Cisco ASA to CX upgrade
Hello,
I have a couple of questions. I am upgrading from ASA to ASA CX. This is an existing firewall with configurations, policies, nat rules, etc.
1. When you upgrade to CX, does the firewall keep the configuration: ip address of interfaces, security levels, acls, access-groups, nats, anyconnect, etc.?
2. If you don't have the PRSM, can you manage that firewall from the PRSM web interface by https to the ip address?
3. Can you still manage the firewall from CLI and asdm or you can't do that after you upgrade to CX?
Thanks in advance.
1. Yes, the base ASA configuration is unchanged.
2. On-box PRSM (aka single device mode) manages the Next Generation Firewall (NGFW - AVC, WSE and IPS) features depending on which are licensed. You do access it via the PRSM web UI (very limited setup steps are done via sessioning into the module from the ASA cli) and you physically use the ASA management interface. (Although the PRSM interface has its own distinct IP address whether or not you have the interface configured / used in the base ASA.)
3. Yes. Think of CX like the older CSC-SSM modules running IPS or Trend Micro AV services. With CX you similarly redirect traffic from the ASA processing path using a service-policy and the CX runs it through its logic (policies, inspections, etc.) and then hands it back to the base ASA for the remaining steps of the packet flow.
Depending on how your ASA was originally purchased, you may need to purchase the SSD hardware (required for CX) in addition to the licensing you need for the NGFW features.
Similar Messages
-
HI
I have two Cisco ASA 5540, these ASA running ver 7.2. and used mainly as VPN gateways.
My question is simple, Apart from the extra AnyConnect client functionality and the higher encryption, is there any specific security benefits (related to the VPN use) for upgrading to ver. 8.x ?
Thanks
A.Ammar,
Each version has Release Notes. For the ASA they are all posted here.
In each Release Note there is a "Resolved Caveats" sections. That is where the fixes for all problems - vulnerabilities as well as functions/features - are listed.
Besides higher encryption and Anyconnect client, you can also use IKE v2 (as of 8.4(1) ) which is more secure during session setup (apart from the level of encryption). You can also use identity-based features and a host of other features to further secure your remote access VPNs. On the other hand, if what you have now is meeting your needs, the only compelling reasons to upgrade are vulnerability and bug fixes (and perhaps a prettier version of ASDM that will run with the newest Java versions ). -
Cisco ASA 5505 Configurations. Help... Beyond Frustrated
Hello All,
I'm fairly new to Cisco products and Network management in general. At my place of employment, I was hired as an IT Tech- Repair and Building computers, most aspects of Physical networking, and software refresh/upgrades as well as solving compatibility issues among a plethora of other things. I've configured APs, a couple Catalyst switches, a router or two, and that is about the breadth of my Cisco knowledge. I was kind of thrown into a project which is to update the current inventory of computers which all run Windows XP Professional. We are making a capital purchase of 20 Laptops and 40 Desktops all of which will run Windows 7. This means the outdated PIX they were using is now useless. I purchased a Cisco ASA 5505 (Version 8.2(1)) because it is compatible with Windows XP and Windows 7. I have spent several days and sleepless nights trying to figure out how to configure this thing. I was hoping to use SSL for the VPN. I did some basic configurations just to get started but like I said, I have no real experience with Adaptive Security Appliances and I am so frustrated right now. I tried using the Wizard to no avail. I did a write erase using CLI and tried to configure that way but I'm doing something wrong as far as I can tell. The configurations were mostly pulled from here, the Cisco Community, and a couple other web sites.
