+ Reply to Thread
Page 2 of 7 First 12 3456 ... Last
Results 26 to 50 of 161
  1. Member
    Join Date
    Jun 2007
    Posts
    90

    Certifications
    ITIL,MCSA,MCITP, SCCM,SCOM,EXCH 2007,EXCH 2010, CCNA,CCNP,CCIP,CCIE Sec
    #26
    very good review about the class, sounds very interesting..cannot wait for the dc class next year
    happy xmas season
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #27
    Quote Originally Posted by Iristheangel View Post
    We went through AMP, AMP for endpoints, more complex IPS rules, troubleshooting, logging, etc.

    how is AMPS? I briefly looked into it, but no one was very familiar with it
    Reply With Quote Quote  

  4. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,717

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #28
    @Mike - I run it at home and in my lab for Endpoints. It's a good product and integrated with Threatgrid so it has some pretty awesome sandboxing and analysis utilities to detect zero day malware and help you mitigate it. I love the File and Device trajectory views so I can see how big my mess is, where it spread to, what action did the file take, etc. Just to give you an idea, here's the dashboard when I login:
    AMP1.PNG

    It's pretty easy for me to switch over to Events and check out different files received, their disposition, what action was taken, the File Anaysis in the sandbox, etc:
    AMP2.jpg

    Under the File Analysis, i can see the threat score and the high-level indicators of why it was determined to be malware:
    AMP3.jpg

    If I click that Report button, I get to see WAYYYYY more information:
    AMP4.jpg
    Attached Images Attached Images
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  5. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,717

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #29
    From here, you can see the whole file analysis report. It'll tell you how long it took to determine that the file was malware (6 minutes), the comprehensive report of behavioral indicators, what action the file took when executed in the sandbox, what it changed, what network traffic was generated, etc:
    AMP5.jpg

    On the top of the report, you can also download the sample in a compressed and password-protected format if you really feel the need, you can actually watch a video replay of it being executed in the sandbox, download the PCAP captures of the network traffic the malware generated and download the artifacts that the malware produced.

    As far as the File Trajectory or Device Trajectory feature, this is how it looks:
    AMP6.PNG

    AMP7.jpg

    So as you can see, definitely seeing a lot of data. Files and changes are tracked and if a file is changed from the disposition of Clean or Unknown later on, it will alert you, tell you where it spread and give you the ability to pull it out of all the infected hosts. It's some cool stuff.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  6. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,717

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #30
    This week is the start of multiple weeks of VPN. I'm noticing a trend in this class for me personally:
    - Class starts
    - 10 minutes in, I'm feeling like I already know the material and it's going to be a coasting week...
    - 30 minutes in, I say to myself: "Hmmm... that's new. I'm going to start taking some notes..."
    - 60 minutes in: *scribble* *scribble* *scribble*
    - 90 minutes in: "F it. I'm not going to get everything in the first pass..." and I just give up on notes and sit back.
    - 2 hours in: Brain explodes

    I ALWAYS end up rewatching the class a little at a time throughout the week and always try to finish by the time the next class rolls around. I probably have over 200 pages of notes from 5 weeks of class now. Amazing stuff. I paid for this class out of pocket and I still can get enough. I thought I knew Firepower prior to this class.... I was so so so so wrong. I had to accept that around the time we were manipulating preprocessors, playing with IPS layers, and examining/creating raw SNORT rules that I was so so so wrong and it's AWESOME. This is exactly what I hoped for out of a class and I rarely get: Mostly new material and a solid deep dive with lots of foundation included.

    One thing this class is inspiring me to do is go after my Sourcefire Certified Expert certification. I'd have to get the SSFIPS and SSFAMP exams out of the way. I checked out the SSFIPS book on Safari and it looked like most of the stuff this class already covered so I might not really need to read the book and feel pretty comfortable with most of the topics of the exam. The SSFAMP one has me a little worried. I couldn't find any VODs or books online about it and the only class I see is one through Cisco Learning Partners for 2-3 days for $2000. Not sure if that's really worth it or it's not something I can just self-study and knock out.

