03-19-2010 12:29 PM - edited 03-10-2019 04:55 AM
I am taking over a customer, and they want to know about the potential of a IDS/IPS
with their ASA5505. But, I can't tell if it's default or an additional license.
03-19-2010 01:18 PM
The IPS cards for the 5505s are sold separately.
I hope it answers the question.
PK
03-19-2010 01:38 PM
The way I have come to understand it, there is a basic set of signatures, DOS Attacks, etc., that are included, but the fancier application layer stuff is additional, correct?
04-03-2010 06:35 AM
Not really, there are no basic signature on the ASA itself. ASA has inspection engine for a few protocols but it has different functionality to IPS inspection engine. Here is the ASA inspection if you are interested:
http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/i2.html
In regards to DOS attacks, there is basic threat detection in ASA, and here is the URL for your reference:
http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/t.html#wp1482339
Hope that helps.
04-05-2010 11:52 AM
There are basic IPS signatures in the base ASA code/feature set.
See attached picture of IPS Signatures in my ASDM.
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/conns_protect.html#wp1056358
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide