne Dreier, Tom Alexander, Jay Young-Taylor, Wen Zhang, Andrew Yourtchenko, Randy Riviera
The podcast team returns to Cisco Live! in San Diego to give presentations, deliver lab trainings, and tape an episode of the Cisco TAC Security Podcast! The team talks to several customers about topics such as ASA VPN Client to Anyconnect migration, IPv6 use at Cisco Live, and much more. Listen Now (MP3 - 18.2 MB; 25:19 min) Read Show Notes
14 June 2012
Episode 28: The History of the PIX
Speakers: David White Jr., Jay Johnston
Jay and David discuss the history of the PIX platform. Topics include the different PIX hardware types, how the software changed over time, the motivation for some of the features that were added, and also how the history of the Firewall Services Module, PIX and ASA are intertwined. Listen Now (MP3 - 15.7 MB; 22:57 min) Read Show Notes
23 May 2012
Episode 27: IOS Embedded Event Manager
Speakers: David White Jr., Jay Johnston, Magnus Mortensen, Joe Clarke
Special guest Joe Clarke discusses the capabilities of IOS Embedded Event Manager. The panel discusses some very interesting use cases for EEM, and how it can be used to add new features to IOS as well as aid in troubleshooting complex network problems. A special listener challenge is given at the end of the show! Listen Now (MP3 - 19.3 MB; 28:13 min) Read Show Notes
06 Mar 2012
Episode 26: Troubleshooting IPSec VPNs
Speakers: David White Jr., Blayne Dreier, Jay Johnston, Magnus Mortensen, Jay Young-Taylor, Wen Zhang
Special guests Wen Zhang (Cisco TAC) and returning guest Jay Young Taylor (Cisco TAC) discuss the methodologies and approaches to troubleshooting IPSec VPN problems. The team discusses the best way to use show commands, debug output, and troubleshooting tools to get your VPN tunnels up and passing traffic! Listen Now (MP3 - 29.3 MB; 42:42 min) Read Show Notes
27 Jan 2012
Episode 25: Understanding DMVPN and GETVPN
Speakers: David White Jr., Blayne Dreier, Jay Johnston, Magnus Mortensen, Jay Young-Taylor, Wen Zhang
Special guests Wen Zhang (Cisco TAC) and returning guest Jay Young Taylor (Cisco TAC) discuss the differences between the DMVPN and GETVPN technologies. Deployment scenarios, as well as case studies and common customer TAC cases are discussed. Listen Now (MP3 - 39.4 MB; 57:26 min) Read Show Notes
Contact Us
Have questions about an upcoming podcast? Want to offer feedback about a specific episode?
> Submit question or feedback
Speakers: David White Jr., Blayne Dreier, Jay Johnston, Magnus Mortensen, Jesse Dubois, Aaron Woland
Special guests Jesse Dubois (Cisco TAC) and Aaron Woland (Cisco TrustSec Engineer) talk with the team about the new Cisco Identity Services Engine. The discussion provides an overview of the ISE solution, deployment best practices and common problems, and hot issues and troubleshooting techniques, as well as monitoring. Listen Now (MP3 - 26 MB; 37:50 min) Read Show Notes
31 Oct 2011
Episode 23: The Cisco ASA Services Module
Speakers: David White Jr., Blayne Dreier, Jay Johnston, Magnus Mortensen
This episode features discussion about the new Cisco ASA Services Module (ASASM). Topics discussed include the hardware architecture differences between the ASASM and the Firewall Services Module (FWSM), new features introduced with the ASASM, and FWSM to ASASM migration tools and strategies. Listen Now (MP3 - 21.9 MB; 32:02 min) Read Show Notes
08 Sep 2011
Episode 22: How Cisco uses the Web Security Appliance to protect its network
Speakers: David White Jr., Blayne Dreier, Jay Johnston, Magnus Mortensen, Zack Shaikh, Jeff Bollinger
Jeff Bollinger (Cisco Information Security Investigator), and Zack Shaikh (Cisco TAC engineer specializing in the Ironport Web Security Appliance) join the panel for a discussion about the WSA product. Then Jeff shares how Cisco is dploying WSAs to protect its own network from threats on the web, and some lessons he's learned along the way. Listen Now (MP3 - 36.5 MB; 51:51 min) Read Show Notes
03 Aug 2011
Episode 21: Cisco Live! Las Vegas 2011
Speakers: David White Jr., Blayne Dreier, Jay Johnston
The podcast team brought their recording equipment along to Cisco Live! in Las Vegas to talk to Cisco customers about their impressions of Cisco Live and some of the classes they are taking, and also how they use Cisco security products. Listen Now (MP3 - 21.9 MB; 31:56 min) Read Show Notes
06 Jun 2011
Episode 20: This Week In TAC!
