Network Security

Hellolooking for assistance. Trying to figure out if there is a way to restrict the type of syslog messages I'm seeing.For example, is there a way to filter out syslog message %ASA-6-302013, and only see syslog message Syslog Message %ASA-6-106100 wh...

I have a pair of ASA 5520s. When I SSH to the firewall i'm prompted for username. I put in my username, but when i am prompted for password i can just hit enter and I am allowed in. Then when I go to enable mode and prompted for password I can hit en...

We setup GEO blocking in Firepower which appears to be triggering events, however the blocked countries can still ping outside interface of ASA?  Is this correct? or should I be seeing this blocked also?

Hi!Am trying to set up my network, the network will have inside, dmz1, dmz2 and outside interface. The most secure interface is dmz1 followed by dmz2 and then the inside interface. dmz1 and inside interface should ping each other. The inside interfac...

Hi All, Is there a best practise when configuring failover and statefu failover links between Firepower 4110 appliances? I want to configure both failover and stateful failover links, however I'm not sure if I should use a single 10GbE link for both ...

Hi Guys, Are there any way for me to see the bandwidth usage of a particular VLAN in FTD? Currently, only one VLAN is experiencing slow connection when they tried accessing to the internet and the other VLANs are not. Configuration wise, the only dif...

I've been using UptimeRobot for years as a first level of notification that there might be an issue at the office. It's worked well for what it does and it's free. For security reasons I want to disable ICMP on our main outside interface. I know I ca...

Hi Guys,Just to check with you, I created a QoS policy in FMC with the source interface of VLAN-A and VLAN-B with a 100 Mbps rate limit. Is the 100 Mbps shared between the VLAN-A and VLAN-B or not? Thanks

My question is how we allow VPN traffic via the outside interface but block internet traffic that happens to have the same source address as the remote VPN network ? If you disable the bypassing of interface access lists on an ASA using the "no sysop...

Hi guys, We have 2 FP4100 devices in operation and managed with a FMC virtual. Due to organization policies, there is no Internet access in the hosting site at all. So we use SSM Satellite server VM for Smart Licensing and we synchronize it also with...

My Internet FW has moved to a FP2130 box. Can anyone point me to an example of how to configure my WSA to communicate WCCP with my FP2130 . I am reading that I would have to use "FLEXCONFIG"?? on my FP box?? MY FP box is running 6.2.2. thanks for any...