cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1085
Views
0
Helpful
2
Replies
Highlighted
Frequent Contributor

Traffic flow in Network

Traffic Flow question from PC  to Outisde World

Hi Everyone,

Need to know traffic flow in network environment where we have ironport device,ASA  and Waas.

Ironport is used to block certain websites.

If user PC  access a website how will traffic flow from user PC  to the Outisde?

Need to know if ironport will check  website first ? will it then it ASA  or will it hit WAAS  first?

Need to know the order in which traffic will hit network devices  ironport ,ASA and WAAS

Thanks

Mahesh

2 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
Rising star

You would need to either give us a diagram of your network or describe how the path from inside to outside works.

Generally, if PC1 goes to www.google.com, it will go to it's default gateway first, from there (in your scenario), it will most likely go to the ironport, and then I bet the ironport has a route to go to the ASA, and to Outside. I don't have any experience with Waas to be honest with you. Just so you know, the ASA can also do Web Filtering. Of course there is a cost involved depending on if you got the right module with it and licensing it may by cheaper jus to keep the ironport which I completely understand.

View solution in original post

Highlighted

It's possible your ASA or your core switch (if Cisco) is configured with Cisco's WCCP. This enables transparent redirection of HTTP traffic to an IronPort appliance, so no client config needed:

http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/wccp.html

View solution in original post

2 REPLIES 2
Highlighted
Rising star

You would need to either give us a diagram of your network or describe how the path from inside to outside works.

Generally, if PC1 goes to www.google.com, it will go to it's default gateway first, from there (in your scenario), it will most likely go to the ironport, and then I bet the ironport has a route to go to the ASA, and to Outside. I don't have any experience with Waas to be honest with you. Just so you know, the ASA can also do Web Filtering. Of course there is a cost involved depending on if you got the right module with it and licensing it may by cheaper jus to keep the ironport which I completely understand.

View solution in original post

Highlighted

It's possible your ASA or your core switch (if Cisco) is configured with Cisco's WCCP. This enables transparent redirection of HTTP traffic to an IronPort appliance, so no client config needed:

http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/wccp.html

View solution in original post

Content for Community-Ad