Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
823
Views
3
Helpful
3
Replies

Custom IPS sigs on NGFW (ASA-CX) IPS solution?

Go to solution
clausonna
Level 3
Level 3

‎04-30-2014 08:19 AM - edited ‎03-10-2019 06:11 AM

Hi folks,

I am trying to determine if it is possible to create custom IPS sigs on the ASA-CX module?  Not the ASA + Legacy IPS combo, but the ASA + ASA-CX (Application Detection, Web Filtering, IPS) combo.

I couldn't find anything in the docs that said this was possible.

Thanks!

Neil

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to clausonna

‎05-08-2014 05:37 AM

No, those capabilities are not available with the NGFW IPS. Cisco currently recommends that the classic IPS (ASA module of stand-alone appliance) for customers requiring that capability.

Expect this all to change significantly over the coming year though as more of the SourceFire technology is integrated into the ASA product line.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Ravi Singh
Level 7
Level 7

‎05-06-2014 09:38 AM

Not with the current release. Currently, Cisco ASA Next-Generation Firewall Services include a robust set of more than 1200 applications and 150000 micro‑applications. The ability for administrators to create their own application signatures is a feature that will be included in a future release.

Go to solution
clausonna
Level 3
Level 3
In response to Ravi Singh

‎05-08-2014 05:13 AM

Thank you for your response.  However my question was targeted towards Intrusion Prevention signatures such as the ones found on the traditional IPS units.  I would want the ability to use the various IPS engines such as Atomic IP, HTTP, etc and create sigs that match on things inside the packet, URL string, etc.

 

Thanks!

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to clausonna

‎05-08-2014 05:37 AM

No, those capabilities are not available with the NGFW IPS. Cisco currently recommends that the classic IPS (ASA module of stand-alone appliance) for customers requiring that capability.

Expect this all to change significantly over the coming year though as more of the SourceFire technology is integrated into the ASA product line.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card