I’m connecting the ASA 5505 to a cable modem (gateway 24.39.245.33) and to our Netvanta for VPN purposes. Here are the commands/what I have configured so far:
hostname AMDASA
domain-name asa.(mydomain).com
enable password (encrypted)
passwd (encrypted)
interface Ethernet0/0
description TWCoutside
switchport access vlan 2
no shutdown
write mem
exit
interface Ethernet0/1
description Port1inside
switchport access vlan 1
no shutdown
write mem
exit
interface Vlan1
nameif inside
security-level 100
ip address 192.168.0.250 255.255.255.0
write mem
exit
interface Vlan2
nameif outside
security-level 0
ip address 24.39.245.36 255.255.255.240
write mem
exit
object-group icmp-type DefaultICMP
description Default ICMP Types permitted
icmp-object echo-reply
icmp-object unreachable
icmp-object time-exceeded
write mem
exit
ftp mode passive
write mem
clock timezone EST -5
clock summer-time EDT recurring
write mem
exit
dns server-group DefaultDNS
domain-name asa.adcmotors.com
write mem
exit
access-list acl_outside extended permit icmp any any object-group DefaultICMP
access-group acl_outside in interface outside
access-list acl_inside extended permit icmp any any object-group DefaultICMP
access-group acl_inside in interface inside
write mem
exit
write mem
That is the extent of the configurations I made via CLI. I don't know how to set the DNS lookup from a static port and I have no idea what else I'm supposed to do after the above configurations I have done. Is there a place to actually obtain ALL of the configurations needed to VPN in? Is there an easier way to make this thing work? I've seriously grown a patch of gray hair because of this device. Please help me if you can!!!!!!Hi our desperate friend .
First I would suggest to use the Cisco VPN client instead of SSL VPN (AnyConnect). The configuration is a bit simpler and for the SSL VPN you would need to install the client on the ASA and purchase additional license if you plan to have more than 2 clients. The VPN Client usually comes with the ASA. If you dont have it or dont have access to download it from cisco.com go to the person from which you purchased your ASA and ask him how to get it.
That said, I also think that your ASA lacks of some basic configuration as of now. If you are planning to use this in replacement for your current PIX. You would need to configure a default route and some basic NAT:
route outside 0.0.0.0 0.0.0.0 24.39.245.33
global (outside) 1 interface
nat (inside) 1 192.168.0.0 255.255.255.0
Now regarding the VPN Client configuration you would need to something like this:
Create an isakmp policy:
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
Create a couple of ACLs that we will use later:
access-list nonat permit ip 192.168.0.0 255.255.255.0 192.168.100.0 255.255.255.0
access-list split_tun standard permit 192.168.0.0 255.255.255.0
Create a Pool for the VPN Clients to use:
ip local pool TestPool 192.168.100.1-192.168.100.20 mask 255.255.255.0
Create a Group Policy:
group-policy TEST internal
group-policy TEST attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value split_tun
Create a group:
tunnel-group TEST type ipsec-ra
tunnel-group TEST general-attributes
address-pool TestPool
authentication-server-group ABTVPN
default-group-policy TEST
tunnel-group TEST ipsec-attributes
pre-shared-key cisco123
Create crypto map and do a NAT 0:
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map Outside_dyn_map 10 set transform-set ESP-3DES-SHA
crypto map Outside_map 10 ipsec-isakmp dynamic Outside_dyn_map
crypto map Outside_map interface outside
nat (inside) 0 access-l nonat
Finally create a user that you will use to connect:
username test password test123
Then you would need to configure your VPN Client to connect with the ASA.
Here is a config Example of VPN clients to the ASA. It uses an external server for the authentication but just skip those parts. For the initial config you might want to keep the authentication local.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806de37e.shtml
I hope this helps. Feel free to ask if you have any questions. Also it would very usefull if you could upload the current config (show run) of the ASA in case you need to ask something else.
Have fun.
Raga -
Azure multiple site-to-site VPNs (dynamic gateway) with Cisco ASA devices
Hello
I've been experimenting with moving certain on-premise servers to Azure however they would need a site-to-site VPN link to our many branch sites e.g. monitoring of nodes.
The documentation says I need to configure a dynamic gateway to have multiple site-to-site VPNs. This is not a problem for our typical Cisco ISR's. However three of our key sites use Cisco ASA devices which are listed as 'Not Compatible' with dynamic routing.
So I am stuck...
What options are available to me? Is there any sort of tweak-configuration to make a Cisco ASA work with Azure and dynamic routing?
I was hoping Azure's VPN solution would be very flexible.
ThanksHello RTF_Admin,
1. Which is the Series of CISCO ASA device you are using?
Thank you for your interest in Windows Azure. The Dynamic routing is not supported for the Cisco ASA family of devices.
Unfortunately, a dynamic routing VPN gateway is required for Multi-Site VPN, VNet to VNet, and Point-to-Site.
