Network Security

The PDM is not showing some of the existing object groups but we can see while accessing through CLI mode. Waiting for the valuable advises.version information: Cisco PIX Firewall Version 6.3(5) Cisco PIX Device Manager Version 3.0(1)

We have two identical ASA 5540s on our Border.If we try to connect to a host protected by one of the ASA's on a port that is not permitted for this host, this results in a brief connection; the connection is then immediately closed- see below:...$ te...

I am planning to use ASA 5505 (with 50 User license) for Out of band management for 30 Devices.My requirement is to use two site2site VPN tunnels and 2/3 Remote access Vpn users accessing the Data Center over ASA 5505s.As per the data sheet it suppor...

Is there a Cisco best practice for downloading IPS signature updates?, any documentation on this?, also how often are updates released?

on the IDSM-2 module are the interfaces (gi0/2 gi0/7, 8) on the actual IDS module or are they referring to ports on the switch that it is installed on?

Hi All, I have the following scenario: The internal LAN (around 40 computers & 6 Servers) connecting to a 4500R which connects to two ASAs 5550 (In Failover) which then connects to a 2960G that connects to an IPS and finally a 2821 that gives Interne...

Hi allactually our customer has an AIP-SSM module which is configured in inline mode.some users are appeared as attackers in the IPS event store .can i deny any unwanted connection for these users without affecting on the legitimate connections of th...

Running 6.0(5)e3 on IPS 4235. We have monthly scans or our network. I need to setup those the IP's so that they are not subject to the rules by the IPS.Thanks.

getting from syslog from CISCO ASA%ASA-6-106015: Deny TCP (no connection) from 141.197.138.74/4778 to 10.252.2.181/5061 flags ACK on interface inside It is some thing that I should be concerned ? Or How to fix it.Thanks

I am looking for information on what is the significance of type and code on syslog messages.3 Mar 23 2009 22:42:36 305006 192.168.0.2 portmap translation creation failed for icmp src INSIDE:X.X.31.10 dst INSIDE:X.X.0.2 (type 8, code 0)

I'm attempting to provide access from one FWSM to another, using VLAN's and ACL's. the purpose is to allow a set of servers behind one firewall, to use DNS appliances behind another firewall. Here is some basic config info:FIREWALL A = VLAN 1 - Hos...

Dear All, I have an ASA 5510 and suppose it already had some access-list setting, in fact, it works normally. However, now, I want to add a permission from my internal network to a server in the internet which use the specific port let said 5000. I h...

We currently have a pair of 5520's in an active/standby configuration. Is it possible to turn off the monitoring of the AIP-SSM module? We would like to do this when an reboot to the AIP-SSM is required and not have the ASA's failover.