    Anyways, this week is ALL about VPN theory and DMVPN. If you want to ever believe that theory is going to be a light week, check that notion at the door with this class (I mean that in an awesome way). I'm happy to report that at Week 6, this class is still worth the money and the quality hasn't dropped. It's supposed to be a 16 week class but I suspect it might end up being closer to 17 weeks. We got stalled up on the third week with ASA concepts so we're going to have to spend a week going over what we missed: BotNet, Threat Detection, ASA Clustering, etc on the ASA native platform. That being said, I'm very much appreciative of the fact that he's not going to make us miss concepts just because we didn't cover it on the day it was scheduled.

    That's all for me this week on this class
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  7. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #31
    thanks for the detailed review, AMPS looks pretty legit
    Reply With Quote Quote  

  8. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,569

    Certifications
    SpecterOps: Powershell Adversary Tactics, SilentBreakSecurity - DarkSideOps, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , C|EH , PA ACE
    #32
    This sounds like an awesome class! I will have to keep my eye on this and I will be looking forward to your final analysis after your done

    Keep up the great work!
    2017 Goals: Dark Side OPS: Custom Pentesting (complete), SpecterOps: PowerShell Adversary Tactics (completed), eCPPT (2nd attempt), LFCS (2nd attempt), OSCP (Ah next year...)
    Reply With Quote Quote  

  9. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,717

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #33
    No problem, Chris I can honestly say it's worth it so far. Here's what I've received with 5 weeks of the class:
    - Mastering ASA Lab Workbook (Approx $100 Value)
    - Mastering VPN Lab Workbook (Approx $200 Value) - We're supposedly getting this one this week
    - Firepower Lab Workbook (Not available for individual purchase but you can access it through narbik.academy so a year there is $200)
    - 5 weeks of labbing so far with ASAs, CSR1000v, and Firepower. Later in the class, that'll be expanded to CDA, ESA, ISE, WSA, etc as we cover the topics.
    - 5x 6-8 hour lectures - Some which don't have any sort of competitor class such as the Firepower v6.0 class since it's so new
    - 200+ pages of notes I've taken

    We're also supposed to get the CCIE Security v4 lab workbook (approx $350 value) by the end of the class too which will cover the legacy IPS. The instructor doesn't want to cover it in lecture because a) it's only approx 20% of the exam, b) the workbook covers it completely, and c) it will die when the exam is refreshed next year so we would have wasted a week on it for nothing. The only thing I can see them adding the next time they do this class is Lancope since Cisco announced and is moving forward with that acquisition pretty quickly and the overlords at the Cisco Certification Program might have enough time to fit it in the CCIE Security refresh depending on when it closes. The only reason the Firepower/Sourcefire stuff didn't end up in the CCNP Security refresh is because the Sourcefire acquisition didn't close until October of 2013 - which is around the time they had announced the CCNP Security refresh and had the topics ironed out.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  10. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,717

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #34
    Just finished week 7 of the class. Brain. Exploding.

    This week was EZVPN and DMVPN. And I thought the last session was intense! LoL. I'm going to do my usual re-watch of the class and comment more but it was good stuff. The DMVPN part definitely is part of the CCIE R&S track so that was nice. The instructor also went over behavior with DMVPN with different routing protocols which was awesome too.

    Almost to the halfway point with this class. Still loving it.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  11. Senior Member aftereffector's Avatar
    Join Date
    Dec 2013
    Location
    NC
    Posts
    512

    Certifications
    CISSP, CASP, CCNA R/S, CCNA Security, MCTS
    #35
    I hope they offer another session of this class later this year - it sounds like something I could really use. Thanks for the writeup, Iris!
    Reply With Quote Quote  

  12. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,717

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #36
    Ok... I'm at the 9 week mark. I think it's more accurate to say I'm at the halfway point. Some topics have taken longer than others since this guy does NOT like to skip anything at all. Here's what we're gone through so far:
    Week 1 - Basic ASA, syntax, behavior, etc
    Week 2 - MPF, Class maps, inspection, transparent vs L3 firewalling, failover, etc
    Week 3 - All things NAT. Pre-8.3 and post-8.3
    Week 4 - Firepower - History, Policies, ACP, IPS traffic flow, network discovery, deployment scenarios, security intelligence, DNS policies, digging into the network map, diving into Snort rules, etc
    Week 5 - Firepower Part 2 - Deeper dive into Snort rules, event filtering, alerting, remediation, scheduling tasks, sandboxing, AMP, file policies, preprocessors, SSL decryption, etc
    Week 6 - VPN, IPSec Theory, PKI, VPN types and mode, etc
    Week 7 - DMVPN - Definitely going to help with the CCIE R&S
    Week 8 - GET VPN and Flex VPN
    Week 9 - SSL VPN, EasyVPN (ha! Marketing name, you lie!), RA VPN, Clientless VPN