However, you should be able to setup a site-to-site VPN with Cisco ASA 5505 series security appliance as demonstrated in this blog:
Step-By-Step: Create a Site-to-Site VPN between your network and Azure
http://blogs.technet.com/b/canitpro/archive/2013/10/09/step-by-step-create-a-site-to-site-vpn-between-your-network-and-azure.aspx
You can refer to this article for Cisco ASA templates for Static routing:
http://msdn.microsoft.com/en-us/library/azure/dn133793.aspx
If your requirement is only for Multi-Site VPN then there is no option but to upgrade the device as Multisite VPN requires dyanmic routing and unfortunately there is no tweak or workaround due to hardware compatibility issue.
I hope that this information is helpful
Thanks,
Syed Irfan Hussain -
Cisco ASA 5505 - Can't Login from Public & Local IP Anymore!
Hello,
We've a Cisco ASA 5505 connected directly to Verizon FiOS Circuit (ONT) box using Ethernet cable. As per the existing documention that I have, the previous configured this as a dedicated router to establish a seperate VPN connection our software provider. They assigned both Public Static and Local Static IP address. When I try to ping the public IP address, it says request time out; so the public IP address is no longer working.
When I ping the local IP address of 192.168.100.11, it responds. The SolarWind tool also shows Always UP signal. How can I login into this router either from remotely or locally to check the configuration, backup and do the fimrware upgrade?
I also tried to connect my laptop directly to the ASA 5505 router LAN port. After 3 minutes, I'm able to connect to Internet without any issues. However I don't know the IP address to use to login.
Any advice would be greatly appreciated. Thank you.
UPDATE: I'm able to find the way! I need to use https to login! I'm able to download ASDM tool and login! Thanks to these resources:
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008067e9f9.shtml
http://cyruslab.wordpress.com/2010/09/09/how-to-download-asdm-from-asa5505-and-install-it/Hi Srinath,
If that ASA5505 has factory-default configuration on it , then it probably has 192.168.1.1 ip address on the LAN side and has got dhcp server turned on to provide you ip address dynamically the moment you hook up a machine to it directly or through a switch.
If you've access to ASDM.
You can go the Configuration Tab>>Device Management>>Device Access and turn on the SSH & Telnet from the LAN interface because by default only HTTPS/ASDM is enabled on LAN interface.
You will still need to generate crypto keys and create a username in order to get ssh working
For this you can click at the TOP at TOOLS>> Command Line Interface.
And in the box below type this
crypto key generate rsa modulus 1024
add a username
username <> password <> priv 15
and enable aaa authentication for ssh like this
aaa authentication ssh console LOCAL
Let me know if this helps.
Puneet -
ASA multiple mode upgrade from 8.2.5 to 8.4.5 to 9.0.3
I'm doing ASA code upgrade with contexts from 8.2.5 to 8.4.5 to 9.0.3 and I'm concerned about the NAT syntax with the new code. Should this automatically changed to the new syntax on all contexts or I have to do it manually. Anyone there with that experience, please advise. Thanks.
Please reply to [email protected]
Thanks.Hello,
I am actually working on a project right now really similar to yours.
When are you planning to perform the Upgrade???
As per Cisco documentation the Upgrade should be done from the system context!
Migration will happen automatically:
I created a post about it
http://www.laguiadelnetworking.com/asa-8-3-upgrade-new-features-known-issues-best-practicesetc/
Enjoy
Rate all of the helpful posts!!!
Regards,
Jcarvaja
Follow me on http://laguiadelnetworking.com -
Cisco Prime Infrastructure 2.0 and Cisco ASA
Hello,
We've recently installed trial version of Cisco Prime Infrastructure 2.0 Express. We hoped that it already supports Cisco ASA 55xx series (especially 5505, we have pretty amount of them). But we had some problems with PI and asa durind the exploitation process.
First, I've added ASA to PI, and Inventory Collection Status is Completed, but I can't see CPU and RAM utilization graphs. Inventory.logs are non-informative.
Also, config backup is success, but when I try to watch the backuped configuration at Configuration Archive PI says "Failed to fetch raw configuration". And so on.
ASA version is 5505, image is 9.1(2).
So, I have a question: is it possible to manage ASAs with PI 2.0?
UPD: I've just tried to upgrade asa to 9.1(4), and behavior of the equipment is quite the same. Seems we shall wait for 9.2 to be released.Have you downloaded and applied the latest Device Pack updates?
PI enhanced ASA support after the initial 2.0 release and the Device Packs incorporate that change.
