Networking With Ehsan

Podcasts

21Dec

What Is an Isolated Recovery Environment (IRE)? Secure Recovery After Ransomware

In Episode 15 of Ehsan’s Tech Lounge, we address one of today’s most critical cybersecurity scenarios: After a ransomware attack, how can recovery be performed securely?
Having backups alone is not sufficient. Recovering directly into a production environment—or into an environment that was previously compromised—can lead to re-infection and a repeat of the attack. This is where the concept of an Isolated Recovery Environment (IRE) becomes essential.
In this episode, we examine:
Why traditional Backup and Disaster Recovery approaches fail after a ransomware attack
What an Isolated Recovery Environment (IRE) is, and how it differs from Incident Response and Disaster Recovery
Why isolation is the core pillar of cyber recovery after ransomware
How the VMware IRE approach helps address these challenges
This episode is intended for:
Security Engineers and SOC teams
Infrastructure and Virtualization Engineers

15Dec

When Backup Fails: Understanding Cyber Resilience and Cyber Vaults

In this episode of Ehsan’s Tech Lounge, we take a step-by-step look at why, in today’s world, Backup alone is no longer sufficient to withstand modern cyberattacks and ransomware.
This episode is structured around four main sections:
1️⃣ What Is Cyber Resilience and Why It Matters We define Cyber Resilience, explain how it differs from Backup and Disaster Recovery, and discuss the importance of designing systems with an Assume Breach mindset.
2️⃣ Why Backup Alone Fails Against Ransomware An examination of the detection gap, the limitations of traditional backup and vault solutions, and the real-world challenges of RPO and RTO during cyberattacks.
3️⃣ From Backup to Cyber Vault: The Need for Cyber Resilience Why the Cyber Vault has emerged as the last line of defense, and how it fits into a broader Cyber Resilience strategy.
4️⃣ HPE Cyber Resilience Vault Architecture and Business Impact An architectural view of the HPE Cyber Resilience Vault, the role of rapid recovery, and its impact on reducing risk, downtime, and business losses.
At the end of this episode, we review a practical and powerful solution as a real-world example, demonstrating how Cyber Resilience can be implemented in an effective and operational manner.

08Dec

Cisco ACI: Why is it still the backbone of Private Cloud?

9 key topics covered in this episode:
🔹 Single Point of Management — Centralized control for hundreds of switches
🔹 Out-of-the-Box Automation — Built-in automation from onboarding to underlay
🔹 Virtual Machine Manager Integration — Integration with VMware, Nutanix, etc.
🔹 True Multi-Tenancy — Full tenant isolation with true RBAC
🔹 Multi-AZ / Remote Leaf / Multi-Site — Scalable datacenter deployment scenarios
🔹 Powerful REST API — Fully API-first architecture
🔹 Automation Stack — Ansible / Terraform / Nexus as Code
🔹 Pervasive Zero-Trust Security — ESG/EPG with modern security enforcement
🔹 L4-L7 Service Chaining with PBR — Steering traffic through FW/LB without network complexity

30Nov

Cisco Nexus One

In this episode, we dive into one of Cisco’s newest and most important announcements in the world of data centers: Cisco Nexus One — the next-generation switching platform designed to make the integration between ACI, EVPN, and VXLAN simpler, more flexible, and more intelligent.
In this video, we explore five key topics:
🔹 1. A look at the evolution of SDN in Cisco data centers How did we move from traditional architectures to ACI, and now to Nexus One?
🔹 2. Introducing a new role in ACI: the ACI Border Gateway What does this new component do, and which challenges does it solve?
🔹 3. Deep dive into the architecture of Cisco Nexus One A breakdown of the ASIC, fabric, pipeline, and Nexus One’s position in future data center networks.
🔹 4. Understanding VXLAN connectivity between EVPN and ACI How do these two technologies interact and integrate?
🔹 5. Examining Policy models between ACI and EVPN What’s the difference between Policy-Unaware and Policy-Aware, and when is each used?
If you work with Cisco ACI, EVPN, VXLAN, or data center design, this episode is for you.

