Network Security

TCP Source Port Pass Firewall finding reported by qualys

Qualys reported a finding "TCP Source Port Pass Firewall" on 25 port against cisco asa firewall.Could you explain why this behavior implemented in ASA. Is this a false positive? Vulnerability:TCP Source Port Pass Firewall THREAT:Your firewall policy...

DEFENSE CENTER-event logs doesn't show properly

Dear All, I have an issue with event logs. model defense center 4000 version 5.4.1(59) When I brows analysiis--connection --events---not showing more than a day In the same way If I tried to see the events with in 2 hours,doesn't show anything I c...

Resolved! ASA 5508-x FirePower ASDM integration

Hi everyone, I have a new ASA 5508-X firepower running 5.4.1.9. License is installed and FirePower is accesible through ASDM. Under ASDM FirePower config I don't have integration option and identity policy as described in the following article: http:...

Resolved! FMC virtual fails on upgrade

Tried going from 6.0.0.1 to 6.0.1 and now get this when I login: The upgrade failed to install.The upgrade failed to install. The upgrade failed on while running .Please contact customer support: tac@cisco.com1-800-553-2447 or 1-408-526-7209 When...

Resolved! Recommendation upgrade Firepower

Hi, We have the version Virtual defence center (64but) 5.4.1.6. We would like to upgrade the firepower but we would need to know what is the recommended version and the requisites minimum for virtual machine. version 6 is the recommended? Thanks

Resolved! ASA 5580 & PCI card

Hi, I have an ASA 5580 with a 2-Port 10-Gigabit Ethernet Fiber PCI Card and my doubt is: the fiber interfaces on the PCI card works in 850nm ? I´ve been searching most part of today´s day but found nothing about wavelength...only that the fiber cable...

SSH access to ASA for vulnerability scan.

Our Internal Auditor is asking for SSH access to our ASA's to do Vulnerability Scan. My first thought was "NO" then I thought about it more and I still think "NO". Can anyone think why someone should have SSH access to the firewall to perform this sc...

ASDM AWT-EventQueue-2 Java OutOfBounds Exception

ASDM display crashes constantly... unable to get to Firewall Configuration screen. Box is ASA5525-x running asa962-1-smp-k8. Any ideas? Java console output: Using JRE version 1.8.0_51 Java HotSpot(TM) 64-Bit Server VMUser home directory = C:\Users...

Sourcefire Virtual sensors and routed mode with F5 LTMs ("Air Gap")

Hello, We are working on implementing the Virtual Sourcefire sensors, using an F5 LTM to decrypt and redirect traffic to the IPS Sensors. The documentation I have been reading states that since I am using a single LTM (LTM > IPS > back to LTM) the IP...

Resolved! SSH Access

Hi all, I need to configure an SSH username and password for a client who wants to integrate Tufin whereby they can create/modify/delete ACL's, as well as create object-groups, routes, NAT statements etc. Privilege level 15 would ofcourse allow for...

Resolved! FMC REST API 6.1

I am currently playing around with firepower rest api on FMC 6.1 and I am looking for a method to get domain name to domain id mapping. Since the specific domain id must be used in the URL to consume the api I would like to get the ID by name. https...

Best practice for logging

Hi All,I would like to know if there is any best practice document for Firewall logging. This would include1. What level of logging is ideal2. If a log is stored in a logging server, how long is it best to store the logs and retain the logs by a back...

Cannot boot UCS c240 M4

Hi, Not sure what it is, bit it's not possible to boot our new cisco Jumpstation. According tou the salesman jumpstation is already preinstalled with with Windows2012 + Vmware. The server gives following error: PXE-E61: Media test failure, check ...

Firesight IPS Bandwidth and Best Practice

Hi Cisco Support, We would like to ask you some important details that we need regarding IPS. These topics are "Bandwidth", "Effort", and "Best Practice". So First, regarding the bandwidth, we would like to know if there are any impact on our bandwi...