The README file for Device Packs explains how to install them. (A bug currently does not allow the direct download in PI so you need to follow the method for installation from local storage after you manually download. Here is a link to the download location. -
Cisco ASA 5510 Content Security bundle
Hello,
please help me to understand if i buy the Cisco ASA 5510 Content Security bundle for my network found there is 1 yr subscription for the content
security features. what are services included in it. Does URL blocking and filtering includ in this subscription or its a seperate features.
Thanks,
Saroj PradhanHere is the license for CSC module and it lists what is included in Basic and Plus CSC license:
http://www.cisco.com/en/US/docs/security/csc/csc66/administration/guide/csc1.html#wp1045405
One year subscription is providing you the ability to upgrade the virus scan engine, spyware pattern file, anti spam, etc -
Interactive Commands in NetConfig for Cisco ASA
Hi,
Maybe anyone knows, does CiscoWorks LMS supports this feature for Cisco ASA or I'm doing something wrong? I've sent interactive command "copy tftp: flash: <R>ip_address<R>asa841-k8.bin<R><R>" to my ASA using netconfig tool and recived error "Command(s) failed on the device Insufficient no. of interactive responses(or timeout) for command: copy tftp: flash: ." For Cisco Catalyst it works fine. I have a last version of CiscoWorks 4.0.1.No, SWIM doesn't support ASDM upgrades, but what you're doing here is a system software upgrade. What you might try doing is to increase the telnet timeout for this device. Unfortunately, that feature is hidden in LMS 4.0, but see this document on how to do that:
https://supportforums.cisco.com/docs/DOC-15162
The document talks about inventory collection, but the interface to adjust the telnet timeout is in the same location as the SNMP timeout. You'll want to time the transfer to know how long to make the timeout. -
Content Security Licensing on Cisco ASA
Hi Guys,
Need help on licensing of content security on Cisco ASAs. Hope someone would be able to help.
Our customer has a ASA5520-CSC20-K9 (default 500 users) appliance. When the appliance was first bought, they upgraded it to 750 user license and PLUS feature license. They want to renew these licenses. Kindly advise the following:
1. In order to do so, is it right that the customer has to purchase both the following (to cater to the 750 users and PLUS features)?
• L-ASACSC20-500UP1Y ASA 5500 CSC-SSM-20 500-User w/ Plus Lic. Renewal (1-year)
• L-ASACSC20-250UP1Y ASA 5500 CSC-SSM-20 250-User w/ Plus Lic. Renewal (1-year)
2. Do the renewal licenses above include BASE features (Anti-Virus, Anti-Spyware, File-Blocking)?
Thanks!
CitraThat unfortunate. It seems like with the VPN licensing they realized if you were in an active/standby configuration then you should only have to pay for one license, thus the license change in 8.3+ only requires you to purchase one license. I thought this would have carried over into IPS.
Beings we haven't failed over to the standby unit in 2 years, would it be possible to install the IPS module in both the active and standby appliances, but just license the one in the active mode? I don't care if we are running without IPS on the standby if we did have to failover for some amount of time. Or does having it licensed on one and not the other mess with being in active/standby failover mode? -
CISCO ASA Clientless VPN Host Scan
Hi All
We open up Internet Explorer 8 on local PC, then we are connecting using clientless vpn to a CISCO ASA 5520 8.0(4), we are getting an issue with the local internet explorer browser closing after 20 mins. The content accessed from the VPN is still available but all local Internet Explorer processes are terminated.
When i look at the hostscan.log i get TOKEN_SUCESS followed by TOKEN_LOGGEDON for the first 20 mins. After 20 minutes i get TOKEN_INVALID followed by the browser kill command which is closing internet explorer. This is effecting all users. If i close the SSL VPN completly the same issue occurs after exactly 20 mins. The session below was started at 14:23:34 and we recieve TOKEN_LOGGEDON at 14:45:50 but TOKEN_INVALID at 14:46:50.
Hope someone can help?
Ian
Host Scan.Log:
[Tue Oct 09 14:45:50.296 2012][libcsd][info][asa_parse_dap_response] parsing DAP response.
[Tue Oct 09 14:45:50.296 2012][libcsd][debug][asa_parse_dap_response] TOKEN_LOGGEDON
[Tue Oct 09 14:45:50.296 2012][libcsd][debug][asa_parse_dap_response] no scan interval, defaulting to 60 sec.
