Network Security

Dynamic NAT for Server

HiI am new to firewalls and was wondering if this will work. I have an internal FTP server where we copy files to and they automatically get sent to an external suppliers FTP server who's network sits on a separate interface on our asa using a public...

Vulnerability on Cisco Products need the steps to fix

Need to know how to disable SSL V2,V3 and SSL RC4 and remove Poodle from sourcefire/Switch/ASA 550Switch: 3750Firewall: ASA 550Sourcefire: Model3D7110

TLS Diffie-Hellman Key Exchange Logjam Vulnerability

We have Cisco Security Manager 4.8 running on Windows Server 2008 R2, recently we have conducted a scan on the server, and the following vulnerability has been reported "TLS Diffie-Hellman Key Exchange Logjam Vulnerability". Note that we have exclud...

Standby FWSM module becoming Active

Hi Team, We have Two Switches 6509 as core for our one Customer and both the Switches have FWSM modules, as per architecture FWSM module of core-1 is active and FWSM module of Core-2 working as standby. We have scheduled Activity and conducted Powe...

Upgrading ASA

Hi, I have a scenario wherein I have a ASA 5520 configured as active/standby.Unfortunately I'm still running version 7.2 of the ASA, what I wanted to do is to upgrade to at least version 8.4.I know I can upgrade it with zero downtime, but my question...

Resolved! arp-permit-nonconnected issue with back to back firewalls

Good Morning, I have an issue similar to this, https://supportforums.cisco.com/discussion/11848306/arp-permit-nonconnected but is different in that the ISP has a firewall instead of a router in place.Connectivity between both firewalls (on a private ...

Resolved! ASA logging list config

Hi Everyone, On our ASA i see below configlogging list configuration level debugging class configlogging class config trap debugging Need to what is purpose of this config and where it will send log messages to? will this config send more logs to sy...

Unable to Telnet Port 465 to DMZ Server of Internet ASA

Topology: Internet Router-- Internet ASA --Fortigate Firewall-- Core Switch-- Data Center Switch-- Server(172.16.45.6)DMZ--(172.16.208.230) Problem:unable to telnet from Server(172.16.45.6) on port 465 to Internet ASA DMZ--(172.16.208.23...

ASA5525-X SSL Decryption

Hi ,I am new with dealing with Sourcefire , I have a question to ask , is 5525x platform with sourcefire module version 4.0.2 and Defense center 5.4.1 capable alone to decrypting the SSL traffic ? appreciating your help guys

Choosing the correct size ASA

Greetings, helping out a school district. Currently have an asa 5510 with advanced services and Trendmicro. Around 550 client PCs, no dmz, very little vpn, 100 mb Internet connection.Upgrading to possible 1gb Internet. More clients because of wire...

Resolved! FireSight and ISE User Identity Integration

We are wishing to migrate from CX/PRSM to FirePower/FireSight. I am researching feature parity. Today I use the CDA integration with ISE to passively capture the user identity of 802.1x wireless authenticated employees. The goal is to on demand produ...

Interactive Blocked Sites Allowing the Site Through

I created a web content rule underneath a policy that does an interactive block on certain web categories. I tested it last week and it worked as expected. I randomly did a test this morning while watching the real-time monitoring and it showed the a...

Resolved! NGIPS AMP

Hi We’re looking to use NGIPSv specifically the AMP portion to protect our network. We have 8 ESXi hosts managed under vSphere. We’d like to compare having the AMP endpoint on around 300 VMs against having a network AMP. Do we need to have a Fire...

Resolved! Setting CCP with ASA 5585X

APHA-ASA5585VPN# sh run | inc crypto pkiAPHA-ASA5585VPN# sh run | inc cryptocrypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmaccrypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmaccrypto ipsec ikev1 transform-set ESP-AES-128...

Resolved! Security Traffic flow in Firewall

Dear Support I have many question regarding traffic flow passing firewallI have Cisco ASA 5520 firewall with 3 interfaces used. Internet, Lan and DMZMy concern is about traffic passing according to this scenario 1 LAN to Internet 2 LAN to DMZ3 Dmz t...

Network Security

Forum Posts

Dynamic NAT for Server

Vulnerability on Cisco Products need the steps to fix

TLS Diffie-Hellman Key Exchange Logjam Vulnerability

Standby FWSM module becoming Active

Upgrading ASA

Resolved! arp-permit-nonconnected issue with back to back firewalls

Resolved! ASA logging list config

Unable to Telnet Port 465 to DMZ Server of Internet ASA

ASA5525-X SSL Decryption

Choosing the correct size ASA

Resolved! FireSight and ISE User Identity Integration

Interactive Blocked Sites Allowing the Site Through

Resolved! NGIPS AMP

Resolved! Setting CCP with ASA 5585X

Resolved! Security Traffic flow in Firewall

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

Knowledge Hub: Cisco Technology for Securing the Enterprise

Announcing Resources That Guide You to Success

FTD not receiving SGT inline

HOSTSCAN modo Monitoreo en Firewall ASA 39 / 5.000 HOSTSCAN Monitoring

How to Specify a PAC File on FMC Policy for Secure Client

CSCwk14305 - "Unable to unlock or revert SED" observed after rebooting

Assign Multiple IPs to a Single BVI on Cisco FTD in Transparent Mode

Help setting up FTDv in Azure

How to configure Port Forwarding on FTD

Compatibility matrix for FMC and SFR

Copy configuration from source FMC A to target FMC B / Parallel build

ping is not working