Network Security

Everything is set to the default in my AD policy and the KB's that are generated everyday by the sensor are the same. When I view the KB, the Scanner Threshold (Learned) and Histogram (Learned) columns are empty. How do I configure the IPS to actuall...

I have approxmiately 160 CSA agents on (mainly) laptop clients. I receive a large number of email notifications stating the following each day:---------------Severity: AlertThe process 'C:\WINDOWS\system32\svchost.exe' (as user NT AUTHORITY\SYSTEM) a...

Hi All,I jsut need some help in making sure that the following statements are correct. Here is the scenario.Our inside private addresss 10.x.x.x always gets NATed to a public IP on the outside. Now I have a situatuion where we do not want to NAT the ...

When using the following ACL on the router side of a PIX to 2651XM VPN, no connectivity is established until the Access-Group is dropped from the FastEthernet0/1 interface - then it comes up and works fine. . We need to harden this FE interface as it...

Hi all.This is my first setup of a Cisco ASA box.I'm having a lot of problems with use of static routeIf I make a PING from the ASA box, I get a replay.But if the ping comes from a computer, I keep getting: Deny inbound icmp src inside:XXX des inside...

Recently I installed the CSM 3.1 suite, which comes with IPS Event Viewer version 5.2(1.4).I have set up the automatic archive feature to archive the IEV database daily at 23:45, but this doesn't work. I do get daily archive files with a size of 0 by...

I'm sure that this has been asked before, but...I have a VPN client behind my PIX 515E going to a remote site with a 3000 series concentrator. I can establish the tunnel, and though my client can send packets it never receives any back. I need anothe...

Hi all, I was just wondering, is it just a case of not configuring allowed hosts that can connect ?i.e. telnet 10.10.10.10 255.255.255.255 host If i don't configure any of these, is that in affect disabling the use of telnet to the box or is there an...

a few questions:1. Since the firewall is stateful, does this mean the if a connection is made from a higher security interface to a lower security interface (inside to DMZ), once the connection has been established, that the lower security interface ...

Hi,I'm trying to get a few of our machines on dmz to communicate with a TSM server which is located on a subnet on the inside. But I can't get it to route traffic out on the subinterface I have created in the pix, it keeps using the dmz as output int...

Hello All,I am running an ASA w/AIP. What I would like to do is block all url request for .php except for 1 url. The engine being used for the custom signature is service-http.I have tried ([^(allow.site)][A-Za-z][0-9])*\x2E([Pp\x50\x70][Hh\x48\x68][...

We're running 7.2(2) on a PIX 525. We can't seem to access one website. No deny messages show up in the syslog, just a TCP reset message.2007-05-16 13:40:05 Local4.Info inet-pix May 16 2007 13:40:05: %PIX-6-302014: Teardown TCP connection 673938 for ...