Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a newbie question involving the following scenario:WAN Router with 2 WIC cards are connected to 2 ISPs:Internal network > Firewall > WAN Router (ISP1 1.1.1.1/24, ISP2 2.2.2.2/24)Publicly available servers are currently nat'ed by the firewall t...
Does Cisco have any recommendations on putting CTA on servers and using NAC?This is more in anticipation of NAC on switches. If you have good physical security over how servers connect to and disconnect from a switch, and you have good control over s...
I just checked a fresh install of CSA 5.1 and rule 596 is a high priority deny for all ip traffic. I do not agree with changing that rule to straight deny or to deny server only. The reason that rule kicks in is because your systems are "Set" as root...
I don't believe it's the netshim, and I wouldn't disable the other CSA components just yet. You folks may want to check your list of Untrusted applications on your machines. If you double-click on the flag, it is under System Security > Untrusted app...
1) as tsteger1 said, you need to give more information on which rule is noisy. Rule ID's aren't sufficient. The rule module name and OS and description is usually sufficient to identify a rule. 2) This is my guess as to what's actually happening. Whe...
Since some of these features are new, I suspect most people are still trying to find the best way to do things. Having said that, this is what I think.1) you don't have to replicate every deny rule and change it to allow. If you create a few allow ru...