    Next week we're deep diving in to VPN load balancing, HA and mobility. After that, we'll be taking a break from the 5 week VPN onslaught and heading right into content security! Weeeeee. Did I mention I love this class?
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Jun 2013
    Location
    London, United Kingdom
    Posts
    285
    #37
    Quote Originally Posted by Iristheangel View Post
    Ok... I'm at the 9 week mark. I think it's more accurate to say I'm at the halfway point. Some topics have taken longer than others since this guy does NOT like to skip anything at all. Here's what we're gone through so far:
    Week 1 - Basic ASA, syntax, behavior, etc
    Week 2 - MPF, Class maps, inspection, transparent vs L3 firewalling, failover, etc
    Week 3 - All things NAT. Pre-8.3 and post-8.3
    Week 4 - Firepower - History, Policies, ACP, IPS traffic flow, network discovery, deployment scenarios, security intelligence, DNS policies, digging into the network map, diving into Snort rules, etc
    Week 5 - Firepower Part 2 - Deeper dive into Snort rules, event filtering, alerting, remediation, scheduling tasks, sandboxing, AMP, file policies, preprocessors, SSL decryption, etc
    Week 6 - VPN, IPSec Theory, PKI, VPN types and mode, etc
    Week 7 - DMVPN - Definitely going to help with the CCIE R&S
    Week 8 - GET VPN and Flex VPN
    Week 9 - SSL VPN, EasyVPN (ha! Marketing name, you lie!), RA VPN, Clientless VPN

    Next week we're deep diving in to VPN load balancing, HA and mobility. After that, we'll be taking a break from the 5 week VPN onslaught and heading right into content security! Weeeeee. Did I mention I love this class?
    So am I right in thinking CCIE Security might be on the cards after R&S?
    Reply With Quote Quote  

  14. Junior Member
    Join Date
    Jan 2016
    Location
    Canada
    Posts
    24
    #38
    Hello Iristheangel:

    Enjoy reading the post and your blog.

    I have done my IE (Voice) a couple of years ago. However, I find myself troubleshooting routing, switching and VPN often. Once the Voice apps are running and phones registered, the action is fully focused on the voice gateway routers, switches and VPN (for vpn phone and mobile); an area that I am not knowledgeable, especially security. I decided to take up CCIE Security but I found a lot of R&S incorporated. So, I have decided to pursue my IE R&S and eventually do Security.
    Will I be able to do this course (ZtoH) with ccna R&S knowledge? Is this course geared toward IE Security? 4 months full access to the rack is awesome. Just the cost of the course is equivalent to the rack rental, and I am comparing it to the cheapest rental)

    Best with your course and eagerly waiting for your class updates.

    Fumanchu
    Reply With Quote Quote  

  15. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,717

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #39
    @Fumanchu - Absolutely. They recommend at least CCNA R&S knowledge so you should be fine
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  16. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,717

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #40
    Week 10 of the class. We finally finished VPN. Coming up this week: ISE 2.0. That will be a FUN class.

    For anyone interested in taking this class, it seems they'll be starting the next class around the March 12th timeframe so jump on it if you're interested. Definitely worth the money.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  17. Junior Member
    Join Date
    Jan 2016
    Location
    Canada
    Posts
    24
    #41
    I am looking to join the August batch. That would give me time to do my CCNP Security and some hands on
    Reply With Quote Quote  

  18. Junior Member
    Join Date
    Jan 2016
    Location
    Canada
    Posts
    24
    #42
    Hello Iris:

    Is the security rack accessible 24x7 during the 16 weeks?

    Cheers
    Reply With Quote Quote  

  19. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,717

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #43
    Yes it is
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  20. Junior Member
    Join Date
    Jan 2016
    Location
    Canada
    Posts
    24
    #44
    This 16 weeks package with lab access looks like a great deal. Glad I stumbled across your article. On another note, would you recommend WGU?

    Regards,
    Fumanchu
    Reply With Quote Quote  

  21. Junior Member
    Join Date
    Jun 2012
    Posts
    22

    Certifications
    Linux+, Project+, A+, CCNA, CCNA Voice, CCNA Security, CCDA, CCNP
    #45
    Hey Iris - thanks for keeping us updated with the class. I'm very much interested and hoping to convince my boss to let me take the course. A couple of questions for you if you don't mind.

