I have just configured and installed an ASA 512-X to replace our aging ASA 5510.
The 5512-X comes equipped with an IPS sensor built in for which I have the license. Before I go thorough the pain of trying to figure out how it all gels together can some bright person tell if I am able through the IPS to prevent 'dictionary' style attacks on our terminal servers.
Ironically Windows Server will disable an account if a known user incorrectly enters a password 'x' number of times, but if an unknown user tries to access the terminal server it will happily allow the attack to continue until successful.
We are inundated with daily attacks from various parts of the globe, though it has to be said China and Korea are particularly testing......
Hi, We are getting below Alarm on ISE frequently. we verified COA enabled on WLC and there is no impact on users as we didnt receive any complain from users. Dynamic Authorization Failed for Device : Server=ISE-1; Network Device Name=WLC WLC Firmware = 8....
the Cisco CPN Client for a long time to connect to a VPN Server. Now I've got a new machine with a Windows 7 64 bit. The Cisco VPN Client isn't avaiable in a 64 bit version. Cisco suggests to use Cisco AnyConnect instead because there'a 64 bit version ava...
May 2016Splunk is a powerful tool for analyzing information in your organization by collecting, storing, alerting, reporting, and analyzing machine data. With Cisco platform Exchange Grid (pxGrid) Splunk is able to proactively act on received network secu...
Happy to announce that we have an updated version of our Enabling AMP on Content Security Products - Best Practices (v3.0). Please feel free to review if you have questions regarding deployment of AMP (File Reputation and File Analysis).
Updated: July 2018
New: Updated format , Netflow configuration examples per platform (End of Table)
Note: Remember the table is scrollable horizontally to view other columns, not only vertically
IOS / IOS XE