cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
457
Views
0
Helpful
1
Replies

Coming Up To Speed With ASA Security

danmartinnorhrop
Beginner
Beginner

Hello,

 

My questions are not very specific in nature as I do not work often with Cisco devices.  I have been asked recently to help assess security of Cisco devices primarily ASAs and to lock them down.  Currently I have a Cisco ASA 5505 I am testing and learning on then I have a couple 5515's also.

 

My questions are:

1.  What vulnerability assessment tools work well with ASAs?

2.  Are there additional security modules I can install on these devices.  "I only ask because I think I read somewhere online that cisco has released tools to install that adds security to the devices"

3.  Any quick documentation/ advice out there on these subjects?

 

Thanks for your help as I am not really sure where to start.

 

R

Joe

1 Reply 1

Bogdan Nita
VIP Alumni
VIP Alumni

Hi Joe,

1. I believe most vulnerability scanners will do the job, the most popular ones are: Nessus and Metasploit

2. There used to be IPS modules for this devices, but Cisco discontinued them. The IPS was replaced by firepower, but is only available on the newer models ASA 5500X

3. https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/200150-Cisco-Guide-to-Harden-Cisco-ASA-Firewall.html

 

HTH

Bogdan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: