Threat Response integrates with Cisco's Web Security Appliance (WSA) to provide visibility into web-bourne threats. By adding a Web Security or SMA Web module to Threat Response, investigators will be able to search for domains, URLs, and file hashes that have been recorded by your WSA, or by your SMA managing WSA devices.
Threat Response integrates with Cisco Web Security in one of two ways: Directly from the WSA, or via an SMA. Each has its own module, but either will bring web visibility into your investigations performed in Threat Response.
Both modules (WSA and SMA Web) are enrichment modules. The WSA and/or SMA modules allows investigators to take actions such as searching web traffic records across data from either one WSA (SA module) or all WSAs connected to the SMA (SMA module). Multiple WSA modules may be configured, if the user has multiple WSAs but no SMA.
For a guided step by step walkthrough on how to quickly configure these products to work with Threat Response, view the related topics in the in-product help in the Threat Response portal.
So i was testing a new ACL and DACL, and notice that when made a shut and no shut, on the port where my lab host was at the machine would lose its DHCP Adress, but after 10 secones it would regain the IP and then 1 sec later lose it again. &nbs...
I have a scenario in which AnyConnect to an ASA is already using ISE for authentication against AD with a machine certificate and user/pass combination. It is now desired to add Azure MFA to this flow. A Microsoft NPS server is already deploye...
I have an IPSEC VPN Network that I have configured. The network uses EIGRP to connect to each other. My ACL is a Named Extended Network. The two nodes that I want to communicate with each other won't communicate with each other. To be more specific, USER_...