IDS,ASA,PIX firewall monitoring and optimizing

Dear All,
Please let me know the products from Cisco to monitor and optimize the IDS, ASA, PIX firewall in the data centre and corporate networking environment.
I believe that VMS 2.3 can be used.I like to know about the CS-MARS product from Cisco and its usage.
Thanking you
Swamy

Hi,
CS-MARS is a security product that mainly used to analyse, correlates and produce/recommed mitigation action based on the log analysis.
You need to send your syslog, snmp or NetFlow to CS-MARS from all/selected network devices in the network to enable it to have visibility of the network activities. It has built-in signatures or rules that trigger incidents, and allows you can create your own rule to monitor certain segment or devices. Notification is available in the form of email, sms, pager, snmp and syslog.
CS-MARS does not replace the function of IDS/IPS or antivirus, but as a critical security complimentary product to allow you to stop any detected malicious incidents/activities from a nearest point, e.g shutting down switch port where a PC is detected trying to launch network attack, virus or trojans. The concept more or less similar to 'Forward Defense' used by certain country today.
http://www.cisco.com/en/US/partner/products/ps6241/products_data_sheet0900aecd80272e64.html
CS-MARS is measured by its capabilities to handle received Event and Netflow logs per second. This include the HDD capacity. You can have single unit (Local Controller) or multiple unit that centrally managed by Global Controller.
CS-MARS support wide range of networking and security products.
http://www.cisco.com/en/US/partner/products/ps6241/products_device_support_tables_list.html
Rgds,
AK

Similar Messages

  • What happened to PDF document 22040 – "PIX/ASA: Monitor and Troubleshoot Performance Issues"?

    Hi, does anyone knows what was happened to the following PDF notes in Cisco? The PDF file is only contains 1 page compared to the original notes in html format which is about a few pages.
    If there is alternative link for this document, please let me know. Thanks.
    Document ID: 22040
    PIX/ASA: Monitor and Troubleshoot Performance Issues
    http://www.cisco.com/image/gif/paws/22040/pixperformance.pdf <PDF Notes, but 1 page only?>
    http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008009491c.shtml  < HTML Notes>

    Hi experts / marcin
    can anyone of you let me know about my question related to vpn ?
    Jayesh

  • NAT / PAT config conversion from PIX v6 to ASA Software 8.3 and above

    Hi folks,
    I'm currently working on converting some PIX firewall configs to ASA and wanted to check I was on the right track, as I don't currently have the ASA's so doing the configs up front!
    Everything seems straight forward in the conversion and I've used the pixtoasa tool for some of it, but NAT is implemented differently  on 8.3, the PIX was running v6 and I'm used to doing mainly static one to one NAT in ASDM.
    The  scenario that the PIX has 3 NAT groups which are mapped to 3 separate  addresses, where multiple hosts are behint the NAT / PAT.  Current  config of the PIX is as follows (obviously the names are defined further up the config so this is an extract of the PIX):
    global (outside) 1 10.50.50.38
    global (outside) 2 10.50.50.39
    global (outside) 3 10.50.50.49
    nat (inside) 0 access-list no-nat-all
    nat (inside) 2 Host_1 255.255.255.255 0 0
    nat (inside) 2 Host_2 255.255.255.255 0 0
    nat (inside) 2 Host_3 255.255.255.255 0 0
    nat (inside) 1 Host_4 255.255.255.255 0 0
    nat (inside) 1 Host_5 255.255.255.255 0 0
    nat (inside) 1 Host_6 255.255.255.255 0 0
    nat (inside) 1 Host_7 255.255.255.255 0 0
    nat (inside) 3 Network_3 255.255.255.0 0 0
    ASA Config
    After a fair amount of reading up on this topic, I'm looking at changing the ASA config in software version 8.3  to the following - Also is it easier to just do this in  ASDM?  Looks pretty easy from youtube videos but rather have something  to put on the box when I arrive at site NAT wise as opposed to working  it out there!
    Define NAT Objects (outside IP addreses)
    object network NAT_1_outside_10.50.50.38
    host 10.50.50.38
    object network NAT_2_outside_10.50.50.39
    host 10.50.50.39
    object network NAT_3_outside_10.50.50.49
    host 10.50.50.49
    exit
    Define NAT Objects (inside IP addreses)
    object-group network NAT_1_Objects
    network-object Host_4 255.255.255.255
    network-object Host_5 255.255.255.255
    network-object Host_6 255.255.255.255
    network-object Host_7 255.255.255.255
    nat (inside,outside) dynamic NAT_1_outside_10.50.50.38
    object-group network NAT_2_Objects
    network-object Host_1 255.255.255.255
    network-object Host_2 255.255.255.255
    network-object Host_3 255.255.255.255
    nat (inside,outside) dynamic NAT_2_outside_10.50.50.39
    object-group network NAT_3_Objects
    network-object Network_1 255.255.255.0
    nat (inside,outside) dynamic NAT_3_outside_10.50.50.49
    Any assistance with this would be appreciated.
    cheers
    Malcolm