[Tue Oct 09 14:45:50.296 2012][libcsd][debug][cache_cleaner_check_browsers] cache cleaner enabled, verifying browser is still open.
[Tue Oct 09 14:45:50.343 2012][libcsd][debug][run_loop] sleeping for 60 seconds.
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][run_loop] awake.
[Tue Oct 09 14:46:50.349 2012][libcsd][all][scan] performing scan.
[Tue Oct 09 14:46:50.349 2012][libcsd][info][process_system_scans] scanning system...
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][update_file] updating file (C:\Users\REMOVED\AppData\Local\Cisco\Cisco HostScan\lib\libdesktop.dll)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][verify_file] verifying file: C:\Users\ REMOVED \AppData\Local\Cisco\Cisco HostScan\lib\libdesktop.dll
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][verify_file] file has been verified: (C:\Users\ REMOVED \AppData\Local\Cisco\Cisco HostScan\lib\libdesktop.dll)
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] path not absolute, file signature not checked (kernel32.dll)
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] attempting to load library (kernel32.dll)
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] library (kernel32.dll) loaded
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_os] os (Windows 7) version (Service Pack 1) arch (x64) proclevel (unknown)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_location] location (REMOVED)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_csdtype] csd protection (cache cleaner)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_csdtype] csd version (3.5.841)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_hostname] hostname (REMOVED)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (135)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (445)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (3389)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (5500)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (6051)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (6129)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (47002)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (47006)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (47007)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (49152)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (49153)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (49154)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (49175)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (49179)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (49184)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (9089)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (139)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (123)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (500)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (4500)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (5355)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (6004)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (64000)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (64246)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (1900)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (50907)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (53973)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (56922)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (57555)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (57906)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (59441)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (60837)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (60919)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (63966)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (64019)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (64955)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (65202)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (137)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (138)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (1900)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_openports] found open port (60918)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_macaddrs] found MAC addr (6431.5034.738f)
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][scan_system_applications] No removable applications installed.
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][cert_init] initializing certificate subsystem ...
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][cert_init] mozilla cert store enabled
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][cert_init] capi cert store enabled
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][moz_init] initializing mozilla certificate module...
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] path not absolute, file signature not checked (kernel32.dll)
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] attempting to load library (kernel32.dll)
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] library (kernel32.dll) loaded
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][reg_open_key] checking 32-bit registry hive: SOFTWARE\Mozilla\Mozilla Firefox.
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][moz_init] unable to load mozilla libs.
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][moz_init] initializing mozilla certificate module... failed
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][moz_free_api] not initialized
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][moz_free_api] not initialized
[Tue Oct 09 14:46:50.349 2012][libcsd][warn][cert_init] failed to initialize mozilla certificates
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] path not absolute, file signature not checked (Crypt32.dll)
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] attempting to load library (Crypt32.dll)
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] library (Crypt32.dll) loaded
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][cert_init] initializing certificate subsystem ... done
[Tue Oct 09 14:46:50.349 2012][libcsd][warn][cert_get_user_certs_prop_list] mozilla certificates not initialized.
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][cert_free] de-initializing certificate subsystem ...
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][cert_free] de-initialization of capi certificated completed.
[Tue Oct 09 14:46:50.349 2012][libcsd][debug][cert_free] de-initializing certificate subsystem ... done
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_file_verify_trust] verifying file trust (C:\Users\ REMOVED \AppData\Local\Cisco\Cisco HostScan\lib\libdesktop.dll)
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] path not absolute, file signature not checked (Wintrust.dll)
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] attempting to load library (Wintrust.dll)
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] library (Wintrust.dll) loaded
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] file signature verified(C:\Users\ REMOVED \AppData\Local\Cisco\Cisco HostScan\lib\libdesktop.dll)
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] attempting to load library (C:\Users\ REMOVED \AppData\Local\Cisco\Cisco HostScan\lib\libdesktop.dll)
[Tue Oct 09 14:46:50.349 2012][libcsd][info][hs_dl_load] library (C:\Users\ REMOVED \AppData\Local\Cisco\Cisco HostScan\lib\libdesktop.dll) loaded
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB958830)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2425227)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2479943)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2491683)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2503665)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2506014)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2506212)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2507618)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2509553)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2510531)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2511455)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2518869)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2532531)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2533552)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2534111)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2536275)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2536276)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2539635)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2544521)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2544893)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2552343)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2556532)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2560656)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2564958)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2567680)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2570947)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2572077)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2579686)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2584146)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2585542)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2588516)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2598845)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2618444)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2618451)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2619339)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2620704)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2620712)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2631813)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2633952)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2639417)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2641690)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2644615)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB2656356)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB958488)
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][scan_system_hotfixes] detected hotfix: (KB976902)
[Tue Oct 09 14:46:50.895 2012][libcsd][info][process_host_scans] scanning environment...
