Sunday, June 23, 2013

Cisco Live Sunday Lessons Learned

Sunday was Day 1 for me at Cisco Live. Here are my key takeaways.
I attended the 4-hour morning session LTRSEC-2014 "Basic Network Threat Defense, Countermeasures, and Controls" with Randy Ivener and Joe Karpenko. Whether you're an Enterprise or Service Provider, unicast reverse-path forwarding (uRPF) checks can enhance security and clean up logs from edge routers. Rather than using an ACL blocking packets sourced from undesired address ranges (e.g. RFC 1918 and RFC 5735) or spoofed from your own addresses, you can implement uRFP to black-hole the traffic in CEF. Benefits include cleaner logs and lower processor overhead (depending on hardware) because the uRFP check is done in CEF. You still need the ACL, but uRPF can help.
Many thanks to Ed Wheadon (@avalonhawk) for weighing in on my IPAM self-task (see my Cisco Live To Do List here). I didn't know anything about Windows Server 2012 including IPAM. I'll have to check that out.
Kathleen Mudge (@kathleenmudge) and her crack Social Media team did a GREAT job this year putting together a beautiful and functional Social Media Hub that was accessible from Day 1, and they continue to promote the Cisco Live conversation through building online relationships among attendees. Oh, and the Scavenger Hunt was a blast (and it's only just begun)!
So many great folks here! Looking forward to meeting so many more smart people.


  1. Do not even consider Windows 2012 IPAM as one of your possible software choices. NJVC was chosen to evaluate it as it was being released & we learned all the limitations it has. Email me if you want more details.