Can you please provide more information on your request.

Regards,

Ziad

Dear zsariedd

Regarding Proxy, i know that ASA can work as Voice Proxy and in previous comment by rkasavar state that ASA can work as Proxy server, i want a link to this.

Regarding web content security, we know that ASA 5520 can has CSC module, what are the differences between this in ASA and IronPort web Content Security appliance (dont take number of user in your consideration).

regarding QoS i know that it is possible to manage the users bandwidth using Qos in ASA using ip address. is this OK?

Regarding websense, Cybroum and blue Coat, i need to know if ASA can do their function even with limited capabilites.

As i said before i want to manage my local users (2000 users), their bandwidth (ex. i want to give some of them a 10KB BW) and their download (ex. limit the download for each user to 100 MB)also i want to monitor my users internet using (ex. i want to know their chating details).

In summary i want the functions of Websense , Cybroam and Blue Coat to be implemented from ASA 5520 , please give me a link to any document the describe these in ASA or any other CISCO products. Please give me links.

best regards

thaar al_taiey

@thaar.altaiey

Thank you for your interest in Cisco Security - you have many great questions. Please refer to the NetPro Firewall conversations for questions on ASA

http://forum.cisco.com/eforum/servlet/NetProf;jsessionid=74EADD4072F7E8AED6DE317B22CAEABD.SJ4B?page=netprof&forum=Security&topic=Firewalling&CommCmd=MB%3Fcmd%3Ddisplay_messages%26mode%3Dnew%26location%3D.ee6e1fa

or feel free to contact your local Support or reseller contact. If you have any additional questions for Cisco Security Management, I am available to answer to them.

Regards,

Ziad

Dear Ziad

If I found the answers to my Q's in NetPro ASA or from others iam not asking The Expert. I post a message in NetPro before about one week and nobody reply.

So please if you could answer my Q's with liks in Cisco.com

best regards

thaar al_taiey

@dzingirai

Can you please provide more information on your request.

Regards,

Ziad

Peng,

Here is a link for Radius attributes that you may find useful. For any specific attribute that are not listed I would suggest working with TAC.

http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/A_RADAtr.html

Regards,

Ziad

The BU's official response is below.

Regards,

Anil

October 30, 2009

Cisco response to Gartner Research Memo entitled “Cisco MARS Is Becoming Less Viable as a General SIEM Solution”

Summary

• Gartner has alerted its customers that as Cisco continues to focus its security management efforts on Cisco devices, MARS appliances may become less viable for the broad set of “general” SIEM use cases.

• Gartner concludes that Cisco's focus on native management capabilities for our devices is a positive direction.

• For customers with primarily Cisco event sources on their network, Gartner recommends that MARS still provides a strong platform for security threat management (STM) and network behavior analysis (NBA) capabilities.

Details

On October 29th, 2009, Gartner released a research note titled “Cisco MARS Is Becoming Less Viable as a General SIEM Solution.” This note is in response to Cisco's stated direction to focus CS-MARS development on supporting Cisco-built network security devices and critical host operating systems. Non-Cisco network device data and signature updates continue to be supported in CS-MARS for the current versions of these 3rd-party systems.

In the memo, Gartner concludes that “Cisco will focus its efforts on improving Cisco's native security management capabilities,” which they note as a positive direction for Cisco's overall Security portfolio.

In the past, we have encouraged Gartner to break up this crowded space as it encompasses a vast array of use cases spanning compliance reporting, log aggregation, threat identification, and mitigation. While MARS has been placed in the SIEM market, it has never fully covered all aspects of the Gartner-defined space. Over the last year, as we have focused on the core Security Threat Management use cases for Cisco products, Cisco has de-emphasized compliance reporting and non-Cisco devices.

In particular for Cisco customers, it is important to note Gartner's recommendation that MARS continues to provide strong STM and NBA capabilities for Cisco event sources.

Hello Raghu/Ziad,

I would like to know that unlike Cisco why is it so difficult to find User/Configuration/Administration guides for Cisco IronPort devices. I spent hours searching IronPort configuration guides on the Net but didn't find one. Does IronPort have any proprietary laws which restrict them from publishing such information.

Thanks.

@tech_trac

We're in the process of adding IronPort documentation to Cisco.com in the mean time, customers and partners can access the files at the IronPort customer support portal.

http://www.ironport.com/support/

If you are unable to find the info you need please contact your Cisco local Support or reseller contact.

Regards,

Ziad

Hi,

I'm not an expert on Exchange but I believe you need to use a WINS server or LMHOSTS file to specify IP address for the Exchange server's NetBios name. Since your remote PC is not on local LAN, it will need ways to resolve name to IP address.

Hope that helps,