Cisco ASA 5500 – Install and Configure a CSC Module
KB ID 0000731 Problem The Cisco CSC module provides ‘in line’ scanning of POP3, SMTP, HTTP and FTP traffic, to protect against viruses but also for anti spam and anti phish (with the correct licensing). If you are familiar with Trend products, you will like it, (because that’s what it runs), and the interface is much the same as Trend IWSS. It is a hardware device that plugs into the back of the ASA, and comes in...
Cisco ASA 5500 – Throttling (Rate Limiting) Traffic
KB ID 0001001 Problem If you have one client that’s taking all your bandwidth, or a server that’s getting a lot of connections from external IP addresses, and that’s causing you performance problems, you can ‘throttle’ traffic from/to that client by ‘policing’ its traffic. Solution To demonstrate, I have a 30Mb connection at home, when I run a test on the download connection speed from my...
Cisco ASA – Configuring for NTP
KB ID 0000608 Problem With NTP, there will be two things you want to do, 1) Allow a device behind the ASA to take its time from a public NTP server, and 2) Set the ASA to take its system time from a public NTP sever (for accurate date stanps on the logs, and for time critical things like Kerberos authentication.) Solution Allow internal host(s) to get system time though the firewall. 1. Connect to the ASA, go to “enable...