• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 599
  • Last Modified:

ASA IPS software module


Can I use the software ASA IPS module to detect and report on "outgoing" traffic from inside network

I require detail on ports being used - the traffic flows - virus's etc, unusual traffic - Im only interested in Intrusion detection (IDS) at this stage - reporting on traffic going "out" only

1 Solution
philb19Author Commented:
its the software module on asa 5515
btanExec ConsultantCommented:
egress (or outbound) will be inspected as well - you can check out this flowchart
...the following order:
    ACL’s will be checked first.
    NAT rules will checked second.
    Inspect policies will applied next.
    Then after all that the packet enters IPS-AIM Module for inspection, after that it leaves through the egress interface.
More details in the inline (more secure) and Promiscuous (less secure) mode
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now