01-02-2009 09:12 AM
Hi,
I am looking into a 'Secure VPN' solution for Remote Access, only a small solution 10-20 users.
I have two main objectives :
To use SSL Technology, to ensure data confidentiality and more importantly, a solution to ensure VPN traffic is clean and scrubbed of any Malware. (it's imperative worms/viruses/malware are not spread into our datacentre from remote users). The solution must be provided on a cost affective budget.
Question: Will a ASA55XX armed with a IPS module (SSM-AIP) be sufficient for a "ANTI-X" UTM device ?
As I understand, the IPS module will protect against Worms, but not Anti-Virus and Spyware ?
Any Help would be really appreciated.
Thanks
Matt
01-02-2009 12:39 PM
Matt,
You are probably looking at a CSC-SSM solution for content secirity which is porbably more afordable for the size of users than a NAC solution or IPS solution for remote access, thats my opinion.
Content Secuirty CSC-SSM, have a look at CSC module and what it can provide in terms of content security and anti-virus
http://www.cisco.com/en/US/products/ps6823/index.html
Also Network Admission control is another solution but I believe is for a much larger infrastructure
http://www.cisco.com/en/US/products/ps6128/index.html#
You could implement SSL technology for example using annyconnect client in FULL tunnel mode and have complete control of VPN traffic in conjunction with CSC-SSM module.
Regards
01-14-2009 12:05 PM
Thank you for the response.
My only concearn is that the CSC-SSM does not catch worms, I would needs the IPS module to protect my servers from worms......
and the ASA5510 only allows one module, so its either the AIM-IP "or" the SSM.
uhmmm
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide