Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1220
Views
0
Helpful
2
Replies

ASA5520 to act as web proxy

Dario Francesco Vanin
Level 1
Level 1

‎12-16-2012 10:38 PM - edited ‎03-11-2019 05:37 PM

Hi guys,

I am using a squid proxy behind an ASA5520 firewall to collect the users to the internet. Squid is just necessary to log what is going on in order to find a quick solution when the internet slows down.

Considering that I have unlimited licenses and I would like to get rid of squid, I wonder if the ASA has some functionalities to track which websites are being used and how much traffic is generated. If there is not, I would like to know if Cisco offers a good product to replace Squid.

Thanks,

Dario Vanin

Labels:
0 Helpful
2 Replies 2

Jouni Forss
VIP Alumni
VIP Alumni

‎12-16-2012 11:29 PM

Hi,

Guess the ASA alone can't really handle that kind of thing.

It can log the HTTP sites atleast but doesnt really (to my understanding) have a way to go through the browsed sites. You would probably have to configure the appropriate logging and gather all the information from a syslog server.

I haven't gotten that familiar with this so I don't have the whole picture on this matter.

We usually have an Cisco Ironport and the ASA and Ironport together handle the web traffic.

Cisco Web Security Appliance

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps10142/ps10164/aag_c45-716641.pdf

Cisco Web Security Appliance datasheet

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps10142/ps10164/datasheet_C78-717510.html

- Jouni

0 Helpful

Dario Francesco Vanin
Level 1
Level 1
In response to Jouni Forss

‎12-16-2012 11:41 PM

Hi Jouni,

Thanks for your answer. The price for IronPort is just too high for what I need: I already have another solution against malware from the internet and the goal is just to keep track of the websites visited by the users and then to know for every user how much data has been downloaded from the internet. That's it!

Dario

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card