we need to set an IDS in order to analyze traffic coming from 2 Gigabit Routers on a switch Catalyst 3508XL with all the 8 port occupied. SO any idea about which kind of solution we can use (TAP....)?
router1 --a-- router2 --b-- router3router1 connected to internet1router2 connected to internet2 with serversrouter3 connected to internet3 with serversAll three routers are in different locations with their own correspondinginternet connections. All ...
1. In out network, I have several 7206VXR routers at certain strategic nodes within the network. A select group of engineers are allowed to make configuration changes. There are another 800 network devices which use the TACACs server for secure lo...
Hello, We have a new project with IDS and We wants to install the IDS 4250 (chassis, s/w, SHH, 1000BaseSX w/ SC connector) in our LAN We have a Catalyst 5500, with a 1000BaseSX port. We want to monitor the traffic of 6 VLAN or even more in this 100...
when an inside server get static translated to a inside global addresscan I use the global address to access the server from inside host? it seems not workI wonder the work process about cisco natthks
Hi, We have an AS5800 access server and 7206 router; Which I need know how to map async interface with nas ports, as our AAA server authentication is based on nas ports. Per say, async interface 1/2/00 to 1/2/143 should me mapped as nas ports. I...
Is it possible to block traffic for a certain time (e.g. 5 minutes) for an address range (all users in 192.16.18.0) after a TCP SYN flooding attack has occured?To prevent the SYN flooding we use the ip tcp intercept command, but with that, there is n...
Hi,I have a FTP Server on the DMZ interface, for which i want to allow Inside Users Access.With the current configuration, i have ALL inside users being NATed to the Outside Interface for Web Access.< nat (inside) 1 0.0.0.0 0.0.0.0 0 0><global (outsi...
Hi alli want to block access to a web site ip 65.89.168.6 using a outbound statement.This is the config so far:outbound 10 deny 65.89.168.6 255.255.255.255 80 tcpoutbound 10 permit 0.0.0.0 0.0.0.0 0 tcpapply (outside) 10 outgoing_destI've used an o...
question: under the cspm2.3.3i, how do you set up the cspm server to bring the event logs to the SQL server -or is it possible -thinking about integrating Oracle back end . Are there SQL schemas available? Where could I get more info -- been looking ...
Hosts on an internal subnet that is 2 hops away are unable to connect to our DMZ. Here's the network layout...192.168.50.0<DMZ<---PIX<---192.168.0.0<---192.168.3.0Hosts on the 192.168.3.0 cannot access the 192.168.50.0 hosts on the DMZ unless aided ...
The router is a 3620 IOS 12.0(24), with an ethernet and a serial interface. Each interface has a pair of inbound and outbound ACLs, which are exact reciprocals of each other. A single test packet that matches any entry (either permit or deny) should ...
Hi,When doing some Exceptions with the Host IDS console, the documentation is a bit confusing about the format of a wildcard in the "Advanced details" panel. The "Entercept" documentation :D:\subdirectory1\*and Cisco Host IDS documentation says :D:...
I have heard a rumor that a program/app/utility exists that will take the access rules and conduits list from the pix and convert it into access lists.Has anyone also heard this ? Has anyone found this?Thank you
