Articles by Kristian von Staffeldt

Cisco, Security April 9, 2020

Scalable Emergency Remote Access VPN with ASAv and AnyConnect

A lot of IT people these days are faced with an emergency requirement to massively scale up existing Remote Access VPNs (RAVPN) or create entirely new ones from scratch. This can be daunting in itself…

Cisco February 27, 2020

Using Firepower logs for uncommon and overseen purposes

It is often overlooked that a Firepower sensor is capable of very rich logging of a lot of interesting metrics. These can beside the normal SecOps use-cases also provide valuable insight into the health of…

Cisco, Security February 25, 2020

Elasticsearch, Logstash and Kibana (ELK) for Cisco Firepower

Setting up a quick ELK stack for use with Ciscos Firepower Threat Defense has never been easier. In this article I will showcase setting up a docker version of the ELK stack, together with the…

Cisco, Security February 19, 2020

Virtual Firepower (FTDv) automation deployment

While for long time firewall has typically been something associated with large metal appliances sitting on the outskirts of an infrastructure. More and more are looking into virtualizing also this part of their infrastructure. The…

Cisco June 14, 2018

Installing ISE 2.4 in the Homelab

No Homelab is complete without a state-of-the-art Identity and Policy Engine. Of course there is an official install guide available here which is written for supported Environment ect., but there are always us, the odd few…

Security December 6, 2017

Palo Alto Networks Firewall Hardware Internals

A lot of effort go into creating spec sheets and publish various numbers on what performance can be expected in order to help chose and size the right firewall model. This post tries to dive…

Security November 14, 2017

Extending the life of your Firepower Lab Enviroment

Updated: Word has it that the procedure described herein has be deprecaded in later releases (see comment below) When working with lab environments it is often an issue obtaining the proper licenses for the devices….

Security October 13, 2017

Palo Alto Networks Traps 4.1 – Cryptolocker Module

The Advanced Endpoint Protection (aka. Traps, aka. Cyvera) from Palo Alto Networks have added a seperate ‘Cryptolocker module’ to its range of detection methods. In this post I will go over this particular module. Setting…

Security October 11, 2017

Phishing Demonstration Setup with Kali

The post contains a crude example on how to easily clone an existing site for use in a phishing campaign. It is based on rudimentary techniques as it is only meant as a proof-of-concept demonstration…

Security September 21, 2017

Cisco ISE 2.3 as authenticator for Palo Alto Networks Firewalls

There are several ways of authenticating toward the management interface of a Palo Alto Networks Firewall (PANW). The authentications options boils down to three distinct ways namely (or mixes of the three): Local Username, Local…

Staffeldt.Net

Yet another corner of the Internet