    I cannot make heads or tails of what your trying to accomplish in plain english first before looking at router setup.
    If your talking about hosting servers behind the router on your private LAN (asssuming one public WANIP).  Then one uses ACLs to control external users by individual OR GROUP and static NAT to port forward users to the correct server.  One does not worry about groups of users for this direction of nat rule.
    If what your saying is that you have a LAN and 3 different groups of users on the LAN that need to go to specific external IP addresses (external servers) then once again I would say you should ACLs to limit-authorize users and simply use NAT for port translation purposes.    So conceptually speaking allow all lan users  static nat, and then only allow group 1 hosts access to first external IP,  group 2 hosts to second external IP, and group 3 hosts to third external IP.  Note you will have to add a deny rule in firewall in general because normally higher to lower security interface is allowed by default.
    Am I close......... before going any further need more details on the requirements nevermind setup.

  • BorderManager and Pix Firewall

    Hello,
    Just implemented NSBS6.5 for a small bank with Pix firewall's inner IP
    address as my next router on hop.Was able to send mails out but could not
    receive inbound mails.Also the Bank's web site could no longer be
    assesible from within the bank but could be connected to from any where
    outside the bank's network.Could ping from the BorderManager proxy with
    public IP of 172.16.1.2 to the Pix private with IP of 172.16.1.1
    Moreover,a MaCafe Antivirus appliance was brought in and connected btw
    the BorderManager Proxy server and the Pix firewall with a bridged
    connection and an assigned IP address of 172.16.1.3 and 172.16.1.4 At
    this
    instance,could no longer ping the Pix 172.16.1.1, but could ping both
    interface of the MaCafe appliance.Could not also send nor receive mails
    via the mail proxy.
    I intend bringing the MaCafe appliance before the BorderManager Proxy
    and
    assign a LAN address to it since it has a bridged config,so as to isolate
    the problem of this appliance.
    I need to get the mail server running perfectly and the website
    assesible.Pls kindly help my case.
    Regards,
    Sesan.

    you need to go ask this in the support.bordermanager.install-setup
    group as this group is for the client firewall product only.
    Cheers!
    Richard Beels
    http://www.dsi-consulting.com
    Collaboration without complication

  • Batch Monitor and the Mac OS X Firewall

    This is more or less what people have been saying for a few years now, "When I use Compressor the Mac OS X firewall repeatedly asks permission to allow incoming connections for the Batch Monitor! Why?!?!"
    No matter how many times you click to approve or deny, the firewall alert reappears every five to twenty seconds. There seem to be many, many people with this problem. So far, the only solutions are to:
    1) Shut off the Mac OS firewall
    2) Switch the Mac OS firewall to "Allow only essential services" every time I want to use Compressor (a cumbersome solution at best)
    2) Keep clicking the buttons
    3) Don't use Compressor
    While some might argue that Compressor is a poor substitute for a real video conversion utility, for the vast majority of users, it's the only game in town.
    So, dear Apple, I humbly beg you on behalf of the literally thousands of users who deal with this problem, please either create a solution or suggest one.
    I'm still on Final Cut 6 and Compressor 3. So, if anyone knows that the latest release solves this issue, I'd love to hear it.

