Re: ASA with IPS
- From: Omar Salvador Alcalá Ruiz <oalcala@xxxxxxxxxxxxx>
- Date: Tue, 28 Sep 2010 19:25:50 -0500
If the asa fw/ips is your main source for attacks, then the noise will be there forever.
Keep in mind that FWs report all hits on a specific rule. The outbound FW will receive too much garbage from "the wild". That said, the "deny all" rule will keep u with tons of logs, and your monitoring is useless from that standpoint.
I would recommend to establish what you want to monitor and bear in mind that the least place where you will get appropriate information is the deny all rule from the outbound FW/IPS. Moreover, what you need is some SIEM tool that will help u accomplish your attack alerting levels. I believe you might need different sources, to get appropriate logs in order to get attack reports
Hth
Omar
------Original Message------
From: Dan Vultur
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: ASA with IPS
Sent: Sep 28, 2010 02:47
Hello list,
I am interested in tunning the IPS on the ASA we have in the company and I would
like to know where can I find some quick tips/rules.
The point is that I receive a lot of e-mail, noise, for every packet that comes
from the internet so I want to refine the alerting level but still be proactive
about attacks that may occur.
Many thanks,
Dan
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
--------------------------
Sent from my mobile device
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
- Prev by Date: Re: ASA with IPS
- Next by Date: Re: ASA with IPS
- Previous by thread: Re: ASA with IPS
- Next by thread: share permissions
- Index(es):
Relevant Pages
|
