cancelar
Mostrando los resultados de 
Buscar en lugar de 
Quiere decir: 
cancel
525
Visitas
1
ÚTIL
1
Respuestas

Adding threat-detection basic-threat

Hi All,

Would the addition of the command "threat-detection basic-threat" cause any issues with legitimate login requests from users that are connecting through Cisco AnyConnect intending to use 2FA?

The feature is enabled by default but is there any impact for VPN users that you are aware of?
 
This is for ASA5525.

Thanks,
 
Marco J.
1 SOLUCIÓN ACEPTADA

Soluciones aceptadas

M02@rt37
VIP
VIP

Hello @MarcoJimenez37276,

THe basic-threat detection feature is designed to detect and log potential threats, and it should not interfere with legitimate user traffic. It relies on predefined signatures and heuristics to detect potential threats. In some cases, legitimate traffic patterns may trigger false positives, leading to logs and notifications. It's important to review the logs periodically to ensure no legitimate activities are being flagged incorrectly.

Regarding VPN users connecting through Cisco AnyConnect and using 2FA , the "threat-detection basic-threat" command should not directly impact this functionality. However, it's important to ensure that the AnyConnect configuration & the 2Fa mechanism are prperly implemented and functioning as intended.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Ver la solución en mensaje original publicado

1 RESPUESTA 1

M02@rt37
VIP
VIP

Hello @MarcoJimenez37276,

THe basic-threat detection feature is designed to detect and log potential threats, and it should not interfere with legitimate user traffic. It relies on predefined signatures and heuristics to detect potential threats. In some cases, legitimate traffic patterns may trigger false positives, leading to logs and notifications. It's important to review the logs periodically to ensure no legitimate activities are being flagged incorrectly.

Regarding VPN users connecting through Cisco AnyConnect and using 2FA , the "threat-detection basic-threat" command should not directly impact this functionality. However, it's important to ensure that the AnyConnect configuration & the 2Fa mechanism are prperly implemented and functioning as intended.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.