Speakers: David White Jr., Blayne Dreier, Jay Johnston, Magnus Mortensen, Justin Betz, Michael Robertson, Rama Darbha
This episode features discussion about interesting customer TAC cases that were tackled this week by the Firewall team in Research Triangle Park, North Carolina. Rama Darbha walks us through a problem with CPU HOGS and SNMP monitoring on an ASA. Justin Betz discusses a DHCP-Relay problem caused by a NAT translation issue on a FWSM. Mike Robertson discusses a FWSM issue where a UDP network attack was taking place, and David White Jr. discusses how he determined what extra padding data was being added to ICMP packets that were so small they violated a RFC. Listen Now (MP3 - 29.2 MB; 42:32 min) Read Show Notes
03 May 2011
Episode 19: Troubleshooting the NAC Appliance
Speakers: Jay Johnston, Magnus Mortensen, Nevin Absher, Blayne Dreier
This episode focuses on the Network Admission Control (NAC) appliance, with special guest Nevin Absher from the Cisco AAA TAC Team in RTP, NC. The discussion starts with a basic introduction to how network administrators can use the NAC appliance to control access to the network in various deployment scenarios. The discussion then moves to NAC deployment and operation best practices as well as specific issues that some administrators encounter when deploying the solution, and how to avoid them. NAC troubleshooting methodologies and techniques are also discussed. Listen Now (MP3 - 24.02 MB; 36:39 min) Read Show Notes
19 Apr 2011
Episode 18: Useful ASA and IPS Commands and Features You Might Not Know About
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier
While working in the Cisco Technical Assistance Center, we utilize troubleshooting commands and techniques everyday that many Cisco customers aren't aware of. In this episode we highlight some of our favorite ASA and IPS one-line commands, and explain when to use them and how to interpret the output. In the show notes for the episode, we give sample output for each command. Listen Now (MP3 - 28.3 MB; 41:16 min) Read Show Notes
01 Mar 2011
Episode 17: Answering Questions From The Cisco Support Community
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier
The panel discusses the Cisco Support Community and the benefits it offers to Cisco customers, partners, and Cisco employees. Online discussions, collaborating on technical documents, as well as blogs and technical videos are discussed. Then, the group answers interesting questions raised by the community about the Cisco Advanced Security Appliance and Intrusion Prevention System. Listen Now (MP3 - 23.3 MB; 32:22 min) Read Show Notes
01 Feb 2011
Episode 16: Mitigating a SQL attack with ASA, IPS and IOS Firewall
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier
The panel discusses the concept of a SQL Injection Attack, and explains how this type of attack can be mitigated using the Cisco Adaptive Security Appliance (ASA), Cisco Intrusion Prevention System (IPS) and Cisco Zone-Based IOS Firewall (IOS Firewall). A real-world proof of concept is discussed, along with specifics about the various configurations required to stop the attack. Listen Now (MP3 - 22.3 MB; 32:28 min) Read Show Notes
12 Nov 2010
Episode 15:Using Certificates on the ASA and IOS platforms
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier, Jay Young-Taylor
This episode is all about digital certificates and how they can be used on the ASA and IOS platforms. The discussion starts with the basic concepts behind certificates and PKI, as well as the motivations for using certificate authentication. The discussion continues with best practices (such as backing up keypairs and trustpoints) and common customer problems and TAC cases. Listen Now (MP3 - 23.9 MB; 33:09 min) Read Show Notes
28 Sep 2010
Episode 14:TCP connections through the ASA and FWSM
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier
This episode focuses on TCP connections through the ASA and FWSM platforms. The panel discusses the TCP security checks performed by the Cisco firewalls and how to modify the TCP settings to adjust the firewall behavior for specific network conditions. TCP throughput optimization, techniques for monitoring TCP connections, and some common TAC issues are also discussed. Listen Now (MP3 - 34.5 MB; 47:57 min) Read Show Notes
26 Jul 2010
Episode 13:HTTP filtering on the ASA
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier
The panel discusses the http filtering capabilities of the ASA platform including custom http inspection, url-filtering, wccp capabilities and the Content Security Control (CSC) Module configuration and troubleshooting. Listen Now (MP3 - 24.9 MB; 36:20 min) Read Show Notes
11 Jun 2010
Episode 12:Securing Cisco Routers
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne, Dreier, Wen Zhang
