Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1927
Views
0
Helpful
2
Replies

Deep Packet Inspection

Go to solution
toms001199
Level 1
Level 1

‎04-07-2015 06:54 AM - edited ‎03-11-2019 10:44 PM

If deep packet inspection "sees" personal identifying information in a packet(SS#, Bank account information, etc.), does it log the information in clear text, does it replace with other characters, does it remove it form the log?  Thanks in advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ryancisco01
Level 1
Level 1

‎04-07-2015 07:01 PM

Well I am pretty sure the answer is no. However I am not sure when you refer to logging the information, logging to where? 

 

If you mean to an external syslog server then no, it wont send the payload just the header information.

 

Also the ASA doesn't support DLP by default either, so it wont have any clue as to what is sensitive data and what is not.

 

The administrator could mirror all traffic from a firewall out to a forensic server to look at all that kind of info though if they wanted to, and the Cisco would forward it out exactly as it was transmitted it would not obscure anything.  

 

 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
ryancisco01
Level 1
Level 1

‎04-07-2015 07:01 PM

Well I am pretty sure the answer is no. However I am not sure when you refer to logging the information, logging to where? 

 

If you mean to an external syslog server then no, it wont send the payload just the header information.

 

Also the ASA doesn't support DLP by default either, so it wont have any clue as to what is sensitive data and what is not.

 

The administrator could mirror all traffic from a firewall out to a forensic server to look at all that kind of info though if they wanted to, and the Cisco would forward it out exactly as it was transmitted it would not obscure anything.  

 

 

0 Helpful

Go to solution
toms001199
Level 1
Level 1
In response to ryancisco01

‎04-08-2015 09:07 AM

Thanks.  That answers my question.  I appreciate it.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card