0% found this document useful (0 votes)

208 views82 pages

FTD

The document discusses performance testing best practices for Cisco Firepower Threat Defense devices. It covers performance testing basics, types of benchmarks, factors that influence performance, tuning techniques, and overall best practices to maximize throughput and efficacy. The presentation includes a demo of performance and threat efficacy testing.

Uploaded by

MPLS

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

208 views82 pages

FTD

Uploaded by

MPLS

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 82

Maximising Threat Ecacy and

Optimising Performance of Cisco

Firepower™ Threat Defense
Sumit Bist
Technical Solutions Architect

BRKSEC-2494
Cisco Webex Teams

Questions?
Use Cisco Webex Teams to chat
with the speaker after the session

How
1 Find this session in the Cisco Events Mobile App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space

BRKSEC-2494 © 2020 Cisco and/or its aliates. All rights reserved. Cisco Public 3
Firepower Diagonal Learning Map Thursday BRKSEC-2034 -14h45
Cloud Management of Firepower
and ASA with Cisco Defense
BRKSEC 3629 – 14h45 Orchestrator
Designing IPSec VPNs with Firepower Threat
Monday – 8h30 Defense integration for Scale and High Availability
TECSEC-2600
Next Generation Firewall Platforms and
Integrations
BRKSEC-2056 – 9h45 Friday
TECSEC-3004 Threat Centric Network
Troubleshooting Firepower Threat Security
Defense like a TAC Engineer PSOSEC-4905 - 13h30
The Future of the
Firewall BRKSEC-3035 – 8h30
Firepower Platforms Deep Dive

BRKSEC-3328 – 11h00 BRKSEC-3093 - 14h45

Making Firepower Management ARM yourself using
Center (FMC) Do More NGFWv in AZUR
BRKSEC-3300 – 9h00
Thursday
Advanced IPS Deployment
BRKSEC 2348 – 17h00 with Firepower NGFW
Deploying AC with FP – posture & MFA
BRKSEC-2140 – 9h00
2 birds with 1 stone: Duo
Wednesday integration with Cisco ISE and
BRKSEC 2020 – 11h00 Firewall solutions
Deploying FP Tips and Tricks BRKSEC-3455 – 11h15
Dissecting Firepower NGFW:
Architecture and Troubleshooting
Tuesday BRKSEC 2494 – 8h30
Maximizing Threat Efficacy & BRKSEC-3032 – 11h30
Firepower NGFW
Performance
BRKSEC-2663 -16h45 Clustering Deep Dive

BRKSEC 3063 - 14h30 DDoS Mitigation: Introducing Radware Deployment

Decrypting the Internet with Firepower!

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Your Speaker

Sumit Bist
[email protected]
Solutions Architect

• 8 years Experience with TAC

• 5+ years Experience with Firepower

• Core Architect for Security Experience Center

• Security Evangelist @University/College

BRKSEC-2494 © 2020 Cisco and/or its aliates. All rights reserved. Cisco Public 5
Agenda
• Introduction
• Performance Testing-101
• Best Practices
• Demo

• Threat Efficacy Testing

• Best Practices
• Demo

• Conclusion
• Session Takeaways

BRKSEC-2494 © 2020 Cisco and/or its aliates. All rights reserved. Cisco Public 6
Session Objectives

• Test Drive your NGFW

• To acquire necessary knowledge, techniques on evaluating and

benchmarking Cisco Firepower Threat Defense Platforms.

• Learn best practices valuable for both testing and production

environments.

• Guidance to sizing NGFW

BRKSEC-2494 © 2020 Cisco and/or its aliates. All rights reserved. Cisco Public 7
Introduction – Key Terminology
These terms are within the context of Firepower Threat Defense.
Term Definition

FTD Firepower Threat Defense – unified software image (ASA + Firepower)

Lina Underlying ASA-derived process that is integrated into the FTD product

Snort Components of the Firepower product integrated into FTD

FMC Firepower Management Center – Off-box GUI used to manage FTD devices
(Configuration, reporting, monitoring, etc.)