Learn how to increase the security of Cisco routers. The panel discusses operational best practices and use of features such as authentication, authorization and accounting (AAA), control-plane policing, syslogging, configuration archiving, password types and Cisco IOS Embedded eEvent Manager. Listen Now (MP3 - 49.3 MB; 35:01 min) Read Show Notes
05 May 2010
Episode 11:ASA Anyconnect VPN
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier, Jay Young-Taylor
The ASA AnyConnect client is the next evolution in Remote Access VPN connectivity. In this episode the panel discusses the advantages of the AnyConnect client, strategies for migrating from the IPSec VPN client to AnyConnect, and package deployment tips. Additional topics include troubleshooting techniques, common AnyConnect problems, and methods for monitoring AnyConnect usage. Listen Now (MP3 - 50.7 MB; 36:56 min) Read Show Notes
16 Apr 2010
Episode 10:ASA Version 8.3
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier
The panel discusses the features introduced with the new Adaptive Security Appliance (ASA) version 8.3. Information about the differences between 8.3 and previous versions, new memory requirements for version 8.3, as well as information about the upgrade process are discussed. Listen Now (MP3 - 56 MB; 40:48 min) Read Show Notes
09 Mar 2010
Episode 9:Multiple context mode on the ASA and FWSM platforms
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier
This episode features conversation about the multiple context mode available with the Firewall Services Module (FWSM) and Advanced Security Appliance (ASA) platforms. The pros and cons of multiple context mode are discussed, along with some common deployment scenarios, best practice design considerations, and issues faced by customers who contact the TAC. Listen Now (MP3 - 52.30 MB; 38:06 min) Read Show Notes
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier
In this episode, the panel reviews the application protocol inspection features available on the ASA platform. The individual operation and features of the protocols are discussed. Listen Now (MP3 - 42.60 MB; 31:05 min) Read Show Notes
07 Jan 2010
Episode 7:Monitoring Firewall Performance
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier
Learn about personal computing choices and software tools used in the TAC to diagnose customer problems. The panel also reviews techniques and methods for monitoring firewall performance and identifying performance problems. Listen Now (MP3 - 49.30 MB; 34:30 min) Read Show Notes
07 Dec 2009
Episode 6:Tips for Taking the CCIE Security Exam
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier
Learn helpful study techniques, time management, and test taking strategies for the CCIE Security Exam. Listen Now (MP3 - 49.30 MB; 55:47 min) Read Show Notes
04 Nov 2009
Episode 5:Troubleshooting Firewall Failover, Part 2
Speakers: Jay Johnston, Kurt Chapman, David White Jr., Blayne Dreier
The panel of experts discusses the software version terminology and release process for the ASA, PIX and FWSM platforms. The episode then continues with part 2 of troubleshooting firewall failover. Listen Now (MP3 - 49.30 MB; 33:27 min)
01 Oct 2009
Episode 4:Troubleshooting Firewall Failover Part 1; Guest Omar Santos from PSIRT
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier, Omar Santos
Guest speaker Omar Santos from the Cisco PSIRT team discusses how Cisco handles product security vulnerabilities. Then the panel discusses the failover functionality of the ASA, PIX, and FWSM platforms in part one of our discussion of firewall failover, which spans two episodes. The next episode focuses on troubleshooting failover problems. Listen Now (MP3 - 49.3 MB; 35:54 min)
10 Aug 2009
Episode 3:Transparent Firewall Mode; Lifecycle of a TAC Case
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier
In this episode, the panel discusses the lifecycle of a TAC service request, how customers can help expedite case resolution, and configuration and troubleshooting of transparent firewall mode on the ASA and FWSM platforms. Listen Now (MP3 - 48.8 MB; 35:34 min)
01 Jun 2009
Episode 2:New Features Introduced with ASA Version 8.2
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier
In this episode, TAC engineers discuss how they use the Cisco labs to solve customer service requests. New features introduced with ASA version 8.2 are also discussed. Listen Now (MP3 - 44.00 MB; 32:03 min) Read Show Notes
29 May 2009
Episode 1:Using the Packet Capture Utility for Troubleshooting
Speakers: Jay Johnston, Magnus Mortensen, David White Jr., Blayne Dreier
In this episode, Cisco TAC engineers discuss the new RSS feed for customer issues currently being seen in the TAC. Learn how to resolve connectivity issues using the packet capture utility built in to the Cisco Adaptive Security Appliance (ASA), PIX Firewall, and Firewall Services Module (FWSM)platforms. Listen Now (MP3 - 53.8 MB; 39:12 min) Read Show Notes
