About CSCO10662744_2

CSCO10662744_2 · 08-09-2017

Hi all,We have Prime Infra 3.1.0, and are hoping to send NetFlow from ASA to it, to see traffic pattern & utilization, etc.Is this supported?3.0 release notes say it's not supported:"NetFlow data from Cisco Adaptive Security Appliance (ASA) is not su...

CSCO10662744_2 · 05-15-2017

I'm trying to apply an ACL to the SVI to block certain ports as temporary security measure. Does traffic in the same VLAN go through the SVI, and be subject to the applied ACL, assuming the flows have to go through the L3 switch because it's in the m...

CSCO10662744_2 · 05-13-2017

//ASA w/ FirePOWER Several months ago I read that you can manage the FirePOWER soft module via ASDM on the smaller ASA's such as 5506 & 5515.Does that mean I wouldn't need FMC at all? (I can manage, and monitor everything through ASDM?)Has that list ...

CSCO10662744_2 · 05-02-2017

Can ASA (specifically 5506) support "switchport voice vlan" command like on the Catalyst switches? We have a need to allow users to connect their PC's to phones, then connect phones to the ASA ports, so that we can avoid needing an actual switch, as ...

CSCO10662744_2 · 04-27-2017

Now that FTD & FirePOWER service module are available on NGFW platform, why & when would I need a dedicated IPS? Wouldn't it be more cost effective to just have one NGFW that can perform multiple functions, instead of a dedicated IPS appliance, that ...

CSCO10662744_2 · 05-15-2017

Thank you for the follow-up. The switch has no TCAM carved to do VACL, so I anticipate if we try to apply a VACL to a VLAN, the N9K would complain there's no memory for it. When I do "show system internal access-list globals" VACL has no memory rese...

CSCO10662744_2 · 05-15-2017

Thank you so much for the quick response. Unfortunately our N9K's are not configured to support VACL, so we'll need to look elsewhere to implement this block. (due to TCAM resource regions...we didn't think we'd need to do VACLs)

CSCO10662744_2 · 05-13-2017

Thanks Marvin. In my previous deployment, I did use an FMC, but was curious to know what capabilities you have WITHOUT it. For example, don't AMP & URL-filter go through FMC? Do the ASA's & FTD's just handle all functions via the local devices/sensor...

CSCO10662744_2 · 05-08-2017

Thank you for the reply.

CSCO10662744_2 · 05-08-2017

We went w/ 3.6.6 to be safe, but I too, am interested in knowing how stable Denali is, from anyone who's deployed it in production.

Member Since	‎08-03-2005 09:06 PM
Date Last Visited	‎08-18-2017 03:55 AM
Posts	157
Total Helpful Votes Received	23

User Statistics

User Activity

Prime Infrastructure 3.1 - ASA NetFlow

Does switched traffic go through SVI?

Is FMC always required for Firepower?

ASA - switchport voice VLAN

Why dedicated IPS?

Thank you for the follow-up.

Thank you so much for the

Thanks Marvin.

Thank you for the reply.

We went w/ 3.6.6 to be safe,