    I'm dealing with this same problem and have actually noted that you are confirmed about the YEARS because I found this problem posted December 6, 2007
    http://discussions.apple.com/message.jspa?messageID=6563672
    It's unfortunate that a 'Bad Taste' was left after that reply from the guy who called you a 'nitwit' - I didn't even pay attention to his name - at least you have one demiankz - and took the time to start this post. I humbly thank you.
    At any rate, I was determined to find out - because I have always been struggling to 'Allow' it and last night I decided to 'block' it.
    Does anyone know what is the right setting?
    Also - one work around that has been working for me is this:
    1) when the popup comes up (leave it up) - Open the firewall, unlock the settings padlock at the bottom left (if it is locked) -
    2) find batch monitor and whatever the setting is - force a toggle i.e. if it is "allow" select "block" and visa versa - back to whatever you desire it to be. Just to force it to recognize you are changing it.
    3) NOW answer the popup to match whatever you toggled to in the firewall.
    4) lock the padlock again.
    I've compressed a lot of jobs and I notice once I perform this it goes away for my entire job, provided I leave it alone until it finishes.
    If you do something like browse the internet or work on other things, the message tends to pop up again.
    Of course, after your job finishes, you will have to do this again - and that's why I wish people would keep responding to this post until we get an answer.
    Persistence causes results. Negativity just causes - well, just ignore that.
    At least attempt to be helpful, which I felt I have tried. It may work, it may not, or it may cause someone to recognize what the real problem is.
    Good luck and hope we get an answer soon!
    Message was edited by: Jonefer
    Message was edited by: Jonefer

  • Monitoring and Pinging ASA over VPN

    I hope you guys will be able to help me on this. I have two ASA running 7.2(3) and 7.2(4) respectively, which is connected via site to site VPN. I have no problem getting the VPN to work. However I have been trying to setup monitoring of the VPN's utilization of the for siteB ASA from siteA without any success. Also can anyone share how to get ping and traceroute working from siteA to siteB, meaning traffic travel via the tunnel and get a ping and traceroute response from the inside and outside interface.
    I have tried adding
    icmp permit any any echo-reply inside
    icmp permit any any echo-reply outside
    and also permit icmp from outside to inside but not working
    All help is appreciated.

    Hi,
    Check  out VPNTTG (VPN Tunnel Traffic Grapher) is a software for SNMP  monitoring and measuring the traffic load for IPsec  (Site-to-Site,  Remote Access) and SSL (With Client, Clientless) VPN  tunnels on a Cisco  ASA. It allows the user to see traffic load on a VPN  tunnel over time  in graphical form.
    Advantage of VPNTTG over other SNMP based monitoring software's is   following: Other (commonly used) software's are working with static OID   numbers, i.e. whenever tunnel disconnects and reconnects, it gets   assigned a new OID number. This means that the historical data,  gathered  on the connection, is lost each time. However, VPNTTG works  with VPN  peer's IP address and it stores for each VPN tunnel  historical  monitoring data into the Database.
    For more information about VPNTTG please visit www.vpnttg.com

  • Connectivity Issue between ASA 5520 firewall and Cisco Call Manager

    Recently i have installed ASA 5520 firewall, Below is the detail for my network
    ASA 5520 inside ip: 10.12.10.2/24
    Cisco Switch 3560 IP: 10.12.10.1/24 for Data and 10.12.110.2/24 for Voice
    Cisco Call Manager 3825 IP: 10.12.110.2/24
    The users and the IP phone are getting IP from the DHCP server which configured on cisco 3560 Switch.
    the Default Gateway for Data user is 10.12.10.2/24 and
    for the voice users is 10.12.110.2/24
    now the problem is that the users is not able to ping 10.12.110.2 call manager. please if somebody can help in this regard. i will appreciate the prompt response against this issues.