    1. You mentioned the instructor had a bit of an accent; does he have any youtube videos or anything where I might be able to hear what he sounds like? Or do you feel like it's a non-issue? I'd hate to spend that kind of money and struggle to understand him. That'd be a mighty long 16 weeks.

    2. After taking this course, would it be reasonable to expect to be able to pass all 4 (or any) of the CCNP Security tests?

    Thank you so much and glad you're enjoying the course!!

    mitch
    Reply With Quote Quote  

  22. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,717

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #46
    1. He does have an accent. He's from Poland. His name is Piotr Matusiak and I was a bit nervous going in that I wouldn't be able to understand him either given that I couldn't find a public video of him speaking in English. It ended up being a non-issue. I found his pretty easy to understand. I think the only word he sometimes kinda slips on is "commands." Sounds like "comments" to me :P I believe you should be able to watch some old videos of his in English here: Narbik Academy | "If you can't explain it simply, you don't understand it well enough"

    2. I think so. You'll definitely have deep-dived into ISE, VPN, IOS security, etc. The only thing you won't cover directly is the old old old IPS that's not sold by Cisco anymore. For the purpose of this course, they decided to skip it for obvious reasons but that might still be on the CCNP exams. They do provide workbooks that go through them though so that should fill in a bit for you.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  23. Senior Member
    Join Date
    Jan 2012
    Posts
    1,240

    Certifications
    BS IT (CCNA R&S, Security, Voice) CCDA, MCP XP, A+, L+, P+, LPIC-1, SUSE CLA
    #47
    @Iris

    I think by default you have to do the CCIE Sec next lol. Great write up on this class, 16 weeks of deep dive for $3500 with 24/7 rack access is a deal and a half. I know most bootcamps charge that for a week. If I could get my boss to pay for it I'm in there lol.
    In life you have to make your own opportunities. Don't let anyone stop you from your dreams to many negative people want you to fail because they can't succeed.
    Reply With Quote Quote  

  24. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,717

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #48
    Quote Originally Posted by fumanchu View Post
    This 16 weeks package with lab access looks like a great deal. Glad I stumbled across your article. On another note, would you recommend WGU?

    Regards,
    Fumanchu
    Sorry. Didn't see the WGU question. Yes. I would recommend it. It checks the degree box and I felt like I learned a lot during my BS. The MS was a lot more boring to be honest but I don't regret either and would recommend it.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

  25. Member
    Join Date
    Jun 2004
    Posts
    30
    #49
    The prerequisite for this class is unbelievable - Just CCNA R&S ...Really? The topic discuss sounds more advanced topic! I maybe wrong, but I think a CCNP Sec or a few years of exposure to Cisco security appliance is a must for this training.
    Reply With Quote Quote  

  26. ABL - Always Be Labbin' Iristheangel's Avatar
    Join Date
    Dec 2009
    Location
    Pasadena, CA
    Posts
    3,717

    Certifications
    CISSP, CCIE DC, CCNP R&S/DC, CCDP, CCNA:RS/S/V/DC, CCDA, BCVRE, BCEFP, BCNE, CEH, CHFI, MCSE:S, MCDST, A/S/L/P/N+, some useless Citrix and CIW certs
    #50
    It wouldn't be "zero" to "hero" if you started in the middle There's a couple topics I definitely started as a zero on: VPN and ESA/WSA

    It definitely helped me a lot. It does require a LOT of work through to be honest. It's not just 8 hours a week... Because to get the most out of it, rewatching the class every week, labbing the tasks and working through the workbooks is key. That's a full-time study job in itself but it definitely will catapult you in security. One thing to note and why I decided to take the class: No other Cisco Learning Partner has a Firesight/Firepower v6.0 or ISE 2.0 class. I believe the closest they have is Firesight v5.4 and ISE 1.3. In time, they'll have it when Cisco marketing decides to pump one out with marketing material and enough slides to lull you into a coma but this guy is 100% CLI and whiteboard so it's a lot more fun. That might be a personal preference but I definitely do NOT learn through powerpoint
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
    Reply With Quote Quote  

+ Reply to Thread
Page 2 of 7 First 12 3456 ... Last

Social Networking & Bookmarks