Is Your ASA Actually Doing What You Expect?

Presented by

Nick Russo, Technical Leader, Cisco Systems

About this talk

The core concepts surrounding DevOps and infrastructure-as-code have permeated into the network automation over the past several years. Some of you have probably employed these techniques to automate your firewall policy configurations in production. Often times, the administrator will poke holes in their firewalls to enable critical applications to function, but how often do we explicitly test the effectiveness of our rulesets? To address this gap, I've written a Python-based tool using Nornir and Netmiko that can rapidly test distributed Cisco ASA deployments for policy compliance. This session explores how the tools work in-depth.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (86)
Subscribers (20579)
We help developers deliver more secure, better performing software by providing forward-thinking actionable insights into their applications and environments – wherever they choose to build. Visit us online at