https://community.cisco.com/t5/network-security/network-security-solution/m-p/1471528#M655440 <HTML><HEAD></HEAD><BODY><P>Points 4 and 5 can be half done by cut-through proxy half by CSC or a solution with external filtering enginers ... IronPort/websense.</P><P></P><P>3. MARS does not work as NAC - You need either clean access or older NAC ... meaning solutions with ACS.</P></BODY></HTML> Wed, 23 Jun 2010 16:30:47 GMT Marcin Latosiewicz 2010-06-23T16:30:47Z https://community.cisco.com/t5/network-security/network-security-solution/m-p/1471527#M655439 <P>Hi everyone!</P><P></P><P>I'm planning to design a security system for my company like this. I do not have experence so someone plese help me to correct this.</P><P>1. Externall firewall: Working as IPS (anti worms, virus, trojan, VPN, FTPS, HTTPS) with database updated</P><P>-&gt; using cisco 5540 with AIP card</P><P>2. Internal firewall: Working as IDS (sniffing and logging)</P><P>-&gt; using Cisco 5520 with CSC card<BR />3. Network Access Control</P><P>-&gt; using CSMARS (not sure)</P><P>4. Internet Proxy: <!--[if gte mso 9]><xml> <o:OfficeDocumentSettings> <o:RelyOnVML></o:RelyOnVML> <o:AllowPNG></o:AllowPNG> <o:TargetScreenSize>800x600</o:TargetScreenSize> </o:OfficeDocumentSettings> </xml><![endif]--><!--[if gte mso 10]> <style> /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif"; mso-bidi-font-family:"Times New Roman";} </style> <![endif]--><SPAN style="font-size: 10pt;"><STRONG style="line-height: 115%; font-weight: normal; ">caching proxy server, web proxy, Content Filtering Web Proxy, Anonymizing proxy server, Intercepting<SPAN style="color: green;"> </SPAN>proxy server</STRONG></SPAN></P><P>-&gt; don't no which device to use.</P><P>5<SPAN style="font-size: 12pt;">.</SPAN><!--[if gte mso 9]><xml> <o:OfficeDocumentSettings> <o:RelyOnVML></o:RelyOnVML> <o:AllowPNG></o:AllowPNG> <o:TargetScreenSize>800x600</o:TargetScreenSize> </o:OfficeDocumentSettings> </xml><![endif]--><!--[if gte mso 10]> <style> /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif"; mso-bidi-font-family:"Times New Roman";} </style> <![endif]--><SPAN style="line-height: 115%; font-size: 12pt; Times New Roman&amp;quot: ; font-family: &amp;quot; serif&amp;quot: ; ,&amp;quot: ; ">Email Security gateway: anti spam, spyware, phishing..</SPAN></P><P>-&gt; don't no which device to use.</P><P></P><P>Please help me in this problem. If you have a template or any document about this solution, please share with me.</P><P></P><P>Thanks a lots,</P> Mon, 11 Mar 2019 18:02:33 GMT https://community.cisco.com/t5/network-security/network-security-solution/m-p/1471527#M655439 sondothanh 2019-03-11T18:02:33Z https://community.cisco.com/t5/network-security/network-security-solution/m-p/1471528#M655440 <HTML><HEAD></HEAD><BODY><P>Points 4 and 5 can be half done by cut-through proxy half by CSC or a solution with external filtering enginers ... IronPort/websense.</P><P></P><P>3. MARS does not work as NAC - You need either clean access or older NAC ... meaning solutions with ACS.</P></BODY></HTML> Wed, 23 Jun 2010 16:30:47 GMT https://community.cisco.com/t5/network-security/network-security-solution/m-p/1471528#M655440 Marcin Latosiewicz 2010-06-23T16:30:47Z