Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1141
Views
0
Helpful
2
Replies

Testing IPS modules on ASA 5505

Go to solution
Christopher Clark
Level 1
Level 1

‎04-19-2012 04:43 PM - edited ‎03-10-2019 05:39 AM

How do you all test the IPS traffic on the AIP-SSC5 in a 5505, since the default signatures are retired and you can't unretire them, one cannot enable the signatures 2000-2012 on the 5505.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Karsten Iwen
VIP
VIP

‎03-13-2014 12:19 AM

Look at the web-signatures. There are a couple of them that shoudn't be retired. For example attacks like directory-traversal or access of cmd.exe. These can be easily tested in a browser or with a vulnerability scanner like nessus.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Saurav Lodh
Level 7
Level 7

‎03-12-2014 11:13 PM

Differences Between the Modules

The IPS module for the ASA 5510 and higher supports higher performance requirements, while the IPS module for the ASA 5505 is designed for a small office installation. The following features are supported for the ASA 5510 and higher, and not for the ASA 5505:

Virtual sensors

Anomaly detection

Unretirement of default retired signatures

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP

‎03-13-2014 12:19 AM

Look at the web-signatures. There are a couple of them that shoudn't be retired. For example attacks like directory-traversal or access of cmd.exe. These can be easily tested in a browser or with a vulnerability scanner like nessus.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card