cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
706
Views
0
Helpful
2
Replies
Highlighted
Beginner

Deep Packet Inspection

If deep packet inspection "sees" personal identifying information in a packet(SS#, Bank account information, etc.), does it log the information in clear text, does it replace with other characters, does it remove it form the log?  Thanks in advance.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Beginner

Well I am pretty sure the

Well I am pretty sure the answer is no. However I am not sure when you refer to logging the information, logging to where? 

 

If you mean to an external syslog server then no, it wont send the payload just the header information.

 

Also the ASA doesn't support DLP by default either, so it wont have any clue as to what is sensitive data and what is not.

 

The administrator could mirror all traffic from a firewall out to a forensic server to look at all that kind of info though if they wanted to, and the Cisco would forward it out exactly as it was transmitted it would not obscure anything.  

 

 

View solution in original post

2 REPLIES 2
Highlighted
Beginner

Well I am pretty sure the

Well I am pretty sure the answer is no. However I am not sure when you refer to logging the information, logging to where? 

 

If you mean to an external syslog server then no, it wont send the payload just the header information.

 

Also the ASA doesn't support DLP by default either, so it wont have any clue as to what is sensitive data and what is not.

 

The administrator could mirror all traffic from a firewall out to a forensic server to look at all that kind of info though if they wanted to, and the Cisco would forward it out exactly as it was transmitted it would not obscure anything.  

 

 

View solution in original post

Highlighted
Beginner

Thanks.  That answers my

Thanks.  That answers my question.  I appreciate it.