    Actually i don't wana to insert new subnet and complicate the nework. i need a simple way to solve the problem. below is the details for the asa 5520 config.
    ASA Version 8.2(1)
    name x.x.x.x Mobily
    interface GigabitEthernet0/0
     nameif inside
     security-level 99
     ip address 10.12.10.2 255.255.255.0
    interface GigabitEthernet0/1
     nameif outside
     security-level 0
     ip address x.x.x.x 255.255.255.252
    object-group service DM_INLINE_SERVICE_1
     service-object tcp-udp
     service-object ip
     service-object icmp
     service-object udp
     service-object tcp eq ftp
     service-object tcp eq www
     service-object tcp eq https
     service-object tcp eq ssh
     service-object tcp eq telnet
    access-list RA_VPN_splitTunnelAcl_1 standard permit Inside-Network 255.255.255.0
    access-list RA_VPN_splitTunnelAcl standard permit Inside-Network 255.255.255.0
    access-list inside_nat0_outbound extended permit ip Inside-Network 255.255.255.0 10.12.10.16 255.255.255.240
    access-list inside_nat0_outbound extended permit object-group DM_INLINE_SERVICE_1 10.12.10.16 255.255.255.240 Inside-Network 255.255.255.0
    access-list inside_nat0_outbound_1 extended permit ip Inside-Network 255.255.255.0 10.12.10.16 255.255.255.240
    pager lines 24
    logging enable
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    mtu mgmt 1500
    ip local pool VPN-Pool 172.16.1.1-172.16.1.30 mask 255.255.255.0
    ip local pool VPN-Users 10.12.10.21-10.12.10.30 mask 255.255.255.0
    no failover
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-641.bin
    asdm history enable
    arp timeout 14400
    global (inside) 2 interface
    global (outside) 1 interface
    nat (inside) 0 access-list inside_nat0_outbound_1
    nat (inside) 1 Inside-Network 255.255.255.0
    route outside 0.0.0.0 0.0.0.0 Mobily 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    dynamic-access-policy-record DfltAccessPolicy
    http server enable
    http Mgmt-Network 255.255.255.0 mgmt
    http Inside-Network 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
    crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
    crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
    crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
    crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
    crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
    crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
    crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
    crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map outside_map interface outside
    crypto isakmp enable outside
    crypto isakmp policy 10
     authentication pre-share
     encryption 3des
     hash sha
     group 2
     lifetime 86400
    crypto isakmp policy 30
     authentication pre-share
     encryption 3des
     hash md5
     group 2
     lifetime 86400
    telnet Inside-Network 255.255.255.0 inside
    telnet timeout 5
    ssh Inside-Network 255.255.255.255 inside
    <--- More --->              ssh timeout 5
    console timeout 0
    threat-detection basic-threat
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    webvpn
    group-policy RA_VPN internal
    group-policy RA_VPN attributes
     dns-server value 86.51.34.17 8.8.8.8
     vpn-tunnel-protocol IPSec
     split-tunnel-policy tunnelspecified
     split-tunnel-network-list value RA_VPN_splitTunnelAcl
    username admin password LPtK/u1LnvHTA2vO encrypted privilege 15
    tunnel-group RA_VPN type remote-access
    tunnel-group RA_VPN general-attributes
     address-pool VPN-Users
     default-group-policy RA_VPN
    tunnel-group RA_VPN ipsec-attributes
     pre-shared-key *
    class-map inspection_default
     match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
     parameters
      message-length maximum 512
    policy-map global_policy
     class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect netbios
      inspect rsh
      inspect rtsp
      inspect skinny 
      inspect esmtp
      inspect sqlnet
      inspect sunrpc
      inspect tftp
      inspect sip 
      inspect xdmcp
    service-policy global_policy global
    prompt hostname context
    Cryptochecksum:e5a64fa92ae465cd7dabd01ce605307d
    : end

  • Dear All, I'm using Cisco ASA 5505 Firewall and I want the email alert from my Firewall if the CPU increase more than 70 %. Is it possible, Please help me. Thanks Vijay

    Dear All,
                         I'm using Cisco ASA 5505 Firewall and I want the email alert from my Firewall if the CPU increase more than 70 %. Is it possible, Please help me.
    Thanks
    Vijay

    Hi Vijay,
    If can be done but you need any network management software. I personally dont think you can ask your ask to send mails. ASA can trigger alert to a SNMP configured server which will intern send mail to you 
    HTH,

  • I am behind a Cisco PIX Firewall. What addresses and ports do I need to permit through to allow Firefox updates?

