I´m working with some RFP questions. The customer has implemented Firepower 4140 and they was waiting hardware acceleration support to implement SSL policies.
Now the customer launched a RFP to check if they configure SSL policies or work with another solution.
Please your help with the following questions:
- High Certificate Warnings: For certificate reassign, how are warnings communicated to endpoints when an invalid certificate is detected?
- High Certificate Errors: Should the SSL system connect to an SSL server with an invalid certificate, are there options to ignore and pass through the message to the endpoint or drop the connection based upon predefined configuration (e.g. ignore expired certificate warnings and pass warning to endpoint, block connections using self-signed certificates)?
- High Device Chaining: Can the system send unencrypted traffic to multiple devices, both inline and passive, in a defined chain (e.g. inline NGIPS e inline advanced malware detection e passive DLP)?
- High Traffic Management: Can the system send defined traffic (OSI layer 2/3/4/7) to different attached devices?
According to the Verizon 2018 Data Breach Investigations Report, 81% of hacking-related incidents leverage stolen or weak passwords. When your workforce requires access to business-critical information residing on your corporate network and cloud, a VPN c...
On April 11, 2019, CERT/cc published a vulnerability note ( VU#192371) describing a vulnerability on how different VPN implementations store session cookies within system memory.
Cisco investigated this issue and determined Cisco AnyConnect is not vulner...
ACS to ISE Migration
ACS 5.x: TACACS+ Authentication and Command Authorization based on AD group membership Configuration Example - Cisco
ACS Shell Command Authorization Sets on IOS and ASA/PIX/FWSM Configuration Example - Cisco
ASA 8.3: TACACS Authe...
The Community is Not TAC
If you have an emergency network problem - Open a Case with the Cisco TAC!
While Cisco employees including members of its Technical Services teams may participate, the Cisco Community is not a replacement for TAC or other ...
Cisco has released Email Security AsyncOS version 12.1 on 8th April 2019. This release includes major enhancements to the Intelligent Multi Scan (IMS) feature to improve overall spam detection efficacy.
Customers using the IMS feature on older AsyncOS re...