The Cisco Firewall Service Module (FWSM) is a module card installed on 6500 switches or 7600 routers and is based on the Cisco PIX/ASA security software. It integrates security services in the popular 6500/7600 network devices, providing one of the fastest firewall data rates in the industry. With 5 Gbps firewall throughput per module, and […]
Using the ROMMON to load a new image on Cisco ASA Firewall Step-by-Step
If for any reason the software image on your Cisco ASA appliance is corrupted and the device does not boot to normal operating mode, then you can load a new image using ROMMON (ROM monitor mode) and TFTP. Follow the steps below to get into ROMMON mode and then assign all necessary settings for uploading […]
Block Attacks with a Cisco ASA Firewall and IDS using the shun command
An Intrusion Detection system as we know can either work in Inline Mode (IPS) or in promiscuous mode (IDS). In inline mode, the IPS sensor can detect and block attacks by itself since all traffic passes through the sensor. However, in promiscuous mode, the IDS sensor can not block attacks by itself, but has to […]
Antivirus and Antispam protection with CSC SSM
The CSC-SSM module of the Cisco ASA 5500 Firewall offers content security inspection for FTP, HTTP, POP3, and SMTP traffic, thus protecting the network from viruses, spyware, worms, spam and phishing, and controls unwanted mail and Web content. In more detail, the capabilities of the CSC-SSM module include the following: Antivirus and Antispyware protection using the Trend […]
Cisco IDS/IPS Module for Cisco ASA Firewalls (AIP-SSM)
The Cisco ASA 5500 security appliance is not just a plain firewall. With an add-on security module (AIP-SSM), you can transform the ASA 5500 into an IDS/IPS sensor as well. The AIP-SSM (Advanced Inspection and Prevention – Security Services Module) is a full-blown IDS/IPS sensor with the same software and functionality like the external standalone […]
Cisco ASA 5505 Network Port Interfaces
The figure below (taken from Cisco) illustrates the back panel of the Cisco ASA 5505 appliance, showing the network interfaces and other important hardware points. 1 Power 48VDC 2 SSC slot 3 Network interface LEDs 4 Network interfaces 5 Console port 6 USB 2.0 interface 7 Reset button 8 Lock slot Starting from right to […]
Adding more Interfaces to Cisco ASA Firewalls with 4GE SSM
Implementing security in layers is the recommended network security design for protecting information assets. This approach is achieved by segmenting your network into various security zones with an ASA Firewall and applying access policies between them according to their security levels. By default Cisco ASA firewalls come with at least four 10/100/1000 network interfaces which […]
How to upgrade the Cisco ASA 5505 software
The newest Cisco ASA firewall 5500 series came out with software version 7.0, following the successful software version 6.x of the older PIX firewall models. The latest ASA software version is 8.x with intermediary versions of 7.1 and 7.2. In this post I will show you how to upgrade a Cisco ASA 5505 firewall from […]
Cisco ASA Appliance – Five Functionalities in One Box
The Cisco Adaptive Security Appliance (ASA) device is not just a hardware Firewall as many people think. Of course the Firewall mechanism is the main functionality of the device, but the extension hardware modules that you can add on, can transform the appliance into content security, intrusion prevention, ssl/ipsec device etc. Firewall This is the […]