Solved

ASA IPS software module

Posted on 2014-10-09
2
535 Views
Last Modified: 2014-10-13
Hi

Can I use the software ASA IPS module to detect and report on "outgoing" traffic from inside network

I require detail on ports being used - the traffic flows - virus's etc, unusual traffic - Im only interested in Intrusion detection (IDS) at this stage - reporting on traffic going "out" only

thanks
0
Comment
Question by:philb19
2 Comments
 

Author Comment

by:philb19
ID: 40370411
its the software module on asa 5515
0
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 40372257
egress (or outbound) will be inspected as well - you can check out this flowchart
http://ccie-or-null.net/2011/11/15/packet-flow-through-a-cisco-asa/
...the following order:
    ACL’s will be checked first.
    NAT rules will checked second.
    Inspect policies will applied next.
    Then after all that the packet enters IPS-AIM Module for inspection, after that it leaves through the egress interface.
More details in the inline (more secure) and Promiscuous (less secure) mode
http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/ips.html#wp1050744
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port group in esxi 6 78
How to get windows DNS resolve to internal address? 3 34
Dns issues 4 38
Guest Wi-Fi Time out 3 23
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question