FXOS Firepower Extensible Operating System – System that manages the hardware
platforms for Firepower 9300, 4100, and 2100 series products

BRKSEC-2494 © 2020 Cisco and/or its aliates. All rights reserved. Cisco Public 8
Introduction – Key Terminology
These terms are within the context of Performance & Threat Efficacy Testing .
Term Definition

DUT Device Under Test

CPS New connections per Second

Maximum Open Maximum number of concurrent/open connections on device

Connections
IMIX/EMIX Internet Mix or Enterprise traffic consisting of varying packet
sizes, services and applications
Security/Threat Efficacy Security effectiveness, coverage and accuracy

POV or POC Proof of Value/Proof of Concept

BRKSEC-2494 © 2020 Cisco and/or its aliates. All rights reserved. Cisco Public 9
Introduction – What is Firepower Threat
Defense?
• ASA and Firepower
functionality wrapped into a
single, unified image
ASA Firepower
(Lina) (Snort)
• All processes run within single
operating system

• Latest hardware platforms

introduce Firepower Extensible
Operating System (FXOS) as
FTD
FXOS
wrapper around FTD
application
FXOS

BRKSEC-2494 © 2020 Cisco and/or its aliates. All rights reserved. Cisco Public 10
Firepower Threat Defense - Functional Diagram

Platform (Virtual, FPR 1100, 2100, 4100, 9300)

Lina Internal, DMA-based packet transport system

Physical
Layer,
Interface
allocation,
HW
ARP, NAT,
Routing, L3 Snort
redundancy ACLs, TCP
State AppID, URL Filtering, IPS, SSL Decryption, User
Checking Awareness, Geolocation, Security Intelligence

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Performance Testing-101
Performance Testing 101

• Performance Basics
• Types of Performance benchmarks
• Influencing factors
• Performance Tuning
• Best Practices

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Performance Basics

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Lina vs Snort Overview

OSI Layer Component Examples

L1 - Physical FXOS, 5500-X, Virtual platforms Interface allocation, L1
configuration
L2 - Data Link Lina Interface MAC Addressing,
(FXOS handles LACP on Firepower ARP
platforms - 2100, 4100, 9300)
L3 - Network Lina IP Address assignment,
Routing, NAT
L4 - Transport Lina TCP State checking, L4 ACLs

L5-7 - Session, Snort AppID, URL Filtering, IPS, SSL

Presentation, and (Lina L7 inspection via Modular Decryption, User Awareness
Application Layers Policy Framework (MPF))

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Types of Performance benchmarks

Objective Connection profile

Data delivered over a Optimum connection rate
Maximum Throughput period of time

Maximum Connections Maximum new connections Short-lived connections with

per second per second low bandwidth

Maximum number of Long lived ows with low to

Maximum Concurrent
open/existing connections mid bandwidth
connections

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
The World of Testing tools

• Industry standard (licensed) • Freeware (Open Source)

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Performance Factors

• Elephant Flows
CPU • Load Distribution
• Connections per second

Memory

Throughput

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Performance Factors

CPU

• Number of policies/rules
Memory • Maximum active connections

Throughput

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Performance Factors

CPU

Memory • Type of Traffic (HTTP vs EMIX)

• Features Enabled (SSL Decryption,
IPS, AMP)
Throughput • Availability of free CPU cores and
memory

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Performance Tuning
Agenda
Increase in
Average Packet size
Average
Object size Packet size
SSL Record size
Delayed Ack Increase in
Throughput
Load/Connection Ramp-up Profile

Load-distribution

Long persistent flows

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Performance Tuning
Average Packet size

• Each “person” in elevator consumes different amount of space.

• Unfortunately they don’t look like this:

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Performance Tuning
Average Packet size

• Typical packet length distribution

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
Performance Tuning

Object size
SSL • Application data sent in response
Record to GET request
Object Size
size

SSL Record Size

Delayed
Ack
• Application data delivered via TLS

Delayed Ack
• Combines several Ack responses
into one.
Average Packet size
BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Performance Tuning
HTTP object size

• Application data sent in response to GET request

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
Performance Tuning

SSL Record size

• Application data delivered via TLS

• Maximum TLS record size: 214 bytes i.e. ~16KB

Sample : Average packet size vs Record size

SSL Record Size Observed Average packet size

410 bytes ~512 bytes
1460 bytes ~765 bytes
2200 bytes ~1024 bytes

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
Performance Tuning

Delayed Ack

• Reduces protocol overhead by reducing number of ACKs

• Results in higher Average packet size thereby increasing overall Throughput

Sample: Delayed Ack tuning

Send Ack after every 4
segments
(Receive Window÷MSS)

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
Performance Tuning
Load/Connection Ramp-up Profile

• Short connection ramp-up time may create traffic bursts when testing with
small packet size.
• It may result into interface oversubscription on DUT.
Max Sessions

Data Rate
Sessions Per Second

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Performance Tuning
Load/Connection Ramp-up Profile

• Follow Stairstep approach for Load profile

• Increment ‘n’ connections per interval
Max Sessions

Data Rate
Sessions Per Second

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
Performance Tuning
Load-distribution on CPU cores

• Maintain even load-balancing of flows to cpu cores

• Follow 5-tuple rule
> show asp inspect-dp snort
SNORT Inspect Instance Status Info

Id Pid Cpu-Usage Conns Segs/Pkts Status

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
Performance Tuning
Load-distribution on Cluster Units

• Maintain even load/connection distribution on all units in FTD cluster

> show cluster info conn-distribution

Unit Total Conns (/sec) Reg Conns (/sec) Dir Conns (/sec) Fwd Conns
(/sec)
unit-1-1 12448 6218 6230 0

unit-1-2 12629 6209 6420 0

unit-1-3 12247 6235 6012 0

Even
Distribution
BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Performance
Troubleshooting
Performance Troubleshooting

Test Type Command-set DUT saturated at

Maximum show asp inspect-dp snort ASP drops show ‘snort-busy’ drops
Throughput show cpu detailed
show asp drop
CPU usage shows 100%
show resource usage ASP drops show ‘snort-busy’ drops
Maximum show cpu detailed
show asp inspect-dp snort
CPS CPU usage shows 100%
show asp drop
Maximum show resource usage ASP drops show ‘punt-no-mem’ drops
Open show asp drop
show memory
Connections Memory errors in
show blocks
show console-output

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Best Practices
Baselining Your Test

Always baseline your test back to back before connecting your DUT

Wired back
to back for
baseline

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
Default MSS Settings
• Ixia Breaking point does not
dynamically adjust MSS. You will
need to manually set it from 1460
to 1380 bytes
Best Practices • Cyberflood will dynamically adjust
Testing Tools MSS.

Test Tool resource utilization

• Always check CPU/memory
statistics on test tool, especially for
TLS throughput test

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
There is no MAX All test, break it
down into separate test cases.

Clear the residual connections

Best Practices using “clear connection” from
FTD CLI, after every test run

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Best Practices
• Tune sub-optimal logging
• Especially applicable to Maximum new connections per second test

Disable

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
Best Practices
• Small average size packets with high input rate (micro-bursts) may lead to interface
oversubscription (overrun, no buffer drops)
• Tune average packet size and connection ramp-up rate.

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
Create Trust/Prefilter/IAB rules for:

YouTube or any video and music

streaming apps

Best Practices
Elephant flows – e.g. Database
sync operations

VoIP protocols

East-West traffic
BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
Smart Inspection
Tune AMP/File policy’s direction of file
transfer

Best Practices Select only file types which needs

inspection

If TLS decryption is not being used, do

not enable AMP/File inspection for
SSL/TLS traffic.
BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
Early Detection
Rules with known parameters (5 tuples,
URLs, Users, SGT tags, VLAN tags)
should be configured be at the top of
rule order

Best Practices Rules configured with Application

detectors takes more Rule evaluation
time than rules with known parameters

For e.g: For an internal DNS server,

consider creating a rule with UDP port
53 instead of DNS application

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
Demo: Recreating Data Sheet Numbers
Recreating Data Sheet Numbers – FPR4115

Datasheet Reference: http://cs.co/90071dan7

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
Recreating Maximum Connections per Second
Preconditions to Test Any-Any
Allow rule
• Access-Policy

• Traffic Profile: HTTP only

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Recreating Maximum TLS Throughput
Preconditions to Test

• SSL version: TLS 1.2, RSA key: 2048 bit, Cipher suite: TLS_RSA_AES256_SHA
• Traffic Profile: 50% TLS, 50% HTTP Any-Any
Allow rule
• Access-Policy

• SSL Policy: Decrypt Resign

• SSL Record Size: 1460 bytes
• Session Reuse
BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Threat Efficacy Testing
How is it different?