[Tue Oct 09 14:46:50.895 2012][libcsd][info][process_inspector_scans] scanning for security software...
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][process_inspector_scans] no inspector list items.
[Tue Oct 09 14:46:50.895 2012][libcsd][info][scan_perform_scan] scanning complete.
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][get_data] endpoint.os.version="Windows 7"
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][get_data] endpoint.os.servicepack="Service Pack 1"
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][get_data] endpoint.os.architecture="x64"
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][get_data] endpoint.os.processor_level="unknown"
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][get_data] endpoint.policy.location=" REMOVED "
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][get_data] endpoint.device.protection="cache cleaner"
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][get_data] endpoint.device.protection_version="3.5.841"
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][get_data] endpoint.device.hostname=" REMOVED "
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][get_data] endpoint.device.port["135"]="true"
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][get_data] endpoint.device.port["445"]="true"
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][get_data] endpoint.device.port["3389"]="true"
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][get_data] endpoint.device.port["5500"]="true"
[Tue Oct 09 14:46:50.895 2012][libcsd][debug][get_data] endpoint.device.port["6051"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["6129"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["47002"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["47006"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["47007"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["49152"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["49153"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["49154"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["49175"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["49179"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["49184"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["9089"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["139"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["123"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["500"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["4500"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["5355"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["6004"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["64000"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["64246"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["1900"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["50907"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["53973"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["56922"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["57555"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["57906"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["59441"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["60837"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["60919"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["63966"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["64019"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["64955"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["65202"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["137"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["138"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["1900"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.port["60918"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.device.MAC["6431.5034.738f"]="true"
CERTIFICATE INFO REMOVED
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB958830"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2425227"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2479943"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2491683"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2503665"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2506014"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2506212"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2507618"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2509553"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2510531"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2511455"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2518869"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2532531"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2533552"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2534111"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2536275"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2536276"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2539635"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2544521"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2544893"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2552343"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2556532"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2560656"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2564958"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2567680"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2570947"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2572077"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2579686"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2584146"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2585542"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2588516"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2598845"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2618444"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2618451"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2619339"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2620704"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2620712"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2631813"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2633952"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2639417"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2641690"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2644615"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB2656356"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB958488"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][get_data] endpoint.os.hotfix["KB976902"]="true"
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][hs_transport_setpeer] setting peer
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][hs_transport_setpeer] setting l2 peer: (REMOVED)
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][hs_transport_setpeer] setting peer done. peer = REMOVED, referrer = REMOVED
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][asa_post_dap] sending results to: (REMOVED /+CSCOE+/sdesktop/scan.xml?reusebrowser=1)
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][hs_transport_setcookie] setting cookie
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][hs_transport_setcookie] setting cookie: (sdesktop=70E341AC00B5735F069D5FFE)
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][hs_transport_addheader] adding http header
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][hs_transport_addheader] adding http header: (Cookie: sdesktop=70E341AC00B5735F069D5FFE)
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][hs_transport_addheader] adding http header done
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][hs_transport_setcookie] setting cookie done
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][hs_transport_setredircount] setting redirects
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][hs_transport_setredircount] setting redirects: (10)
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][hs_transport_setredircount] setting redirects done
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][asa_post_dap] sending results to: (REMOVED /+CSCOE+/sdesktop/scan.xml?reusebrowser=1)
[Tue Oct 09 14:46:50.911 2012][libcsd][debug][hs_transport_post] posting data
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][process_response_headers] processing http response headers
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][process_response_headers] getting http headers from l2
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][process_response_headers] getting http headers headers from l2 done
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][parse_response_headers] parsing http headers
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][dump_http_headers] --- Http Response Headers ---
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][dump_http_headers] HTTP-Version: 1.1
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][dump_http_headers] Status-Code: 200
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][dump_http_headers] Cache-Control: no-cache
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][dump_http_headers] Connection: Keep-Alive
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][dump_http_headers] Date: Tue, 09 Oct 2012 13:46:50 GMT
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][dump_http_headers] Pragma: no-cache
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][dump_http_headers] Transfer-Encoding: chunked
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][dump_http_headers] Content-Type: text/xml
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][dump_http_headers] Server: Cisco AWARE 2.0
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][dump_http_headers] --------------------
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][parse_response_headers] parsing http headers done
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][process_response_headers] processing http response headers done
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][hs_transport_post] posting data done
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][asa_post_dap] results sent to (REMOVED).
