StaticNAT

I have been doing alot of reading lately about network monitoring, IDS, network problem diagnosis and other such topics. Out of that reading I have been picking up on something that was totally left out of my education in the finer arts of networking. That something is the necessary use of network TAPS for full visibility of of traffic in a structured switched Ethernet network. I plan on discussing that issue more in the near future. But on the front end I have discovered the need to use the existing SPAN and port mirroring options to get a better view on a highly VLAN’d environment. This article from NetworkIntrusion was just what the doctor ordered. So until I can get my hands on some TAPS and get some articles out about how they have revolutionized my troubleshooting methodology I hope this use of tried and true tools for monitoring switches helps.

I was on a client site about a month ago finishing an ASA install running PIX IOS 7.2.3. We were moving the client from flat ACLs to Object Group based ACLs, Object groups and named hosts. But for whatever reason we were having problems with the ACL. So from the command line I planned on using the tried and true no access-list “ACL NAME” to get rid of the offending ACL and start over. I was confused when the ACL did not go away. Well in reading 6200networks yesterday I came accross the the answer. From global config mode use clear configure access-list “id” and is should take care of that troublesome ACL. Thanks to Joe at 6200networks for the info.