Im using anyconnect and SCEP proxy on the ASA, trying to get identity certs from a windows CA. I want the certs to have a common name of the user id of the person requesting, basically to take the username as the common name. Is there a way to take the login name across into the comman name as part of the cert request. In the anyconnect client profile you have the option of enrollment but if i set the Cn her it would use this for everybody ?
I want to use authentication based on certs. So each user requires their own cert based on common name. I presume then i can revoke the cert to prevent authentication ?
May 2016Splunk is a powerful tool for analyzing information in your organization by collecting, storing, alerting, reporting, and analyzing machine data. With Cisco platform Exchange Grid (pxGrid) Splunk is able to proactively act on received network secu...
Happy to announce that we have an updated version of our Enabling AMP on Content Security Products - Best Practices (v3.0). Please feel free to review if you have questions regarding deployment of AMP (File Reputation and File Analysis).
Updated: July 2018
New: Updated format , Netflow configuration examples per platform (End of Table)
Note: Remember the table is scrollable horizontally to view other columns, not only vertically
IOS / IOS XE
The goal of this guide is to illustrate the main concepts of TrustSec which are:
Classification: Classifying endpoints and servers with a Scalable Group Tag (SGT)
Propagation: Communicating SGT information through the network