Solved

PIX535 with Anti-Virus

Posted on 2006-06-14
13
305 Views
Last Modified: 2010-04-09
Hi Guys,

Has any one integrated the PIX 535 with any Anti-Virus Software.
I need to know some details

thanks
Naren
0
Comment
Question by:r_naren22atyahoo
  • 5
  • 5
  • 2
13 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 16908810
No
The new ASA line does have in-line AV integrated, but there is nothing for the PIX
0
 
LVL 12

Author Comment

by:r_naren22atyahoo
ID: 16908894
I have seen this document
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a008007d05d.html
 
and I assumed that there could be some integration that can be done
This was the quote from the above link
--------------------------
Integration with Leading Third-Party Solutions | . Supports the broad range of Cisco Technology Developer partner solutions that provide URL filtering,
                                                                   |     content  filtering, virus protection, scalable remote management, and more
                                                                                                   ------------------
------------------------

is there any ?????
 
regards
Nare
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 16909567
As far as I know, there is none and even if there is one then it is Trend Micro since they have it for IDS/IPS devices.

Cheers,
Rajesh
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 12

Author Comment

by:r_naren22atyahoo
ID: 16916508
I am trying to integrate the

-------------PIX535-----(Cisco ACS4.1)&(AAA-Server)-------------Trend Micro.

Some thing like, if virus found, add an access rule to pix will be added by the policy server(ACS) to restrict the access of infected user to other network.

Any Ideas???

regards
naren
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 16917350
It's called Clean Access
http://www.cisco.com/en/US/products/products_security_advisory09186a00804f3127.shtml
It is not yet integrated with PIX/ASA/ACS - at least not that I'm aware of.
0
 
LVL 12

Author Comment

by:r_naren22atyahoo
ID: 16917752
Could you look at this please, guys
http://www.experts-exchange.com/Security/Q_21888521.html
0
 
LVL 12

Author Comment

by:r_naren22atyahoo
ID: 17066531
sorry for not keeping in touch, i did some research and found of this

PIX 7.2(1) does have NAC.
Trend has some anti-virus solutions integrating with NAC devices
http://cisco.com/en/US/partner/products/ps6120/products_configuration_guide_chapter09186a008066ebb8.html

http://www.trendmicro.com/en/products/desktop/osce/evaluate/overview.htm
 
I have to do some more research on the integration

regards
Naren
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17066978
Integration front right now, I know that CSIDS products with 5.x version of softwares are done with TrendMicro signatures => Outbreak prevention...

Cheers,
Rajesh
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17066979
So if you had an ASA box with IDS integration card, you could do it.

Cheers,
Rajesh
0
 
LVL 12

Author Comment

by:r_naren22atyahoo
ID: 17067264
Hi Rajesh,

This is not an ASA Box :(
its PIX 535 Enterprice licence.

have you had any experiance before with this type of integration?????

I am expecting some thing like this but not sure

             Clients/Servers------------Network--------PIX535------Cisco ACS with AAA Server----Trend Micro Server
     with Cisco Clean Access &
         Trend-Micro Client

regards
Naren
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 250 total points
ID: 17067309
Yeah, I know :-) For IDS there is a direct integration and I know that. But what you're looking for is available only as part of NAC introduced fairly recent (In a sense, dev is still going on)

The network diagram you wrote there is exacly how it is; 2 ways basically along with the CSA client, a new component called CTA (Cisco trust agent) also will be pushed to the clients which in turn takes care of of the talking to NAC enabled device for compliance.

Unfortunately I don't have CCO access now (I work for Juniper now :-)). So I don't have a way of looking things.

Cheers,
Rajesh
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17070427
thnx for the points Naren.

Cheers,
Rajesh
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question