Real World Traffic Test Tool Traffic

Accurate host profile Host profile might change with

each exploit run

Use Firepower Rule Firepower Rule

Recommendations for further Recommendations is not reliable
tuning

For an in-depth discussion of IPS tuning,

see Gary Halleen’s BRKSEC-3300 session.

• Strikes are usually based off common vulnerabilities (CVE’s) and exploits

• Advanced Fuzz Testing: Strike Variants using Evasion Profile

• Covers multiple exploit versions of a strike.

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Best Practices
Application Protocol fixup (lina)
Application inspection on lina side
might lead to traffic drops, thus
hampering test results.

Best Practices Disable fixup protocol fixups from

FTD CLI, for e.g:

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
Always use latest SRU/VDB
packages installed for the
most recent Snort IPS Rules
Set and Vulnerability Database
Best Practices
As older rules become
irrelevant, they can be
FMC  Security Updates disabled in a more recent SRU

Best Practices
FMC  Variable Sets

Configure an AMP policy to block

Best Practices malware.

FMC  AMP/File Policy

• Set IPS policy to Maximum Detection

• Set Network Analysis Policy to Maximum Detection
• Create a Malware Policy

Bigger object size

Delayed ACK configured
Even Load Distribution
Longer flows (multiple GETs on a single persistent connection)
Larger Average packet size

Higher Throughput
BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
Session Takeaways
Session Takeaways
Data points to collect before starting a sizing estimation
• Traffic mix
• Average packet size
• Average CPS numbers
• Enabled features
• An estimate of the average number of rules
• Amount of logging on rules
• Amount of SSL Traffic needing decryption

• Repeat the Performance/Throughput tests with a more realistic (close to

production) Average packet size and Traffic profile.
• ASA or Firepower customers can use “show traffic” command to find
Average packet size

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Session Takeaways
Existing Firepower customers can leverage FMC Dashboard Reporting to
understand the Applications and traffic profile in their network.

Assisted POVs (Global)

• POVaaS - Firepower vPods in dCloud
• Performance, Threat efficacy & Functional testing
• Custom scripting
POV
Assistance

Customer/Partners can request engagement

by contacting their GSSO TSA’s
BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 67
Firepower Diagonal Learning Map Thursday BRKSEC-2034
Cloud Management of Firepower and ASA
with Cisco Defense Orchestrator
BRKSEC 3629
Designing IPSec VPNs with Firepower Threat Defense
Monday integration for Scale and High Availability
TECSEC-2600 – for beginners
Next Generation Firewall Platforms and Friday
Integrations
TECSEC-3004 – for existing customers BRKSEC-3035
Troubleshooting Firepower Threat Firepower Platforms Deep Dive
Defense like a TAC Engineer
BRKSEC-2056
Threat Centric Network Security

BRKSEC-3328 BRKSEC-3093
Making Firepower Management ARM yourself using NGFWv
Center (FMC) Do More in AZUR

Thursday BRKSEC-3300
Advanced IPS Deployment
BRKSEC 2348
with Firepower NGFW
Deploying AC with FP

Friday BRKSEC-2140
2 birds with 1 stone: DUO
BRKSEC 2020 Wednesday integration with Cisco ISE and
Deploying FP Tips and Tricks Firewall solutions
BRKSEC-3455
Dissecting Firepower NGFW:
Architecture and Troubleshooting
Tuesday
BRKSEC 2494 BRKSEC-3032
Maximizing Threat Efficacy & Perf Firepower NGFW Clustering
Deep Dive
BRKSEC-2663
BRKSEC 3036 DDoS Mitigation: Introducing Radware Deployment
Decrypting the Internet with Firepower!

