Is using the Object-Group will reduce the processing effort ?and is there any documents for ACL design consedieriation ?Thanks a lot in advance.
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(9) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(85) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,552) -
Cisco Bugs
(36) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(143) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,165) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(13) -
Cisco Secure Firewall Management Center (FMC)
(78) -
Cisco Secure Firewall Threat Defense (FTD)
(103) -
Cisco Security Cloud Control
(5) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(19) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(45) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(259) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(28) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,574) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(321) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(92) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,569) -
NGIPS
(1,873) -
Online Tools and Resources
(1) -
Open Source and Open Standards
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Automation Analytics Topics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(5) -
Other Firewalls
(1) -
Other IP Telephony
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,775) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(7) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(632) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(25) -
VPN and AnyConnect
(1) -
Vulnerability Management
(43) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Hello,Cisco ASA question, if I can carve small range of global IP addresses from big IP range that exists on outside and put this small range to dmz interface?.The task is to have a few servers assigned global IP but have them behind a firewall so we...
Hi,I have a question about NAT in cisco Firewalls (PIX and ASA).I have the inside, outside, DMZ1 and DMZ2 zones, I dont want to enable NAT between these zones. I find that the use of static NAT is more difficult then the NAT 0 ( it needs more configu...
I need to monitor by SNMP the connections dropped and rejected on the PIX and ASA firewall. Is it possible?
Dear all firewall gurus,It's my first time to use 6500 series Virtual Firewall for my clients. Does anyone have any sample config that I can use as reference?? I have a pair of 6509 running VRRP and needs to have virtual firewall on top.Would apprec...
Resolved! ip host command
in routers we can use the "ip host " command to map name to IP.is there an equivalent command for firewalls?
Resolved! Security Vulnerablities on IOS versions
Hello,I have to preform some security audits for my company and I need to find the security vulnerabilites on different routers and switch based by there IOS version. Can someone please help me as where I find this info?Thank you for your help in ad...
All,I am having a bit of an issue here. My CIO is claiming he has an entire illegal network in his office and he claims he did it under our noses. I know my layer 2 port security wasn't going to catch his little linksys router. So what I noticed abou...
Hi all,we have an ASA 5580-40 with rel 8.2(1) and we recently experienced problems with ciphered SMTP. After some investigation we realized that by default ASA while inspecting ESMTP overwrites command STARTTLS prohibiting ciphered SMTP to work. We a...
Hello Guys,I need to configure PIX 515 to allow particular to get outside network based on theirmac address.Please let me know commands or documents where can I find solution for this.Thank you very much in advance.Samir
Hey..It seems I should know this, but I seem to be defeated.I have a box with a DMZ address. It is attached to a switchport that is in the DMZ vlan.I have another box with an inside address, attached to a switchport that is in the correct inside vla...
Want to enable nat-control to restirct access to outside hosts from inside. Outside hosts are an internal lab (not across internet) to main network.Nat-control enabled causes inside hosts to stop access / ping outside hosts. See NAT / statics confi...
Resolved! firewall contexts
Gurus,We have a requirement to create 2 contexts & 1 admin context on a HA based ASA. The local ip range i have is 192.168.100.0 /24.Internet traffic will be coming on to this context, although there will be only one single internet line and not two ...
Resolved! simple firewall question
hi! We've a fwsm module in our core sw and i'm new to this. just want to find out what's the purpose of the bridge-group 1 command on the inside and outside interfaces? + what's the BVI1 for? is it related to the brige-group 1 command on the inside n...
Hi allI have a customer who would like to know how is it possible to customize the Trend Micro Webpage Notification where it is shown when a web url have been block?Would appreciate if anyone may provide me some tipsThanksJocelyn
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 10-24-2025 02:59 PM | ||
| 10-24-2025 02:01 PM | ||
| 10-23-2025 07:14 AM | ||
| 10-21-2025 08:39 AM | ||
| 10-20-2025 12:53 PM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 11 | |
| 5 | |
| 2 | |
| 1 | |
| 1 |
