Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Capturing Web Traffic on a CISCO ASA 5520

Posted on 2010-11-18
4
Medium Priority
?
732 Views
Last Modified: 2012-08-13
good day everyone,

we have a cisco ASA 5520 which has syslog capabilites but i do not see where i can monitor websites our users are hitting, is there any way to get this done via the ASDM or with a third-party application that works with the ASA device or is inexpensive or open source? thank you all.

GL137
0
Comment
Question by:GridLock137
  • 2
  • 2
4 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 34165478
If you turn on http inspection, the normal syslog will capture the URL requests.    

Example:
Sample URL Log
The following is an example of a URL logging syslog message:
192.168.69.71 accessed URL 10.0.0.1/secrets.gif

You can change the class inspection to include http if needed.   Just follow this doc to do so:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008085283d.shtml
0
 
LVL 7

Author Comment

by:GridLock137
ID: 34166194
where is the ASA device manager can i do this?
0
 
LVL 33

Accepted Solution

by:
MikeKane earned 2000 total points
ID: 34166685
Its in CONFIGURATION -> FIREWALL -> SERVICE POLICY RULES  

Here's a doc that explains how to do it.  ( I wasn't sure about your version, buts its pretty much the same)
http://www.cisco.com/en/US/docs/security/asdm/6_1/user/guide/inspctrl.html#wp1142285
0
 
LVL 7

Author Closing Comment

by:GridLock137
ID: 34167330
thank you.
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question