ASA deployment

Posted on 2012-08-17
Medium Priority
Last Modified: 2012-08-20
I’ve been asked to deploy a dozen Cisco ASA’s to remote location with ISP modules and botnet filtering. If Im going to deploy these, why not take advantage of a few more options/features that the ASA offer; however, I’m not familiar with the ASA’s so maybe someone can recommend other options that might be useful for these remote sites e.g. ssl/vpn w/ 2 factor authentication. I’m looking for ideas to improve upon the security at these locations. Advice is welcome??
Question by:DEFclub
LVL 37

Assisted Solution

ArneLovius earned 750 total points
ID: 38307760
I presume you mean IPS modules.

The ASA does not include two factor auth, but it can be used with two factor auth.

I tend to use the SSL VPN instead of IPSec for most deployments these days, and for increased security (at the cost of ease of use) use private PKI instead of public certificates.

For managing multiple ASAs, you might want to look at Cisco Security Manager.
LVL 35

Accepted Solution

Ernie Beek earned 750 total points
ID: 38311278
If these are remote locations to one and the same company, you might consider setting up site2site VPNs to connect the remotes to the headoffice.

And like ArneLovius said, you can use SSL VPNs to provide specific services in a secure way (file server acces, RDP access, etc): http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00806ea271.shtml

Author Closing Comment

ID: 38312987

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question