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
Complete your
online session
survey • Please complete your session survey
after each session. Your feedback
is very important.
• Complete a minimum of 4 session
surveys and the Overall Conference
survey (starting on Thursday) to
receive your Cisco Live t-shirt.
• All surveys can be taken in the Cisco Events
Mobile App or by logging in to the Content
Catalog on ciscolive.com/emea.

Cisco Live sessions will be available for viewing on

demand after the event at ciscolive.com.

Demos in the
Walk-In Labs
Cisco Showcase

Meet the Engineer

Related sessions
1:1 meetings

• If ingress FIFO is full, frames are dropped

• No free slots in RX ring (CPU/memory bound)
• No buffer on memory move errors, overrun on FIFO drops

• FIFO is not affected by packet rates, but RX rings are

• Fixed memory block size regardless of actual frame size
• Ingress packet bursts may cause congestion even at low bits/sec

Can be leveraged to lists the rules whose

recommended states differ from their saved
states, before applying changes.

Include protected/inside networks

Modify Rule Overhead if there

are existing high rule overhead
signatures that needs review

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Better filter for Firepower Recommendations
Excerpt 1: Filter all “Drop and Generate Events” rules which will be enabled after using
recommendations.
Under Intrusion Policy:
• First click on “Disabled” under Rule State
• Then click on ”Drop and Generate Events” under Recommendation

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
Better filter for Firepower Recommendations
Excerpt 2: Filter all “Drop and Generate Events” rules which will be disabled after using
recommendations.
Under Intrusion Policy:
• First click on “Drop and Generate Events” under Rule State
• Then click on ”Disabled” under Recommendation

• IAB is a performance optimization tool for jumbo flows

• Invoked in a simple 2-step process:
1. Does snort exceed the ”Inspection Performance Thresholds” (high CPU, % dropped traffic, etc)?
2. If yes, then dynamically Trust flows which match “Flow Thresholds” (bytes/sec, packets/flow,
etc).
• Configured under Access Control Policy > Advanced tab

Policy CVSS Score Vulnerability Age

Connectivity over Security 10 Current year, plus 2 prior

(2019, 2018, and 2017)
Balanced Security and 9+ Current year, plus 2 prior
Connectivity Rule Categories: Malware-CNC, Blacklist, SQL
Injection, Exploit Kit
Security over Connectivity 8+ Current year, plus 3 prior
(2019, 2018, 2017, and 2016)
Rule Categories: Malware-CNC, Blacklist, SQL
Injection, Exploit Kit, App-Detect
Maximum Detection 7.5+ 2005 and later
Rule Categories: Malware-CNC, Exploit Kit

BRKSEC-2494 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
Trust Rules
• Within the Access Control Policy, defined traffic can be exempted from
File and IPS inspection, which accelerates it through the appliance.

• Security Intelligence feeds are still applied to Trust rules.

• On FP-4100/9300 appliances, a Trust rule enables Dynamic Flow Offload

on eligible flows, and handles the traffic on the HW NIC.
Not supported on Inline, Inline Tap, or Passive Interfaces.

• Similar to a Trust rule, but Security Intelligence is not applied.

• On FP-4100/9300 appliances, a Fastpath rule enables Static Flow Offload on

eligible flows, and handles the traffic on the HW NIC.
Not supported on Inline, Inline Tap, or Passive interfaces.

• Enable/disable the capability of an SSL/TLS server to resume an

SSL/TLS session by Session ID.
• For e.g: If “Sessions before renegotiation” is configured as 5:

Full handshake -> Get new session ID, 1st use

Reuse -> #2nd use
Reuse -> #3rd use
Reuse -> #4th use
Reuse -> #5th use
Full handshake -> Get new session ID

