Network Security

Hi,we have purchased these two Cisco ASA 5500 series ASA for a customer who has requested active/standby failover. I have gone through these Cisco documentation explaning the failover configuration and the fact that there are twp methods, statfull an...

Hi,Does any have a way to compare current running ACLs against a previously saved copy of the config? Quarterly we need to review the security and it would be nice to run a quick compare to evaluate what has changed since the last quarter and make su...

Hi,I need some help. We're a small company and I have inherited a situation which I have very little experience with. I have a Cisco Router 2821 with the ios firewall and things are just not working right. As I look at this router/firewall config and...

I'm implementing an ASA 5510 with the CSC-SSM module. We are using the ASA just for the CSC-SSM module functionality. Our goal is to not have to make any changes to the existing addressing. is there a way for me to implement the ASA in transparent mo...

I'm trying to set the VPN Key Management to DH 5 on ASA 5510. The VPN client is not able anymore to set up the VPN connection. When using DH 2, everything works ok.. Does the client not support DH Group 5 ?

I set up a Cisco ASA 5505 for remote access, and a point to point to a collocation facility. Recently local lan access was not working so I configured the split tunnel access list. Local Lan access now works but when connected to the vpnI still can...

I am trying to configure my PIX-535 to prompt for RSA Secure ID authentication.So when somebody tries to get to a paticular website, the PIX-535 will put up a Secure ID page and forward the response to our RSA Secure ID server.Any help?

I have a pix501 with configuration unknown to me. I exectued the standard password recovery procedure. Although during the procedure I was informed that the password and any aaa configuration were reset (and even I was prompted to agree to delete the...

I recently upgraded my IDSM-2 to 6.1. It resides in a 7609 running 12.2(18)SXF8. Mode is just as a sensor (promiscous) and does not block. All the VLANs in the 7609 are spanned to the sensor port.Since upgrading to 6.1 and monitoring with the IME ...

Hi,I have two servers: one in a DMZ (actually, it's not a real DMZ, just another lan with a security level lower than inside, but it does not accept connections from internet).I'd like to have a batch on the DMZ server which does a xcopy myfile.txt \...

Is there a document on CCO that compares Cisco NAC solution with 802.1X-based solutions?Specifically: NAC use Cisco Clean Access Agent (CAA). What value (if any) does Cisco Trust Agent (CTA) and/or Cisco Secure Services Client (SSC) add? I hear that ...

what is the use of having multiple firewall vlan-group in fwsm?thanks

Hi all,I am a newbie for cisco pics and I wanted to add abasic NAT rule to my firewall to allow and redirect FTP requests from internet to one of my public adresses194.250.0.50 to an internal computer 190.100.100.102.using the web interface I added o...

Hi,Does the ASA 5550 and the ASA 5580 series support the CSC or AIP moduls?Thanks.Sonu.