Network Security

Our client has an existing network where all the server farms are behind the firewall. Everything are working fine. Now the client decided to put IDSM-2 the problem is the documentation from Cisco site is not that much helpful. I am confused on what ...

Hi,I've been experiencing problem with my standby pix. My outside interface becomes unavailabl after 4 hours (arp cache. I have to clear my arp table for me to access it again. My pix is connected to a switch. 2 routers with HSRP config and the prima...

Dear All,I would like to ask you some command as below:1-timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02?2-timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00?3-timeout sip 0:30:00 sip_media 0:02:00 sip-in...

By default the "HIGHRISK" risk category has a risk range of 90-100. I am attempting to be much more aggressive in proactively stopping potential threats to my network. Has anyone experimented or currently using a wider range with this "HIGHRISK" ra...

Apparantly ASA5500 has a limitation on 256 IP-adresses in a dhcp pool ??!!! Why and is there a workaround/ hidden command to disable this limitation, which seems rather arbitrary ? Thanks. /JJ

After FTP/SCP/SFTP'ing down an IPS 6.x blade config, is there a way to edit it on the desktop and FTP/SCP/SFTP it back up? If that is possible, what editor can be used for editing the file in its' native format? What is the IPS config file type (tx...

Hi, I'm currently working on Tuning a pair of IPS modules in ASA's. We are currently in Promiscous and tuning/filtering to ensure we don't block any valid traffic when making the switch to inline.We are using the new 7.0.1 code and getting the globa...

Hi all, Just need some reassurance on the set up of failover for ASA 5510.Due to the limitations on Public IP Address I have only been allocated 1 usable IP address for the outside interface. I am sure that for Failover that the only unique IP addres...

We use ASA 5520's for firewalling and VPN. When users are connected to VPN they are unable to communicate with each other. If i remove the nat associated with the outside interface all works well and they are able to communicate. Only problem is t...

My question is not platform specific but I manage numerous ASAs and PIXes which is what I am concerned with.Generally speaking, best practices suggest using an explicit deny with logging at the end of ACLs. My question is very simple. Does this app...

Hi There,Can i get some feedback on the new software release 8.2 for ASA firewalls. I manage two of these, one is a 5510 and the other 5520. I know that it is better to have 512MB of memory. I'd like to get stats via netflow on these firewalls. I'm w...

Hi all ! Does IPS 42xx appliance supports failover . We will propose it to a client , we are currently having ASA 5540 failover but i wana know will IPS appliance support failover or not .

Hi,I am trying to erase my Pix config which can't.I tried "wr eraze" then "wr mem" then "reload", but the old config remains.