Group Encrypted Transport VPN (GETVPN) Design and Implementation Guide
No ratings yet
Group Encrypted Transport VPN (GETVPN) Design and Implementation Guide
220 pages
Tni Sda Design Final Perjensen
No ratings yet
Tni Sda Design Final Perjensen
17 pages
Cisco SD-Access - A Look Under The Hood
No ratings yet
Cisco SD-Access - A Look Under The Hood
121 pages
Zero Trust Data Security Guide
No ratings yet
Zero Trust Data Security Guide
42 pages
Fault Codes For Series 26 DF 2022-01-11
No ratings yet
Fault Codes For Series 26 DF 2022-01-11
2 pages
Penetration Testing and Network Defense
No ratings yet
Penetration Testing and Network Defense
624 pages
Check & Verify Form Sample
No ratings yet
Check & Verify Form Sample
6 pages
Seven Direct SD50 PH Ion Meter Manual
No ratings yet
Seven Direct SD50 PH Ion Meter Manual
70 pages
BRKSDN 2500
No ratings yet
BRKSDN 2500
86 pages
Nutanix LCM Log Collection Utility
No ratings yet
Nutanix LCM Log Collection Utility
4 pages
AWS EBS Snapshot Interview Questions and Answers - Telugu DevOps Guru - Muralidhara Reddy Moole
No ratings yet
AWS EBS Snapshot Interview Questions and Answers - Telugu DevOps Guru - Muralidhara Reddy Moole
22 pages
Reliability, Culture and Data-1
No ratings yet
Reliability, Culture and Data-1
5 pages
Better Practices For Guest Networks On Cisco Catalyst Wireless - BRKEWN-2284
No ratings yet
Better Practices For Guest Networks On Cisco Catalyst Wireless - BRKEWN-2284
106 pages
Flipkart Labels 27 Jun 2025-07-47
No ratings yet
Flipkart Labels 27 Jun 2025-07-47
1 page
Division Memorandum No. 579, S. 2024
No ratings yet
Division Memorandum No. 579, S. 2024
5 pages
Physics - Phy-H-Dse-T-03 (Communication Electronics)
No ratings yet
Physics - Phy-H-Dse-T-03 (Communication Electronics)
2 pages
T2-Orion Throttle Base-Manual en V 1.0
No ratings yet
T2-Orion Throttle Base-Manual en V 1.0
8 pages
Harony P6 Past Papers Final 2023 Edited
No ratings yet
Harony P6 Past Papers Final 2023 Edited
314 pages
Password Strength Tester Ijariie20152
No ratings yet
Password Strength Tester Ijariie20152
12 pages
High-Speed PWM Controller: Features Description
No ratings yet
High-Speed PWM Controller: Features Description
20 pages
Mod 6 Sma
No ratings yet
Mod 6 Sma
7 pages
CISCO Firepower NXGFW
No ratings yet
CISCO Firepower NXGFW
24 pages
Ecs RN 3803
No ratings yet
Ecs RN 3803
26 pages
G9 Revision Work Sheet
No ratings yet
G9 Revision Work Sheet
3 pages
Final Examination - Spring 2021 Semester Sajid Ali - 40760: Faculty of Engineering, Sciences and Technology
No ratings yet
Final Examination - Spring 2021 Semester Sajid Ali - 40760: Faculty of Engineering, Sciences and Technology
4 pages
Topic IV Hand Sketched Schematic Diagram
No ratings yet
Topic IV Hand Sketched Schematic Diagram
23 pages
AI-Driven Approaches For Autonomous Vehicle Fleet Coordination and Routing
No ratings yet
AI-Driven Approaches For Autonomous Vehicle Fleet Coordination and Routing
22 pages
Marketing Case Study
No ratings yet
Marketing Case Study
13 pages
List Dict Set Tuple
No ratings yet
List Dict Set Tuple
23 pages
Sony X90J Final
No ratings yet
Sony X90J Final
3 pages
350-701 SCOR Exam Dumps - 40Q
No ratings yet
350-701 SCOR Exam Dumps - 40Q
6 pages
Web Application Development: Essay Report Web Programming and Applications
No ratings yet
Web Application Development: Essay Report Web Programming and Applications
27 pages
Windows Memory Diagnostic User Guide Download Windows Memory Diagnostic
