Solved

how to integrate cisco security appliances in network

Posted on 2011-03-08
3
275 Views
Last Modified: 2012-05-11
Hi,
I am trying to put input into the design of our department network.  We have the following hardware and I'd like to know how to integrate them together for the best fit/practice.
3945 rtr
2 x 5520 ASA, 4250 IDS and Cacs appliance ADE1010.  I  am basically looking for a system that validates users before allowing them on the system and utilizes the firewall  to protect the system.

Some external or remote Users will access a webserver application remotely through Frame relay in through the 3945 rtr. Other remote users will access that same application through internet  DSL via a 2921 rtr.
Management Users will VPN into the system
I want everyone to be validated and I want the security to be installed where it is more effective.
Local users will access through another 2921.
Note we already have all this equipment. Eventually I hope to get a network person to configure but I want to be able to have meaningful input
0
Comment
Question by:Pete-Castillo
3 Comments
 
LVL 22

Accepted Solution

by:
Matt V earned 500 total points
ID: 35443814
Normally, you would place the ASA devices in between the edge router and your core router or core switch.

INTERNET -> ROUTER -> ASA -> LAN

The IDS device could either be placed on the LAN or in between the LAN and the ASA.

You can either have authentication (VPN etc) done at the edge router or the ASA, although the ASA is designed for VPN concentration more than the router.
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 35810164
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question