The ASA FirePOWER module supplies next-generation firewall services, including Next-Generation Intrusion Prevention System (NGIPS), Application Visibility and Control (AVC), URL filtering, and Advanced Malware Protection (AMP).
The ASA FirePOWER module runs a separate application from the ASA. The module can be a hardware module (on the ASA 5585-X only) or a software module (all other models).
As below snapshot shows Packet flow for software module;
The module has a basic command line interface (CLI) for initial configuration and Read More »
In previous post we discussed about benefits & what auto secure command does on Cisco devices.
In this post we will see the configuration and it’s output.
— AutoSecure Configuration —
*** AutoSecure configuration enhances the security of
the router, but it will not make it absolutely resistant
to all security attacks ***
Read More »
As we know, the main purpose of private IP address range (RFC 1918) is that they are used only for internal network (LAN). Therefore private IP address range should not be advertised on internet cloud.
Another IP address range is organization’s own public IP pool, purchased from IANA or provided by ISP, which is used for NAT. That range normally used for web server, mail server, LAN users etc. Hence this unique IP address range should not be seen as a source IP address on outside interface of the gateway router.
Read More »