I am recently reading ASA and PIX Firewll Handbook. In this book, I have read that ASA firewall Identity required Each user in the enterprise his/her own password . Why do we require each one pass word in AAA. Second , How does one user with one computer having IP Adddress 192.168.2.1 is associated with particular password in AAA. Can we simply have one password for all enterprise users?
- AAA is based on a database of user and passwords that can be stored on the ASA/PIX device on a remote server, the whole purpose of this is to provide a better approach when allowing users to access and monitoring what they do on our network.
Imagine yourself a general password for SSH or ASDM access, and there are 100 users, and one of them is going to leave your company.. You will need to let the other 99 users the new password just because one of them leave...
So one password per username will be more scalable,flexible and secure!!
How does one user with one computer having IP Adddress 192.168.2.1 is associated with particular password in AAA. Can we simply have one password for all enterprise users?
-With AAA enabled no as there will be a dedicated password to EACH username.
Hope this helps,
Please rate helpful posts!!
Julio Carvajal Senior Network Security and Core Specialist CCIE #42930, 2xCCNP, JNCIP-SEC
Cisco is happy to announce their Fall release, FTD 6.7/ASA 9.15.1/FXOS 2.9, which consists of 104 features across 24 initiatives, addressing technical debt while staying true to our five core investment areas: Ease of Use and Deployment, Unified Policy an...
Hi Team, I have one exclusion provided by internal team which is Is it right way to exclude ? *\Program Files\XYZ\* , as per Cisco Docs i see its not recommended because it will create performance issue when we use * at starting , So...
Central Log Management using Cisco Security Analytics and Logging, December 2nd at 8am-9:30am PT
Cisco Security Analytics and Logging is Cisco’s Central Log Management solution for Network Operations and Security Outcomes. It is delivered both as a c...