Network Security

How to stop outgoing mail unless it is using smtp only

I remember quite some time ago hearing that spam mail on an infected internal system can use any port to send mail out. What I would like to setup is a set of firewall rules to only allow certain packets out through their correct ports, such as DNS ...

Resolved! Migrating from a PIX to ASA. Access lists don't work..

Not sure why it doesn't work...I even created a capture of any any and the ASA doesn't even see the traffic to .137. It does see traffic to .136. As far as I can see, the config is identical. Packet Tracer says my config is good. Internet connectivit...

ssl certificate for cisco NAC

Hello All,Gurus,out there please help me understand how do i update the SSL certificate on cisco NAC appliance (clean access mananger/clean access server).how to check when is the certificate being expired.thanks in advance.

Resolved! DMZ setup using Cisco 2811 Router

Hello,I am pretty new to the configuration of a DMZ and I have the task of setting one up.I have a Cisco 2811 Router running Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 12.4(24)T1, RELEASE SOFTWARE (fc3), 2 FE interfaces.On...

IPS log displays threats with source and dest 0.0.0.0

Hi,We have a ips 4270 which reports a lot of threats with source and dest 0.0.0.0. Why is that, can't it solve these addresses? Example:Receive Time Severity Event Type ID Event Name Device Source ...

Resolved! IPS V7 Global Correlation

Dear all,IPS Correlation update will be done through the Management interface right? So I should confirm the ability of the IPS Management IP address to be able to access internet right?I did so, but still not able to have global correlation update, ...

Exporting NAC Rules 4.8

I am trying to export the rules into a .csv or text file for a presentation, is there a way to do this?thanks in advance

Email alerts

I am using a Cisco ASA 5505 for the direct internet access link at one of my sites.Is it possible to set up an email alert when a particular interface's traffic goes over a certain bandwidth?Thanks for reading.

Cisco IOS Resilient Configuration

Hi all,I'm testing the Cisco IOS Resilient ConfigurationFirst I perform a command "secure boot-config" After i want simulate a hacking action and I make some permanet changes to config-startup from telnet. Where and when i can see the mismatch messag...

CSM vs. IME

Hey all,Quick question.In terms of configuring the IPS, what's the difference in the experience using the CSM vs. the IME? I have a PC running IME here at office but I'm having issues installing the CSM so I haven't been able to try it out. I am, how...

interface down of ASA standby unit after "wr standby" command

ASA operating as single context & Active/Standby mode.ASA os upgraded to 8.3(2) recently.whenever replicate the configuration of active unit to standby, the interface of the standby unit is down, and up (flap).i think that it's happened, while standb...

Create monitor session via SNMP / change source interface

Hi I have a problem,I want to change the source vlan for a SPAN monitor session. The issue is I don´t want to logon at every switch to change the source manually, because we change the source many-times daily, we want to automatize the process as fa...

Resolved! Why CISCO ASA does NATing by default and not ROUTing ?

Hello, my question may sound stupid, but please explain to me the following behavior.CISCO ASA 5505Interfaces: OUTSIDE - 194.50.90.221 255.255.255.0 / security level 0DMZ - 192.168.12.254 255.255.255.0 / security level 25INSIDE - 192.168.0.6 ...

Problem with VLAN traffic on ASA 5505

Hi, All! I have a Cisco ASA 5505 that I have configured. The outside interface is vlan 2 and the inside interface is vlan 1. Port 0 of the ASA is configured to be in vlan 2 and is connected to the ISP provided subnet. Port 1 is connected to my...

Cisco ASA redirect traffic going to phising site to a internal www srv

Hi,Is it possible to use a acl of ip addresses (phishing websites/hosts list) so that I can redirect this traffic to a internal webserver? On this webserver I explain why the user must not klick on links in mails etc.Regards, Marc

Network Security

Forum Posts

How to stop outgoing mail unless it is using smtp only

Resolved! Migrating from a PIX to ASA. Access lists don't work..

ssl certificate for cisco NAC

Resolved! DMZ setup using Cisco 2811 Router

IPS log displays threats with source and dest 0.0.0.0

Resolved! IPS V7 Global Correlation

Exporting NAC Rules 4.8

Email alerts

Cisco IOS Resilient Configuration

CSM vs. IME

interface down of ASA standby unit after "wr standby" command

Create monitor session via SNMP / change source interface

Resolved! Why CISCO ASA does NATing by default and not ROUTing ?

Problem with VLAN traffic on ASA 5505

Cisco ASA redirect traffic going to phising site to a internal www srv

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

Knowledge Hub: Cisco Technology for Securing the Enterprise

Announcing Resources That Guide You to Success

Is it possible to have multiple ACP pushed to a pair of FTDs?

Comcast/Ciena handoff to ASA5506?

Cisco FPR-1010 always boot to FXOS mode

Cisco FTD portscan

ASA-AWS - EC2 IMDSv1 required for the PAYG license to be applied

Cisco ASA ACL and NAT for RDP through subinterface allow any

is this flow impossible?

DDOS and "Error processing payload: Payload ID: 1"

ASDM unable to login for v7.18(1)152

Logging Informational Configuration in Cisco ASA