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][hs_transport_get_data] getting data
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][hs_transport_get_data] --- http data ---
todo
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][hs_transport_get_data] getting data done
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][hs_transport_get_data] getting data
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][hs_transport_get_data] --- http data ---
todo
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][hs_transport_get_data] getting data done
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][asa_post_dap] headend response: (<?xml version="1.0" encoding="ISO-8859-1"?>
<hostscan><status>TOKEN_INVALID</status></hostscan>
[Tue Oct 09 14:46:50.926 2012][libcsd][info][asa_parse_dap_response] parsing DAP response.
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][asa_parse_dap_response] TOKEN_INVALID
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][asa_parse_dap_response] no scan interval, defaulting to 60 sec.
[Tue Oct 09 14:46:50.926 2012][libcsd][debug][browser_restore] restoring browser settings.
[Tue Oct 09 14:46:50.957 2012][libcsd][info][browser_kill] killing browser: iexplore.exe with pid (2400)
[Tue Oct 09 14:46:50.957 2012][libcsd][info][browser_kill] killing browser: iexplore.exe with pid (6944)
[Tue Oct 09 14:46:50.957 2012][libcsd][info][browser_kill] killing browser: iexplore.exe with pid (2396)
[Tue Oct 09 14:46:50.957 2012][libcsd][info][browser_kill] killing browser: iexplore.exe with pid (1436)
[Tue Oct 09 14:46:50.957 2012][libcsd][info][browser_kill] killing browser: iexplore.exe with pid (532)
[Tue Oct 09 14:46:50.957 2012][libcsd][debug][restore_ie_history] restoring IE history.Windows 8 clientless SSL VPN is officially supported as of 9.0(2) and 9.1(2) codes:
Clientless SSL VPN: Windows 8 Support: http://www.cisco.com/en/US/docs/security/asa/asa91/release/notes/asarn91.html
Maybe upgrading your code will fix it...
Patrick -
Hi,
I am little confused with different models of Cisco ASA Firewalls. I am trying to understand the real benefit of ASA Next-GEN ASA Firewalls. I understand the next-gen has visibility up to layer 7 but:
- with CX the previous gen of ASA Firewall had same or similar capability?
- Is CX removed from Next-Gen FW?
- Is AVC something apart from CX and new featue in the Next-Gen FW?
- What is the real advantage of upgrading to next-gen FW from older gen ASA Firewalls?
ThanksNext Generation Firewall (NGFW) is partly a marketing term. Wikipedia has a definition (as does Gartner and a host of others). Typically it's understood to mean something more than a simple stateful firewall that only looks at packets up to the TCP session level.
Cisco ASA has had add-on features for years like IPS modules and the ability to use Identities in access-lists that could arguably called NGFW. More recently they had the CX module (now Approaching End of Sales). It had several NGFW features including AVC, Web Security Essentials (WSE) and IPS.
The current product lineup include the FirePOWER modules with technology acquired from Sourcefire being developed and integrated into the Cisco security portfolio, including ASAs. Those also have AVC (basically the ability to look deep into a flow and determine application-specific (or even "microapplication") information. You leverage that with the addition of IPS, Web filtering and/or Advanced Malware Protection (AMP) licenses on the FirePOWER modules.
The advantage is that you are able to protect your enterprise from modern-day threats. With the vast majority of malware being exploits from web pages (or at least carried over http/https), the traditional firewall with a rule allowing, say, only http from inside clients does nothing to protect against those threats. Client side anti-malware software can help, but it may be too late once the malware has been identified. -
Hello,
I just upgraded one of my Cisco ASA IPS SSM-10 from version 7.0 (6) E4 to version 7.0 (7) E4 and the Radius authentication stopped working. I use Microsoft 2008 Radius and I still have 10 more of these working with version 7.0 (6) E4.
