Network Security

We have an ASA 5510 running version 7 of the IOS. The firewall is connected to a 3rd Party Cisco Router (not permited to access ) which in turn is connected to a LES. The LES circuit is 10Mb.As a school most of the traffic is HTTP based, in particula...

Hi friends,I have a ASA 5520 with a module AIP-SSM-10 and I try to upgrade it from version 5.1 (IPS-K9-5.1-8-E3) to version 6.0 using the file IPS-K9-6.0-6-E3.pkg and executing this command:IPS_A(config)#upgrade ftp://anonymous@<IP>/IPS-K9-6.0-6-E3.p...

Greetings,After the initial information gathering, I find I am at a standstill as-to how I should procede.We are currently in the process of implementing One-to-One static NAT'ing on our DMZ servers, and RE-IP'ing them to private IP space.We need to ...

We have a SIP trunk coming in over our internet feed. A scan has revealed TCP5060 being used for this service. I suspect SIP require additional ports to be available for RTP streams etc. Does anyone out there have a security policy solution/configura...

Hello,Devices that my company builds use specific external DNS IP addresses for resolving hosts.  When these devices are on our network, and we want to point those devices to other services internally, they fail to lookup the target hosts because the...

Hi, does anyone know what's needed to allow aRiverbed Steelhead to communicate with it's partner through a PIX running OS 6.3(5).The tcp-map command for tcp option76 isn't available as in OS 7.0(1) and above.Is it possible at all ?Many thanks in adva...

Is it possible to get Wake on LAN to work between interfaces on the Firewall Service Module?

Hello,Is it possible for the ASA 5505 to span the outside or inside interface port to another port on it's 8 port built in switch where I will put a PC?The reason I ask is we have a switch connect which is Nortel and we can manage this remotely and I...

I have a 4 sites  that has only thinclients an ASA 5505 and a 3550-24-pwr switch, all are connected to a FIOS connection. I am using the ASA doing DHCP and it is the default gateway at all sites. We are putting all sites on a MPLS network and using t...

Hi,I am doing some NMAP regular recoinnassance tests through our ASA w/IPS.  These tests are unfortunately going through the IPS even after enabling drop on signatures 3002, 2157, and 4003.  Wireshark applications show that NMAP uses tcp as opposed t...