23Nov

Microsegmentation with GPO

In this episode, we dive into one of the most important innovations shaping modern data center architectures: Micro-Segmentation using GPO (Group Policy Option) in VXLAN-EVPN and NX-OS environments.
In this episode, we explain:
- The role of Group Policy Option (GPO) in enabling true micro-segmentation
- ESG, SGACL, and how policies are carried along with the traffic
- GPO architecture on NX-OS and the difference between Ingress vs. Egress enforcement
- Service Chaining, traffic redirection, and distributed security at the Leaf
- Capabilities, limitations, and the technical improvements in recent NX-OS releases
- The future of GPO and why it is becoming one of the key pillars of security in modern fabrics

16Nov

What is ZTNA? (Agentless)

In this episode, we dive into one of the most important concepts in the world of network security:
ZTNA – Zero Trust Network Access
1️⃣ Introduction to ZTNA
Why “no one is trusted by default”
The role of identity and device posture in modern security
2️⃣ Comparing ZTNA with VPN
Why VPN is no longer enough
Application-based security vs. full network access
Advantages, weaknesses, and real-world scenarios
3️⃣ Agentless ZTNA Architecture
Secure access without installing software on the user device

9Nov

Network That Never Sleeps - OOB

In this episode of Ehsan’s Tech Lounge, titled “Network That Never Sleeps,” we explored one of the most critical components of network infrastructure: Out-of-Band Management (OOB).

In this discussion, we explained what OOB is, why it plays a key role in network security and resilience, and how, during a crisis, it often becomes the only active path to regain control of the network.

We then took a brief look at ZTNA – Zero Trust Network Access, and finally analyzed Meta’s data center–scale OOB solution — an architecture based on Passive Optical Network (PON) technology that redefines resilience in the modern data center world.

2Nov

Business Logic Attacks

In this episode of Ehsan’s Tech Lounge, we dive into a silent but very serious threat: Business Logic Attacks — attacks that do not rely on code injection, but instead exploit the order of requests (user journey) and the logic of the application. These attacks often stay invisible to traditional firewalls and security tools.

What you’ll learn in this video:
• The difference between a traditional WAF and the need for modern API Security solutions
• Three real, relatable scenarios: coupon abuse, ATO (Account Takeover), and race conditions in fintech
• How API inventory, distributed tracing, and behavior baselining help uncover logic-based attacks
• A practical playbook for detection, rapid response, and remediation — actionable steps that DevOps and SecOps teams should start implementing today

If you found this video useful, hit the Like button and share it with your technical friends — especially DevOps teams, SecOps teams, and system architects.

26Oct

Cisco Secure Analytics (Stealthwatch) Explained: NDR for Modern Enterprise Networks

In this episode of the Tech Lounge series, we explored one of the most important network security solutions: NDR – Network Detection & Response.
We reviewed the architecture of Cisco Secure Analytics (SNA) — formerly known as Stealthwatch — analyzed common customer challenges, and explained how network traffic analytics can detect malicious behavior even without signatures.

🔍 Topics we covered:
• What is NDR and why is it critical today?
• SNA architecture and components (Flow Collector, Flow Sensor, UDP Director, etc.)
• The role of telemetry and NetFlow in security visibility
• A brief demo of the SNA environment

19Oct

Inside Cisco SD-WAN: How Modern WAN Automation Works

In this episode, we explore Cisco SD-WAN — one of the most modern and widely used enterprise networking solutions in the world.
We’ll explain how SD-WAN separates the control and data planes, how it simplifies and secures connectivity between branch locations, and how, using vManage, vBond, and vSmart, it automates policy and routing management.
If you’re looking for a real understanding of an automated, policy-driven, and secure WAN, this episode is for you!

12Oct

Inside SD-Routing: Cisco’s Next-Gen Approach to Smarter Networks

What exactly is SD-Routing, and why is Cisco betting big on it?
In this episode, we unpack how SD-Routing merges traditional routing with cloud-age intelligence, and what makes Cisco’s Gen 2 Routers the perfect platform for it.

05Oct

QUIC: Performance Revolution or Security Blind Spot?

In the fourth episode of Ehsan’s Tech Lounge Podcast, we explore how HTTP/3 powered by QUIC promises blazing-fast connections and a better user experience — but also introduces new visibility and inspection challenges for security vendors. We trace the evolution of HTTP protocols, unpack the architectural benefits of QUIC, and ask the critical question: Can our firewalls keep up? Join us as we analyze how vendors are tackling decryption, telemetry, and detection inside encrypted QUIC traffic.

28Sep

Why Firewall Sizing & Decryption Matter | Data-Center Security with MACsec

In this technical episode S1E3 we cover two tightly related topics: why firewall sizing — especially CPU capacity for TLS/SSL decryption — matters for detection and prevention, and how enabling MACsec on data-center links stops many MITRE ATT&CK techniques based on sniffing and frame injection.

21Sep

From Firewalls to Smart Switches: How DPUs Are Changing Security

In this episode, we dive into the next generation of networking and security — exploring Data Processing Units (DPUs), Cisco Hypershield, and Nexus 9300 Smart Switches.

15Sep

Cisco HyperFabric AI

We introduce Cisco HyperFabric AI—covering architecture, benefits, and learning paths for engineers entering AI infrastructure.

Networking With Ehsan – Podcasts