Author: Loxx

Aaron Woland, CCIE No. 20113, is a Distinguished Engineer in Cisco’s Security group and works with Cisco’s Largest Customers all over the world. His primary job responsibilities include security design, solution enhancements, standards development, advanced threat solution design, endpoint security and futures. Aaron joined Cisco in 2005 and is currently a member of numerous security advisory boards, and standards body working groups. Prior to joining Cisco, Aaron spent 12 years as a Consultant and Technical Trainer. Aaron is the author of: both editions of the Cisco ISE for BYOD and Secure Unified Access book; the All-in-one Cisco ASA Firepower Services, NGIPS and AMP book; the CCNP Security SISAS 300-208 Official Cert Guide; the CCNA Security 210-260 Complete Video Course; and many published white papers and design guides. Aaron is one of only five inaugural members of the Hall of Fame Elite for Distinguished Speakers at Cisco Live, and is a security columnist for Network World where he blogs on all things related to Security. His other certifications include: GIAC x8, Certified Ethical Hacker, MCSE, VCP, CCSP, CCNP, CCDP and many other industry certifications. You can follow Aaron on Twitter: @aaronwoland

Cisco Identity Intelligence – Webhooks with Cisco XDR

Hopefully, you are fully aware of what Cisco Identity Intelligence is. If not, take a look at this blog post. In short, it's a fantastic solution for Identity Threat Detection and Response (ITDR). When a detection fires in Cisco Identity Intelligence (CII); which is to say that a user or login event triggers a failed … Continue reading Cisco Identity Intelligence – Webhooks with Cisco XDR

Introducing SecureX Device Insights – Looking for Testers

SecureX is something that was a long-time-coming and very welcome now that it’s here. Cisco now has a centralized, cloud-based, integration platform to act as a hub for the plethora of security products in the Cisco portfolio as well as with non-Cisco security products as well! With this centralized platform approach, there are many functions … Continue reading Introducing SecureX Device Insights – Looking for Testers

Posture w/ ISE & Mobile – the stuff no one talks about

I recently presented a CCIE Security webinar on this topic because it's a topic that is poorly documented and even not very well understood. Naturally, that is something I want to change, and the exact type of thing that this blog is exists for! This blog post will dive into how ISE works with mobile … Continue reading Posture w/ ISE & Mobile – the stuff no one talks about

Dynamic Split Tunneling – a COVID-19 Best Practice

DST to exclude WebEx from Tunnel

I'm posting this blog with intentions of helping you with some best practices around your Cisco AnyConnect Remote-Access VPN (aka: RA-VPN) configuration. With these best practices, I will try to include the different thought-patterns around "why" a company might choose to deploy 1 way or another, but my recommendations will still stand as MY best practice, which also matches what the AnyConnect business unit at Cisco recommends, as well.

Security of the Modern Mobile OS

The idea for this blog post came to me during a discussion around some recent research performed by Cisco's Talos threat research group. The post: Advanced Mobile Malware Campaign in India uses Malicious MDM authored by Warren Mercer, Paul Rascagneres and Andrew Williams and the follow-up post containing additional research found here: Part-2. In this … Continue reading Security of the Modern Mobile OS

Using Configurator 2 to prep iOS for CSC

In order to use Cisco Security Connector (CSC) for iOS, the endpoint must first be in supervised mode and managed by an MDM. The easiest way to manage Apple iOS devices is to use Apple's Device Enrollment Program (DEP); which is now rolled into their new Apple Business Manager (ABM) program. However, there are certainly … Continue reading Using Configurator 2 to prep iOS for CSC