Network Security

Engage with peers and experts on network security topics such as FTD, FMC, FDM, CDO and ASA.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Cisco CyberSecurity

Labels

Forum Posts

The Firepower FDM DNS server settings only allow for one Data Interface and one Management Interface.  My firepower will be connected to two separate LANs with separate domain controllers on separate data interfaces.   How does the system know which ...

ATCUSN by Level 1
  • 909 Views
  • 2 replies
  • 0 Helpful votes

Hi all, I've got some public IPs from our ISP 154.x.x.x/24. Also, I have one IP address 149.x.x.x/30 that binds me with ISP. 154.x.x.x/24 subnet should be used for web servers. I'm trying to implement this configuration in ASAv(9.15 version). My goal...

Nazarevych by Level 1
  • 2152 Views
  • 11 replies
  • 0 Helpful votes

Hi, DCE2_EVENT__CO_FRAG_GT_MAX_XMIT_FRAG signature events are being generated, and when reviewing it we see that the detected traffic is on high ports, both in origin and destination. According to the rule the traffic it inspects is ICMP.Are we inter...

SupportAC by Level 1
  • 1018 Views
  • 0 replies
  • 0 Helpful votes

HiI have an SNMP server for monitoring and I want to allow outside interface devices to connect to the server, while I am creating static nat I get this error (ERROR: NAT unable to reserve ports).the used commands:ASA(config)# object network ZabbixAS...

Qays by Level 1
  • 1375 Views
  • 4 replies
  • 0 Helpful votes

Dears,  I want to size a firewall, hence the customer told me that he has a video traffic in TBytes that he needs to transfer from MPLS link , but i need to size the firewall processing throughput how we can do that ?? the customer is not aware of co...

adamgibs7 by Level 6
  • 3449 Views
  • 8 replies
  • 0 Helpful votes

When I try to add sensor from FireSight, it pop-up a dialogue box "Could not establish a connection with sensor. Make sure the registration keys match, that the software versions are compatible, and that the network is not blocking the connection." I...

Hi Teams, Preprocessor(GID:122) are rule about portscan detection.These rules are disabled defaultly(Snort's base policyl:Maximum Detection also).So, for catch attacker's portscan, I have to enable these rules manually. Why are these rules disabled? ...

HWAN by Level 1
  • 2010 Views
  • 2 replies
  • 0 Helpful votes

Hello, I am setting up my new FTD 2130, plan is to use user User certificate and AAA ( Cisco Duo ) for RA VPN.My CA infrastructure is running on Microsoft Servers, and I am having troubles finding information regarding certificate template and applic...

NUSKNVP by Level 1
  • 718 Views
  • 0 replies
  • 0 Helpful votes

hi all,I‘m looking for a firewall which should be used to act as layer3 gateway for ~15-20 vlans and segment traffic on layer3/4 between them! I‘m not 100% sure if it would make sense to use also IPS functionality for traffic which is most of the tim...

HI there  I have some questions about firewalls, is cisco firepower capable of doing what is Fortiweb doing ? is the deep packet inspection is the same idea that used in Fortiweb ? or cisco doesn't have WAF, or even if it does can we say it is good a...

Behradszk by Level 1
  • 886 Views
  • 1 replies
  • 0 Helpful votes

Hi,I´ve design related question about how a state-of-the-art security solution in a campus network should look like!Assuming that we use a hierachical network where should the Layer3 standard gateway for the clients should be set on? Should I use a L...

Hi All,Can someone tell me what is going on with my customer's ASA 5585?  I was attempting to create an object NAT rule for an inside host, but the NAT section does not exist in the Add Network Object window.  Also, "Add Object NAT" is not an option ...

mpalmiero by Level 1
  • 774 Views
  • 1 replies
  • 0 Helpful votes