Solved

ASA IPS software module

Posted on 2014-10-09
2
527 Views
Last Modified: 2014-10-13
Hi

Can I use the software ASA IPS module to detect and report on "outgoing" traffic from inside network

I require detail on ports being used - the traffic flows - virus's etc, unusual traffic - Im only interested in Intrusion detection (IDS) at this stage - reporting on traffic going "out" only

thanks
0
Comment
Question by:philb19
2 Comments
 

Author Comment

by:philb19
ID: 40370411
its the software module on asa 5515
0
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 40372257
egress (or outbound) will be inspected as well - you can check out this flowchart
http://ccie-or-null.net/2011/11/15/packet-flow-through-a-cisco-asa/
...the following order:
    ACL’s will be checked first.
    NAT rules will checked second.
    Inspect policies will applied next.
    Then after all that the packet enters IPS-AIM Module for inspection, after that it leaves through the egress interface.
More details in the inline (more secure) and Promiscuous (less secure) mode
http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/ips.html#wp1050744
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Losing network connectivity 8 70
networking details on centos 6.6 4 49
slow vpn connection 9 39
Valid LIN protocol Protected ID values 1 18
Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now