    I want to be able to upgrade my Firefox installations that are located behind a Cisco PIX Firewall. What are the TCP/IP addresses and ports required to be opened for updating to occur?

    This is less likely to be a firefox problem, as it appears something bad has happened to your network. Can you access the internet with other programs? Try email/ IRC/ Skype or even updating your computer.
    What operating system are you using?
    Ian.

  • Cisco ASA 5505 Firewall Not Allowing Incoming Traffic

    Hello,
    I am wondering if there is a very friendly cisco guru out there who can help me out.  I am trying to switch out a cisco pix 501 firewall with a cisco ASA 5505 firewall.  I am not very familiar with all of the commands for the firewalls and have always relied on a standard command line script that I use when building a new one.  Unfortunately, my script is not working with the 5505.  Can someone please let me know what I am doing wrong with the following script?  I've masked public IP info with xxx.xxx.xxx and I run it right after restoring the firewall to the factory defaults.  I am able to get out to the internet if I browse directly from one of the servers, but cannot access a web page when trying to browse to it from an outside network.
    access-list 100 permit icmp any any echo-reply
    access-list 100 permit icmp any any time-exceeded 
    access-list 100 permit icmp any any unreachable
    ip address outside xxx.xxx.xxx.94 255.255.255.224
    ip address inside 192.168.1.1 255.255.255.0
    global (outside) 1 xxx.xxx.xxx.106-xxx.xxx.xxx.116
    global (outside) 1 xxx.xxx.xxx.95
    nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    route outside 0 0 xxx.xxx.xxx.93
    access-group 100 in interface outside
    nat (inside) 1 192.168.1.0 255.255.255.0
    nat (inside) 1 192.168.1.0 255.255.255.0 0 0
    outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.93 1 DHCP static
    static (inside,outside) xxx.xxx.xxx.95 192.168.1.95 netmask 255.255.255.255 0 0
    access-list 100 permit tcp any host xxx.xxx.xxx.95 eq www
    static (inside,outside) xxx.xxx.xxx.96 192.168.1.96 netmask 255.255.255.255 0 0
    access-list 100 permit tcp any host xxx.xxx.xxx.96 eq www

    Hey Craig,
    Based on your commands I think you were using 6.3 version on PIX and now you must be  moving to ASA ver 8.2.x.
    On 8.4 for interface defining use below mentioned example :
    int eth0/0
    ip add x.x.x.x y.y.y.y
    nameif outside
    no shut
    int eth0/1
    ip add x.x.x.x y.y.y.y
    nameif inside
    no shut
    nat (inside) 1 192.168.1.0 255.255.255.0
    global (outside) 1 xxx.xxx.xxx.106-xxx.xxx.xxx.116
    global (outside) 1 xxx.xxx.xxx.95
    access-list 100 permit icmp any any echo-reply
    access-list 100 permit icmp any any time-exceeded 
    access-list 100 permit icmp any any unreachable
    static (inside,outside) xxx.xxx.xxx.95 192.168.1.95 netmask 255.255.255.255 0 0
    access-list 100 permit tcp any host xxx.xxx.xxx.95 eq www
    static (inside,outside) xxx.xxx.xxx.96 192.168.1.96 netmask 255.255.255.255 0 0
    access-list 100 permit tcp any host xxx.xxx.xxx.96 eq www
    route outside 0 0 xxx.xxx.xxx.93
    access-group 100 in interface outside
    You can use two global statements as first statement would be used a dynamic NAT and second as PAT.
    If you're still not able to reach.Paste your entire config and version that you are using on ASA.

