Cisco ASA FirePOWER (SFR) Quick Start Guide

The ASA FirePOWER module supplies next-generation firewall services, including Next-Generation Intrusion Prevention System (NGIPS), Application Visibility and Control (AVC), URL filtering, and Advanced Malware Protection (AMP).

The ASA FirePOWER module runs a separate application from the ASA. The module can be a hardware module (on the ASA 5585-X only) or a software module (all other models).

As below snapshot shows Packet flow for software module;

Cisco ASA FirePOWER packet Flow

The module has a basic command line interface (CLI) for initial configuration and Read More »


Auto Secure Command on Cisco Routers – Part 2

In previous post we discussed about benefits & what auto secure command does on Cisco devices.

In this post we will see the configuration and it’s output.

Router#auto secure

— AutoSecure Configuration —

*** AutoSecure configuration enhances the security of

the router, but it will not make it absolutely resistant

to all security attacks ***

Read More »

Infrastructure Access List (iACL)

As we know, the main purpose of private IP address range (RFC 1918) is that they are used only for internal network (LAN). Therefore private IP address range should not be advertised on internet cloud.

Another IP address range is organization’s own public IP pool, purchased from IANA or provided by ISP, which is used for NAT. That range normally used for web server, mail server, LAN users etc. Hence this unique IP address range should not be seen as a source IP address on outside interface of the gateway router.

Read More »