ASA deployment

I’ve been asked to deploy a dozen Cisco ASA’s to remote location with ISP modules and botnet filtering. If Im going to deploy these, why not take advantage of a few more options/features that the ASA offer; however, I’m not familiar with the ASA’s so maybe someone can recommend other options that might be useful for these remote sites e.g. ssl/vpn w/ 2 factor authentication. I’m looking for ideas to improve upon the security at these locations. Advice is welcome??
DEFclubAsked:
Who is Participating?
 
Ernie BeekExpertCommented:
If these are remote locations to one and the same company, you might consider setting up site2site VPNs to connect the remotes to the headoffice.

And like ArneLovius said, you can use SSL VPNs to provide specific services in a secure way (file server acces, RDP access, etc): http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00806ea271.shtml
0
 
ArneLoviusCommented:
I presume you mean IPS modules.

The ASA does not include two factor auth, but it can be used with two factor auth.

I tend to use the SSL VPN instead of IPSec for most deployments these days, and for increased security (at the cost of ease of use) use private PKI instead of public certificates.

For managing multiple ASAs, you might want to look at Cisco Security Manager.
0
 
DEFclubAuthor Commented:
thxs
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.