The Cisco Firewall Service Module (FWSM) is a module card installed on 6500 switches or 7600 routers and is based on the Cisco PIX/ASA security software. It integrates security services in the popular 6500/7600 network devices, providing one of the fastest firewall data rates in the industry. With 5 Gbps firewall throughput per module, and […]

An Intrusion Detection system as we know can either work in Inline Mode (IPS) or in promiscuous mode (IDS). In inline mode, the IPS sensor can detect and block attacks by itself since all traffic passes through the sensor. However, in promiscuous mode, the IDS sensor can not block attacks by itself, but has to […]

The CSC-SSM module of the Cisco ASA 5500 Firewall offers content security inspection for FTP, HTTP, POP3, and SMTP traffic, thus protecting the network from viruses, spyware, worms, spam and phishing, and controls unwanted mail and Web content. In more detail, the capabilities of the CSC-SSM module include the following: Antivirus and Antispyware protection using the Trend […]

The Cisco ASA 5500 security appliance is not just a plain firewall. With an add-on security module (AIP-SSM), you can transform the ASA 5500 into an IDS/IPS sensor as well. The AIP-SSM (Advanced Inspection and Prevention – Security Services Module) is a full-blown IDS/IPS sensor with the same software and functionality like the external standalone […]

The figure below (taken from Cisco) illustrates the back panel of the Cisco ASA 5505 appliance, showing the network interfaces and other important hardware points. 1 Power 48VDC 2 SSC slot 3 Network interface LEDs 4 Network interfaces 5 Console port 6 USB 2.0 interface 7 Reset button 8 Lock slot  Starting from right to […]

Implementing security in layers is the recommended network security design for protecting information assets. This approach is achieved by segmenting your network into various security zones with an ASA Firewall and applying access policies between them according to their security levels. By default Cisco ASA firewalls come with at least four 10/100/1000 network interfaces which […]

The newest Cisco ASA firewall 5500 series came out with software version 7.0, following the successful software version 6.x of the older PIX firewall models. The latest ASA software version is 8.x with intermediary versions of 7.1 and 7.2. In this post I will show you how to upgrade a Cisco ASA 5505 firewall from […]

The Cisco Adaptive Security Appliance (ASA) device is not just a hardware Firewall as many people think. Of course the Firewall mechanism is the main functionality of the device, but the extension hardware modules that you can add on, can transform the appliance into content security, intrusion prevention, ssl/ipsec device etc.  Firewall  This is the […]