Solved

how to integrate cisco security appliances in network

Posted on 2011-03-08
3
256 Views
Last Modified: 2012-05-11
Hi,
I am trying to put input into the design of our department network.  We have the following hardware and I'd like to know how to integrate them together for the best fit/practice.
3945 rtr
2 x 5520 ASA, 4250 IDS and Cacs appliance ADE1010.  I  am basically looking for a system that validates users before allowing them on the system and utilizes the firewall  to protect the system.

Some external or remote Users will access a webserver application remotely through Frame relay in through the 3945 rtr. Other remote users will access that same application through internet  DSL via a 2921 rtr.
Management Users will VPN into the system
I want everyone to be validated and I want the security to be installed where it is more effective.
Local users will access through another 2921.
Note we already have all this equipment. Eventually I hope to get a network person to configure but I want to be able to have meaningful input
0
Comment
Question by:Pete-Castillo
3 Comments
 
LVL 22

Accepted Solution

by:
Matt V earned 500 total points
ID: 35443814
Normally, you would place the ASA devices in between the edge router and your core router or core switch.

INTERNET -> ROUTER -> ASA -> LAN

The IDS device could either be placed on the LAN or in between the LAN and the ASA.

You can either have authentication (VPN etc) done at the edge router or the ASA, although the ASA is designed for VPN concentration more than the router.
0
 
LVL 68

Expert Comment

by:Qlemo
ID: 35810164
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
SSL RA VPN 7 78
Can't access DMZ from internal network 7 44
cisco switch stacking 6 35
Stack Switches in IOU  web V22 6 29
We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now