Comprar o Renovar
Comprar o Renovar
cancelar
Activar sugerencias
La sugerencia automática le ayuda a obtener, de forma rápida, resultados precisos de su búsqueda al sugerirle posibles coincidencias mientras escribe.
Mostrando los resultados de 
Buscar en lugar de 
Quiere decir: 
cancel
Iniciar una conversación
334
Visitas
1
ÚTIL
1
Respuestas

Adding threat-detection basic-threat

Ir a solución
MarcoJimenez37276
Level 1
Level 1

el ‎07-18-2023 04:43 PM

Hi All,

Would the addition of the command "threat-detection basic-threat" cause any issues with legitimate login requests from users that are connecting through Cisco AnyConnect intending to use 2FA?

The feature is enabled by default but is there any impact for VPN users that you are aware of?
 
This is for ASA5525.

Thanks,
 
Marco J.
1 SOLUCIÓN ACEPTADA

Soluciones aceptadas

Ir a solución
M02@rt37
VIP
VIP

el ‎07-18-2023 10:15 PM

Hello @MarcoJimenez37276,

THe basic-threat detection feature is designed to detect and log potential threats, and it should not interfere with legitimate user traffic. It relies on predefined signatures and heuristics to detect potential threats. In some cases, legitimate traffic patterns may trigger false positives, leading to logs and notifications. It's important to review the logs periodically to ensure no legitimate activities are being flagged incorrectly.

Regarding VPN users connecting through Cisco AnyConnect and using 2FA , the "threat-detection basic-threat" command should not directly impact this functionality. However, it's important to ensure that the AnyConnect configuration & the 2Fa mechanism are prperly implemented and functioning as intended.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Ver la solución en mensaje original publicado

0 Útil
1 RESPUESTA 1

Ir a solución
M02@rt37
VIP
VIP

el ‎07-18-2023 10:15 PM

Hello @MarcoJimenez37276,

THe basic-threat detection feature is designed to detect and log potential threats, and it should not interfere with legitimate user traffic. It relies on predefined signatures and heuristics to detect potential threats. In some cases, legitimate traffic patterns may trigger false positives, leading to logs and notifications. It's important to review the logs periodically to ensure no legitimate activities are being flagged incorrectly.

Regarding VPN users connecting through Cisco AnyConnect and using 2FA , the "threat-detection basic-threat" command should not directly impact this functionality. However, it's important to ensure that the AnyConnect configuration & the 2Fa mechanism are prperly implemented and functioning as intended.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Útil

Navegue y encuentre contenido personalizado de la comunidad

Documentos de Seguridad Videos de Seguridad Otros Eventos de Seguridad
Customers Also Viewed These Support Documents