About csmith

csmith · 04-22-2005

We are configuring ACS for use with external user datbases (e.g., Active Directory) in an environment with multiple domains and no trust between them (multiple business units).- Can ACS access mutliple domains (of the same or different type), with th...

csmith · 09-08-2004

We have a pair of 515 firewalls in a failover configuration (cable not LAN based failover). The firewalls are being upgraded from the current 4 port ethernet to 6 ports - two single ethernet NIC's are being removed and replaced with the 4FE on each ...

csmith · 02-12-2004

New CSA 4.0 implementation, attempting to deploy the initial standard laptop agent kit. Installation of the kit works fine on the client laptop, which includes the installation of the network shim (prompted during interactive installation).During st...

csmith · 09-25-2003

There is some confusion regarding the security settings moving from VXWorks to IOS.Original authentication and encryption settings were leap + tkip (with mic and per packet keying as provided by tkip).Using the CAC conversion tool to migrate to IOS, ...

csmith · 05-15-2003

Encountering an issue with the CSS/SSL Accellerator - when a page is accessed through the ssl accellerator without a trailing "/" on directory entries, a page not found is being encountered instead of a lookup for a configured index page in that dire...

csmith · 10-16-2007

Have you considered segmentation of security events between companies in the MARS appliance? The MARS does not 'segment' events between different organizations (afaik), security events between all hosted companies would be aggregated in the MARS app...

csmith · 03-03-2004

Thanks - long response in replying, but the upgrade to version 4.01 did resolve the problem. Removing the previous version of the CSA agent and installing the new kit resulted in the Shim working fine, no other applications were modified.

csmith · 09-30-2003

LEAP authentication requires Cisco Secure ACS or a CCX-Compliant radius server on the back end (i.e. Funk Steel Belted, Free Radius). IAS doesn't have the CCX extensions and can't process LEAP authentication requests.Additionally, IAS runs on Win2k,...

csmith · 05-18-2003

IDS can be complicated without implementing the system into your overall security approach - as with any control, it should complement other controls (i.e. your firewall), and an overall approach should be developed to IDS implementation. KEEP IT SI...

csmith · 07-16-2002

I don't believe this is possible when the PIX the server next hop and providing the address translation service - a packet cannot be received and sent back out the same interface of a PIX based on the firewall security architecture. Additionally, if...

Member Since	‎06-05-2002 09:47 AM
Date Last Visited	‎08-18-2017 03:51 AM
Posts	11

User Statistics

User Activity

ACS with multiple external databases

PIX 515 Interface Upgrade

CSA Network Shim

VXWorks to IOS Security Configuration

Index page access with CSS/SSL Accellerator

Re: Wise usage of MARS by hosting company?

Re: CSA Network Shim

Re: Wireless Authentication using IAS in a Windows NT 4.0 enviro

Re: The better way to implement IDS

Re: PROBLEMS WITH NAT