Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
862
Views
0
Helpful
2
Replies

Examples of ASA CSC blocking using ip/users

Juan Pablo Hidalgo Villacres
Level 1
Level 1

‎01-18-2012 09:09 PM - edited ‎03-11-2019 03:16 PM

Hi everybody

i am new at ASA 5520 and CSC module (version 6.3)

I would like to know what configurations are posible for my network users if i use the CSC trendmicro blocking using IP address or AD users,

i know that i could select users/groups from the windows  AD or select the IP addresses that i want to use for blocking or permit http traffic (url, etc).

My question is on the client side, how the CSC knows what AD users is the one that is requesting certain http pages, or if i user a proxy server, i lose the IP/users options on the CSC??..or i could use authentication options on the proxy for example?....

I have been looking information about this but the manuals only explain the configuration options that i could configure on the CSC TrendMicro page, but it doesn't say which network environment i could use or need.

hope i made myself clear,

Regards,

Juan Pablo

Labels:
0 Helpful
2 Replies 2

Julio Carvajal
VIP Alumni
VIP Alumni

‎01-18-2012 11:29 PM

Hello Juan Pablo,

How the CSC knows what AD users is the one that is requesting certain http pages?

On one computer on the AD domain ( Not necesary the Active directoy server) the ID agent will be installed, this one will keep a communication with the AD agent and the CSC module.

Each time a user log in or log off the ID agent will mapped the user to an ip address, so as you can see the ID agent will monitor windows events 672 and 673 and keep track of that user.

Afterwards if that user goes to the internet  based on the policies  you have set up on the CSC the user will be allowed or not.

Hope this helps.

Julio

Rate helpful posts!!

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Juan Pablo Hidalgo Villacres
Level 1
Level 1
In response to Julio Carvajal

‎01-19-2012 04:29 AM

Hello Julio, thanks for your response,

And what if i use a proxy server?, all my users will use the proxy,

so i'll lose the option to block users or ip?, with ip blocking i know there is no chance, because the ip that the CSC will se will be the proxy's, but with users, is there a chance, is these ID agent will help me although i use the proxy?.

Regards,

Juan Pablo

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card