No ratings yet
Windows Memory Diagnostic User Guide Download Windows Memory Diagnostic
8 pages
Internationalization Notes
No ratings yet
Internationalization Notes
21 pages
GDOH HIS SAP Business Client Configuration
No ratings yet
GDOH HIS SAP Business Client Configuration
14 pages
Cisco Catalyst SD-WAN Systems and Interfaces Configuration Guide
No ratings yet
Cisco Catalyst SD-WAN Systems and Interfaces Configuration Guide
874 pages
Tecsec 2345
No ratings yet
Tecsec 2345
249 pages
Cisco ASA Syslogs Messages
100% (1)
Cisco ASA Syslogs Messages
730 pages
209 Arista Campus Architectures ATA 2024
No ratings yet
209 Arista Campus Architectures ATA 2024
71 pages
Brksec 2050
No ratings yet
Brksec 2050
191 pages
BRKCRS 2802
No ratings yet
BRKCRS 2802
114 pages
Aiml Demo
No ratings yet
Aiml Demo
12 pages
Cisco Dna Center
100% (1)
Cisco Dna Center
294 pages
BRKEWN - Cisco - Live - Understanding RF Fundamentals-2017
No ratings yet
BRKEWN - Cisco - Live - Understanding RF Fundamentals-2017
170 pages
Updted Project Writing Guidelines
No ratings yet
Updted Project Writing Guidelines
29 pages
Cisco Firepower Next-Generation Firewall: Performance Highlights
No ratings yet
Cisco Firepower Next-Generation Firewall: Performance Highlights
12 pages
Cisco Catalyst 9800-CL Wireless Controller For Cloud Deployment Guide
No ratings yet
Cisco Catalyst 9800-CL Wireless Controller For Cloud Deployment Guide
80 pages
COMSATS Institute of Information Technology, Islamabad: Terminal Examination Fall2014
No ratings yet
COMSATS Institute of Information Technology, Islamabad: Terminal Examination Fall2014
8 pages
Brkarc 3437
No ratings yet
Brkarc 3437
110 pages
Conference Paper NIDS PCAP Transformation
No ratings yet
Conference Paper NIDS PCAP Transformation
11 pages
Sample
No ratings yet
Sample
93 pages
5.4.1.2 Packet Tracer - Skills Integration Challenge Instructions-Ok
50% (2)
5.4.1.2 Packet Tracer - Skills Integration Challenge Instructions-Ok
9 pages
LTRDCN 3077
No ratings yet
LTRDCN 3077
58 pages
Dokumen - Pub - CCDP Self Study Designing Cisco Network Architectures Arch 1587051850 9781587051852
No ratings yet
Dokumen - Pub - CCDP Self Study Designing Cisco Network Architectures Arch 1587051850 9781587051852
697 pages
ISE Auth-Feature Flows - v1
No ratings yet
ISE Auth-Feature Flows - v1
36 pages
2.a What Is A Digital System? Why Are Digital Systems So Pervasive? Answer
No ratings yet
2.a What Is A Digital System? Why Are Digital Systems So Pervasive? Answer
23 pages
BRKDCN 3346
No ratings yet
BRKDCN 3346
161 pages
BRKSDN-2777 (2019)
No ratings yet
BRKSDN-2777 (2019)
152 pages
Cisco DNA Subscription Software For SD-WAN and Routing FAQ Nb-06-Dna-Sw-Rout-Sub-Faq-Ctp-En
No ratings yet
Cisco DNA Subscription Software For SD-WAN and Routing FAQ Nb-06-Dna-Sw-Rout-Sub-Faq-Ctp-En
13 pages
Brkewn 2006 PDF
No ratings yet
Brkewn 2006 PDF
119 pages
Cisco Sd-Wan Vmanage Cluster Creation and Troubleshooting
No ratings yet
Cisco Sd-Wan Vmanage Cluster Creation and Troubleshooting
27 pages
Cisco Book Online - Cisco Application Centric Infrastructure Fundamentals, Releases 2.x and 3.x - B - ACI-Fundamentals PDF
No ratings yet
Cisco Book Online - Cisco Application Centric Infrastructure Fundamentals, Releases 2.x and 3.x - B - ACI-Fundamentals PDF
314 pages
Ccie Entreprise SW
100% (1)
Ccie Entreprise SW
282 pages
Cisco CCNA Exam - Are You Ready - Take This 10-Question Quiz To Find Out