I used to have the same Radius authentication issue with version 6 until we upgraded to ver 7.0 (6) E4 and this latest version screwed up again.
Does anyone know if there is a Radius authentication bug in this latest version 7.0 (7) E4?
Thank you
SiThere is a known issue CSCty46104. However a show-tech log can give more details as to why there was a failure in your case.
Regards
Sawan Gupta -
What's the difference between 8.0 and 9.3 Cisco ASA software?
Is anyone show me the link with features of 8.0 and 9.3 Cisco ASA software? And what's the catch?
9.2(2.8) is what is known as an interim release of the software. Per Cisco interim release notes:
"They contain bug fixes which address specific issues found since the last Feature or Maintenance release. The images are fully supported by Cisco TAC and will remain on the download site only until the next Maintenance release is available. If you do not have a specific problem which is resolved by an Interim release, we recommend that you use the Feature or Maintenance release images.
Important: These images were not fully regression tested. Each individual fix was unit tested, and the image has had a limited amount of automated regression testing to confirm a baseline of functionality. Keep this testing status in mind if you decide to run them in a production environment. We strongly encourage you to upgrade to a fully tested Maintenance or Feature release when it becomes available."
Interim release notes are not generally published on the general product support page but if you go to the downloads page, there is usually a link to the release notes specific to the interim release.
Here is a link to the ASA 9.2(2.9) interim release notes. They describe the individual bug fixes rolled up in that release. -
Hello,
We are looking at upgrading an aging firewall with a Cisco ASA. I have used the ASA before.
We would like to use the ASA in a colocation facility that will have a few site to site vpns. The ASA MUST be able to have redundant interfaces to our switches. Reading through ASA documentation this is possible. (http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/intrface.html#wp1045838) Can the ASA have redundant links to the same vlans? Will any of our configuration for VPN's, etc have to be setup twice?
ThanksThere are four types of redundancy that one can use on ASAs. The first one you cited, redundant interfaces on a single physical device is the least common in my experience.
The second is failover - when the ASA is mated is a failover ASA in a high availability configuration. This is the most common usage for customers requiring high availability (HA). That is the most common implementation and has been around since ASA 7.0 software (i.e. a good many years).
The third is to bond your interfaces from a given ASA (or sets of interfaces if you have an HA pair) into an Etherchannel. This has the added advantage of giving you potentially higher trhoughput. Etherchannel support was introduced in ASA software version 8.4(1).
The fourth and newest method is clustering. It was introduced just last fall in ASA 9.0 and is not very widely adopted just yet. It is primarily for high throughput requirements exceeding a single device's capacity but also gives the added benefit of redundancy.
None of them require you setup things twice configuration-wise. Some file operations (software upgrade, certificate management, VPN profiles (XML files)) need to be copied onto both members in a failover pair or all members in a cluster scenario.
Edit - there is a fifth type specific to VPNs whereby one can configure a secondary VPN gateway for clients, usually at a alternate site. That approach does require settting up everything separately on the ASAs.
Maybe you are looking for
-
How do I copy my old xl files from my XP machine to operate on xl for Mac on my new iMac. When I copy them onto a stick and transfer them it automatically makes them xls files which are then corrupted when I try to open them in xl for mac
-
Generate a PS in Indesign CS5 - PPD problem
I am a little publisher and I migrated to Indesign from Xpress several years ago. I've recently installed the CS5 Premium suite and I'm very upset about the new version of Indesign. I discovered (with my surprise) that in the print window it's imposs
-
Standalone player fullscreen not working on MS Vista
Hi! I made fullscreen standalone publish with AS2, Flash Player 9. Everything works fine on MS XP. But on MS Vista when you go fullscreen, everything you can see is color of background (all other content disappears). I tried AS 2 and AS 3, dowloaded
-
HELP Trying to save to web or jpeg
When I try to save an image as a jpeg or anything other than psd it deletes my adjustment layers, and goes back to original layer. Any help would be appreciated. Thank you in advanced.
-
I first noticed dead links when trying to read "the Week in iOS Apps," on Macworld. I could go to the second view, but never past the second view. I solved the problem by switching to Firefox. the same thing happened on the Verizon wireless site when