RE: ASA with IPS



Dan,

If it is the ASA with IPS SSM module you do not need an extra solution for
this.
The SSM module runs the same 'OS' that the dedicated Cisco IPS runs.

I suggest you visit the Cisco Forums for help on tuning...



-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On
Behalf Of Dan Vultur
Sent: Wednesday, September 29, 2010 1:01 AM
To: Richard Robins; Steven C Holmes; security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: ASA with IPS

Richard, Steve,

The ASA came with this module and I thought I should use it as another layer
of
security. Unfortunately I don't have a CS-MARS and I don't think this will
happen soon.

As I have little experience with this, IPS, I would like to see where to
begin
in tunning this module in order to be useful, now there's lots of noise.

Maybe, as other have proposed, I need an extra solution/software for this...

Many thanks

DV


----- Original Message ----
From: Richard Robins <richard.robins@xxxxxxxxxxxxx>
To: Steven C Holmes <sholmes@xxxxxxxxx>; Dan Vultur <dv_itsec@xxxxxxxxx>;
security-basics@xxxxxxxxxxxxxxxxx
Sent: Wed, September 29, 2010 12:39:20 AM
Subject: Re: ASA with IPS

Try the CS-MARS applicance.

This correlates logs from ASA/PIX and non cisco firewalls and IPS/IDS.

Expensive but very good.

I would agree with steve that the built in IPS on ASA is poor.

Should have gone for a pure IPS device.






From: Steven C Holmes <sholmes@xxxxxxxxx>
Date: Tue, 28 Sep 2010 15:41:49 -0500
To: 'Dan Vultur' <dv_itsec@xxxxxxxxx>, <security-basics@xxxxxxxxxxxxxxxxx>
Subject: RE: ASA with IPS
Resent-From: <security-basics-return-54955@xxxxxxxxxxxxxxxxx>
Resent-Date: Tue, 28 Sep 2010 15:18:07 -0600 (MDT)

Then buy a real firewall, the ASA has one of the poorest IPS there is.

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On
Behalf Of Dan Vultur
Sent: Tuesday, September 28, 2010 2:47 AM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: ASA with IPS

Hello list,

I am interested in tunning the IPS on the ASA we have in the company and I
would like to know where can I find some quick tips/rules.

The point is that I receive a lot of e-mail, noise, for every packet that
comes from the internet so I want to refine the alerting level but still
be
proactive

about attacks that may occur.

Many thanks,

Dan


     


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide
we
examine the importance of Apache-SSL and who needs an SSL certificate.  We
look at how SSL works, how it benefits your company and how your customers
can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server.
Throughout, best practices for set-up are highlighted to help you ensure
efficient ongoing management of your encryption keys and digital
certificates.


http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate.  We look at how SSL works, how it benefits your company and
how
your customers can tell if a site is secure. You will find out how to
test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.


http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1
------------------------------------------------------------------------


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________


-
----------------------------------------------------------------------------
----------------------------------------------------------------------------
---

Drax Power Limited
Registered in England and Wales, Number 4883589.
Registered  Office: Drax Power Station, Selby, North Yorkshire YO8 8PH

CONFIDENTIALITY NOTICE

The contents of this email, and any files transmitted with it, are
confidential
to the ordinary user of the email address to which it was addressed and may
also
be privileged.

If you are not the addressee of this email you may not copy, forward,
disclose
or otherwise use it or any part of it in any form whatsoever.


If you are not the intended recipient, or have received this email in error
please email the sender immediately by replying to this message, and delete
the
material from any computer.

This message and its contents are attributed to the sender and may not
necessarily reflect the view of Drax Power Limited, its parent, subsidiaries
or
associates.

s
----------------------------------------------------------------------------
----------------------------------------------------------------------------
--





------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate. We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------