  • ASA 5505:Static Routing and Deny TCP connection because of bad flag

    Hi Everybody,
    I have a problem. I made a VPN site-2-site with 2 ASA 5505. The VPN works great. And I create a redondant link if the VPN failed.
    In fact, I use Dual ISP with route tracking. If the VPN fails, the default route change to an ISDN router, situated on the inside interface.
    When I simulated a VPN fail, the ASAs routes switch automatically on backup ISDN routers. If I ping elements, it works great. But when i try TCP connection like telnet, the ASAs deny connections:
    %PIX|ASA-6-106015: Deny TCP (no connection) from 172.16.10.57/35066 to 172.16.18.1/23 flags tcp_flags on interface interface_name.
    the security appliance discarded a TCP packet that has no associated connection in the security appliance connection table. The security appliance looks for a SYN flag in the packet, which indicates a request to establish a new connection. If the SYN flag is not set, and there is not an existing connection, the security appliance discards the packet.
    thanks!
    EDIT: On the schema, The interface of the main asa is 172.16.18.148...

    Check if the xlate timer is set greater than or equal to what the conn timer, so as not to have connections waiting on xlates that no longer exist. To minimize the number of attempts, enable "service resetinbound" . The PIX will reset the connection and make it go away. Without service resetinbound, the PIX Firewall drops packets that are denied and generates a syslog message stating that the SYN was a denied connection.

  • FWSM interface monitoring and best practices documentation.

    Hello everyone
     I have a couple of questions regarding vlan interface monitoring and best practices specifically for this service module.
     I couldn’t find a suggestion or guideline as for how to define a VLAN interface on a management station. The FWSM total throughput is 5.5gbs and the interfaces are mapped to vlans carried on trunks over 10gb etherchannels. Is there a common practice, or past experience, to set some physical parameters to logical interfaces? "show interface" command states BW as unknown.
     Additionally, do any of you have a document addressing best practices for FWSM? I have this for other platforms and general recommendations based on newer ASA versions but nothing related to FWSM.
    Thanks a lot!
    Regards
    Guido

    Hi,
    If you are looking for some more command to check for the throughput through the module:-
    show firewall module <number> traffic
    Also , I think as this is End of life , you might have to check for some old documentation from Cisco on the best practices.
    http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/prod_white_paper0900aecd805457cc.html
    https://supportforums.cisco.com/discussion/11540181/ask-expertconfiguring-troubleshooting-best-practices-asa-fwsm-failover
    Thanks and Regards,
    Vibhor Amrodia

  • Tools for monitoring and Statistic.

    Hi there
    I am looking for a tool that help me to monitoring and take some statistic from ASA 5500 series, for example:
    monitor the number of connections in use
    monitor the number of tunnels in use
    monitor the number of sessions in use
    monitor throughput, packets and errors on all interfaces of the Cisco ASA
    monitor encrypted traffic throughput
    monitor your firewall’s uptime
    monitor statistics for TCP and UD
    Looking at on the internet I found this tool LogicMonitor somebody knows if this tool is good and reliable???
    Thanks everybody

    Hi,
    You didn't mention if you're looking for a free or licensed tool.
    We use ManageEngine/OpManager as our main monitoring and reporting (NetFlow) tool for our ASAs.
    Sent from Cisco Technical Support iPhone App

  • PIX firewall 525 on Voice Network for 5000 CC calls

    Dear all ,
    can some one suggest me will it be recommended to use PIX firewall 525 on Voice ( sip ) network for 5000 CC to 1000 CC calls in signaling mode since our server are using public IP so will i be able to use it without NAT / PAT also will there be any issue of QOS .
    Regards

    Sohail,
    If your idea is to add some security between your devices the PIX will work fine (I will prefer and ASA since it can run the latest software). The quality of your voice traffic shouldn't be impacted by the PIX.
    Luis Silva

  • PIX Firewall Setup

    Hi,
    I need urgent help about PIX firewall setup.......
    My one of the pix firewall flash was correpted it mean don't have flash file inside... I want to install flash file how to install...
    It's showing "monitor >"   mode.
    monitor > help
    by
    senthil

    And also i need to know how to reset password i forgot the password for the another firewall...
    I have to configure as per diagram(attached) already config is there but i need to know it's write or nor becasue this one last year one.
    Please check and let me know ASAP.
    Thanks....
    Regards,
    Senthil
    I have to configure as per diagram(attached) already config is there but i need to know it's write or nor becasue this one last year one.
    Please check and let me know ASAP.
    Thanks....
    Regards,
    Senthil

Maybe you are looking for