Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

ASA IPS software module

Posted on 2014-10-09
2
Medium Priority
?
576 Views
Last Modified: 2014-10-13
Hi

Can I use the software ASA IPS module to detect and report on "outgoing" traffic from inside network

I require detail on ports being used - the traffic flows - virus's etc, unusual traffic - Im only interested in Intrusion detection (IDS) at this stage - reporting on traffic going "out" only

thanks
0
Comment
Question by:philb19
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Author Comment

by:philb19
ID: 40370411
its the software module on asa 5515
0
 
LVL 64

Accepted Solution

by:
btan earned 2000 total points
ID: 40372257
egress (or outbound) will be inspected as well - you can check out this flowchart
http://ccie-or-null.net/2011/11/15/packet-flow-through-a-cisco-asa/
...the following order:
    ACL’s will be checked first.
    NAT rules will checked second.
    Inspect policies will applied next.
    Then after all that the packet enters IPS-AIM Module for inspection, after that it leaves through the egress interface.
More details in the inline (more secure) and Promiscuous (less secure) mode
http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/ips.html#wp1050744
0

Featured Post

Understanding Web Applications

Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites.  So, what is the difference?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
This program is used to assist in finding and resolving common problems with wireless connections.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question