Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I want to know that cisco next-genFw e.g Firepower 9300 have WAF capabilities where as other vendors such as Palo Alto insists it as a separate product/appliance. Not integrating it as one. I'm looking what cisco motivation behind integrating into si...
I want to know what options exists in cisco platforms for following scenario "We are looking to update the infra which currently houses a linux box working as reverse proxy and mod sec which does application layer inspection. The box later re-encr...
We have CISCO ASA 5585 with a separate module for IPS, I want to know what are the options for configuring syslog? Its nearly impossible to find ; and there are some forums on the internet which says that cisco ips stores logs in native / proprietary...
We have CISCO ASA 5585 with a separate module for IPS, I want to know what are the options for configuring syslog? Its nearly impossible to find ; and there are some forums on the internet which says that cisco ips stores logs in native / proprietar...
Marvin,
It's okay no problem at all.To err is human:).
So, what any cisco ips would do inbound ssl inspection or esp class like firepower intrgerated module.
Can you point to exact ips that enables this feature?
Marvin, Thanks for giving much needed clarity on the subject. However, I'm stuck on something which I'm not able to locate in CWSA datasheets, this is in regard to how for e.g inbound ssl mode web-attack such sql injection will be handled / absorbed ...
Thanks Marvin,That's interesting you mentioned the big-names in load-balancing tech e.g F5 and others, I researched F5 for a few hours and the term they used to describe the concept of "decrypt-inspect-re-encrypt" as ssl-bridging. Now, what I know it...
You are great help.Really I wish there were more cooperating tech profoessionals like you.:)
On cisco docs it said WAS wouldn't not support "server cert" on appliance, only "root" it makes sense if setup is for outgoing connections for which there a...
John, What about inspection is the connector outside the CWS or in one box? Who is responsible for layer 7 inspection, also can the same setup be used as incoming ssl decryption instead of outbound? thanks.
