[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Is CISCO ASA webvpn secure?

Posted on 2008-11-18
1
Medium Priority
?
835 Views
Last Modified: 2012-05-05
I'm considering allowing my users remote access to exchange webmail and the intranet via the webvpn feature on the Cisco ASA.  I propose to set up the webvpn to allow http access only, whilst user authentication will be against our AD.

Can anyone advise if there are any pitfalls or security risks to consider in doing this?

Any advice, thoughts, comments most welcome, cheers.
0
Comment
Question by:stemc
1 Comment
 
LVL 15

Accepted Solution

by:
bignewf earned 400 total points
ID: 22990809
Cisco ASA Web VPN has known vulnerabilites, which I provided additional links below.

If you are deploying this, then make sure you employ certificates as well as RADIUS authentication for Active Directory.

http://www.securiteam.com/securitynews/5PP0620PFI.html
http://www.cisco.com/warp/public/707/cisco-sa-20080903-asa.shtml

Depending on the nature of your security requirements, you might want to deploy the Remote access vpn client with RSA SEcure ID

Again, certificates + an AAA server increase your security than out of the box default configurations
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses
Course of the Month19 days, 16 hours left to enroll

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question