Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Is it possible with the asa5516 to automatically deny a host if it starts multiple sessions to a specific destination IP and specific destination port in a predefined time frame?
An example:
When a host sends 10 tcp packets with the syn flag to a sp...
Since 2 weeks I'm using the FirePOWER management Center (VMWare) with my ASA5516-X. I have configured the DC to do network discovery on my network and I'm very suprised by the presumed Operating Systems in my network. It thinks the Windows 10 devices...
Hi Marvin,
Most of our host are correctly identified as Windows 10 now, but not all of them. I have to monitor it for a while before I can take any good conclusions about this update.
On 06-APR-2017 Cisco release VDB version 280 for the FirePOWER Management Center. This version finally supports Windows 10 and Windows Server 2012r2 so this issue is solved
The following reaction from Cisco on 11-21-2016:
I have received a response from Engineering and it looks like the issue is that we need to add OS mapping for these Operating Systems which are not being identified correctly. There is no workaround fo...
Ok, the problem with the SYN Attack Prevention seems to be a bug in the Rate-Based attack preprocessor. They have created a bug ticket to fix this issue:
https://tools.cisco.com/bugsearch/bug/CSCvb36855
