Posted on by pandom

The Context aware modules for the Cisco ASA provide enhanced functionality for L7 services. These include but are not limited to URL category/reputation databases, HTTP inspections, AVC, TLS proxy, TCP Proxy, and Multiple Policy decision points. The management of these…

Posted on by pandom

The ASA SSP module is the traditional firewall module found in the 5585-x chassis. It performs the default firewall roles and has the standard firewall features. If you’re looking to do some detailed L7 work with focus on user authentication,…

Posted on by pandom

–Network Address Translation, ASA 8.2 NAT is required for a number of scenarios and can be used in the most unusual places. Most common is translation of a private RFC 1918 address into a globally routed public IP address. An…

Posted on by pandom

–Routing on ASA– The ASA supports static and dynamic routing protocols. As of ASA code release 8.3+ most routing protocols are supported. OSPF, EIGRP, RIPv2, and static routing are the protocols the ASA can use. Static Routes Static routes are…

Posted on by pandom

–Transparent and Routed Firewalls– There are two modes in which you can have your firewall; routed or transparent mode. Each mode will treat the packets differently and operate in its own way. Depending on your requirements of your design you…

Posted on by pandom

The Cisco ASA line has some serious bad juju when mentioned in networking circles. Example of this is of my mentor, Kurt Bales. He is a Juniper champion, JNCIE candidate, and all around network guru. His background lent it self…

Posted on by pandom

The importance of time should not be under estimated. NTP allows synchronisation of clock information across your network. I am labbing my ASA inside GNS3 and want to set up a router to be the Timekeeper! The idea of this firewall…