Internet Key Exchange has finally arrived at a version 2. Originally specified in RFC 4306, this protocol still runs over UDP port 500 just like version 1.

Get ready for a major paradigm shift with the new protocol. It no longer operates in two phases! Instead, from 2 to 5 messages are used in a single negotiation process. The old phase 2 process, called the child Security Association (SA), is now accomplished in this single negotiation process.

Question: Can you please explain in the simplest form 1) the difference between nat control vs no nat control and 2) how does this behavior change from pre 8.3 ASA codes vs. post 8.3 ASA codes?  The more I read Cisco's documentation, the more I am confused by the changes and its behavior.

Control Plane Policing (CoPP)

 

Relevant Certifications: CCNA Security, CCNP Security, CCIE R&S, CCIE Security 

 

Documentation Path Used: Cisco.com - Support - All Products - IOS and NX-OS - Cisco IOS - 15S - 15.2S - Configuration Guides - Quality of Service Solutions Configuration Guide - QoS: Policing and Shaping Configuration Guide, Cisco IOS Release 15.2S - Control Plane Policing

 

Video Runtime: 60 minutes
Video Summary:

Here is part 2 of the much celebrated series on the Zone-Based Firewall. Enjoy! 

stormwind.com

Security and Monitoring with SNMP
Video Runtime: 23 minutes
Video Summary:


In this short Quick Tip video from a live online class, Anthony Sequeira teaches students the proper methods for creating custom signatures in Cisco IPS.

stormwind.com

Video Runtime: 13 minutes
Video Summary:


In this 13 minute quick tip video, Anthony Sequeira of StormWind.com walks students through the proper troubleshooting flow for issues discovered when trying to connect to the Cisco IPS sensor for management purposes. This is an example of the live, online classroom experience at StormWind.com.

stormwind.com

Video Runtime: 4 minutes
Video Summary:


In this short quick tip video from Anthony Sequeira at StormWind.com, you learn the important difference between Intrusion Detection systems and Intrusion Prevention systems in modern network security environments. This segment is an example of the HD live online classroom training at StormWind.com.

stormwind.com

Did you miss the class on Zone-Based Firewalls? Watch the HD recording now

http://www.youtube.com/user/StormWindLive?feature=mhee

In this 11 minute Quick-Tip session from StormWind, Cisco VIP instructor Anthony Sequiera will walk you through the daunting syntax of Private VLANs. This easy how-to session is an example of the real-world, online HD certification training done at StormWind.com.