We have installed two two ASA service modules into our 6509 switches. They are both working fine but we are now looking into the option of using the Cisco Context Directory Agent for identity firewalling.
So far we have a VM running the Cisco ISO downloaded from the site and that connects to all our AD servers. The ASA have been registered to the CDA server and can connect to the AD servers themselves to pull down usernames and groups. I have tested that it all works with different usernames and groups and all works well.
The problem we have is that we run a number of terminal services servers that users can connect to.
I have rules on the ASA that user A can connect to server X from the terminal service server but user B cannot connect to server X.
When user A logs into the TS server he can connect to server X but if user B also logs to the TS server they can also get to server X even though there is a rule to say they cannot.
Now I understand the reason why this happens as it is because of the IP address that the user is mapped to. We have Palo Alto firewalls that uses a pluggin installed on the TS server which allows multiple users connected at the same time which would allow the rules above to work as they should.
The question is...Is there a pluggin available for the ASA's that perform a similar function.
Setting up some 3rd party devices for my Fire and Rescue trucks that will VPN back to our FPR-2110. I can blatantly see what's going on with the IKEv2 platform and protocol debugs on. It's selecting the wrong dynamic map!IKEv2-PLAT-4: (32): Cry...
On January 22, 2020, the Cisco Product Security Incident Response Team (PSIRT) disclosed a vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC). The vulnerability could allow an unauthenticated, remote attac...
Meet the Authors Event - A Cybersecurity Deep Dive with Omar Santos
(Live event – Thursday, January 23rd, 2020 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 7:00 p.m. Paris)
This event will have place on Thursday 23rd, January 2020 at 10hrs PDT
Posting this for anyone interested in using a Raspberry PI as a flow collector for Stealthwatch. We created a very lightweight version of our software. It can create flows if the eth port is attached to a SPAN or you can forward NetFlow/IPFIX ...