Preventing Network Attacks in Cisco ASA


Basic Threat Detection Overview Using basic threat detection, the security appliance monitors the rate of dropped packets and security events due to the following reasons: •Denial by access lists •Bad packet format (such as invalid-ip-header or invalid-tcp-hdr-length) •Connection limits exceeded (both system-wide resource limits, and limits set in the configuration) •DoS attack detected (such as an invalid SPI, Stateful Firewall check failure) •Basic firewall checks … Continue reading Preventing Network Attacks in Cisco ASA

How to communicate between the interfaces of same security level and communication (in and out) through same interface in Cisco ASA


Today’s Topic: How to communicate between the interfaces of same security level and communication (in and out) through same interface in Cisco ASA same-security-traffic To permit communication between interfaces with equal security levels, or to allow traffic to enter and exit the same interface, use the same-security-traffic command in global configuration mode. To disable the same-security traffic, use the no form of this command. same-security-traffic … Continue reading How to communicate between the interfaces of same security level and communication (in and out) through same interface in Cisco ASA