No ratings yet
Cisco CCNA Exam - Are You Ready - Take This 10-Question Quiz To Find Out
9 pages
Securing Networks With Cisco Firepower Next Generation Firewall SSNGFW
No ratings yet
Securing Networks With Cisco Firepower Next Generation Firewall SSNGFW
5 pages
Cisco FireSight NRFU
No ratings yet
Cisco FireSight NRFU
16 pages
Fawad Ahmad - Resume - 2023-August-2-2
No ratings yet
Fawad Ahmad - Resume - 2023-August-2-2
2 pages
CCNA 200-301 Official Cert Guide, Volume 2-13
No ratings yet
CCNA 200-301 Official Cert Guide, Volume 2-13
3 pages
Catalyst 6500 Series and Cisco 7600 Series Firewall Services Module Installation and Configuration Note
No ratings yet
Catalyst 6500 Series and Cisco 7600 Series Firewall Services Module Installation and Configuration Note
218 pages
10.1 9. Flex VPN
No ratings yet
10.1 9. Flex VPN
27 pages
(Updated 2018) 300-208 Dumps - 300-208 SISAS Exam Questions PDF
No ratings yet
(Updated 2018) 300-208 Dumps - 300-208 SISAS Exam Questions PDF
11 pages
PASSLEADER BY aNTON DUMP CCNA SEC
No ratings yet
PASSLEADER BY aNTON DUMP CCNA SEC
36 pages
Implementing and Administering Cisco Solutions (CCNA) v2.0: What You'll Learn
No ratings yet
Implementing and Administering Cisco Solutions (CCNA) v2.0: What You'll Learn
5 pages
Reinventing Data Center Switching: © 2013 Arista Networks. All Rights Reserved. Arista Confidential
No ratings yet
Reinventing Data Center Switching: © 2013 Arista Networks. All Rights Reserved. Arista Confidential
20 pages
Cisco Unified Wireless Network Solution Overview
No ratings yet
Cisco Unified Wireless Network Solution Overview
20 pages
Installation Guide For Cisco ACS
No ratings yet
Installation Guide For Cisco ACS
8 pages
300 725 SWSA v1.1
No ratings yet
300 725 SWSA v1.1
3 pages
BRKRST 2096
No ratings yet
BRKRST 2096
137 pages
CCIE Security Book List - Cisco Systems
100% (1)
CCIE Security Book List - Cisco Systems
2 pages
Meraki
No ratings yet
Meraki
4 pages
Exam Questions 350-701: Implementing and Operating Cisco Security Core Technologies
No ratings yet
Exam Questions 350-701: Implementing and Operating Cisco Security Core Technologies
7 pages
N7K Architecture
No ratings yet
N7K Architecture
85 pages
CCIE Enterprise Infrastructure (v1.0) Exam Topics - Practical Exam
No ratings yet
CCIE Enterprise Infrastructure (v1.0) Exam Topics - Practical Exam
8 pages
Cloud Networking Portfolio: Universal Cloud Network and Ecosystem
No ratings yet
Cloud Networking Portfolio: Universal Cloud Network and Ecosystem
6 pages
300-420 ENSLD Designing Cisco Enterprise
No ratings yet
300-420 ENSLD Designing Cisco Enterprise
3 pages
Deploying Ipv6 in Branch Networks: Last Updated: April 8, 2011
No ratings yet
Deploying Ipv6 in Branch Networks: Last Updated: April 8, 2011
40 pages
Modular Policy Framework - MPF
No ratings yet
Modular Policy Framework - MPF
10 pages
Deploying and Managing a Cloud Infrastructure: Real-World Skills for the CompTIA Cloud+ Certification and Beyond: Exam CV0-001
From Everand
Deploying and Managing a Cloud Infrastructure: Real-World Skills for the CompTIA Cloud+ Certification and Beyond: Exam CV0-001
Abdul Salam
No ratings yet
Implementing NetScaler VPX™ - Second Edition
From Everand
Implementing NetScaler VPX™ - Second Edition
Sandbu Marius
No ratings yet
Configuring IPCop Firewalls: Closing Borders with Open Source
From Everand
Configuring IPCop Firewalls: Closing Borders with Open Source
Barrie Dempster
No ratings yet