Security Appliance disk alignment

Similar Messages

• Cisco Email Security Appliance (ESA) - Reporting

  In previous versions on ESA you could export data and reports in CSV formats using an API. Is that still available?
  >From the following document :
  IRONPORT ASYNCOS 6.4 REPORTING API FOR IRONPORT APPLIANCES
  REPORTING API OVERVIEW
  The Reporting API feature allows you to download the same data collected by the Email Security Monitor component of the IronPort Email Security appliance or Security Management appliance in a comma separated value (CSV) format. This format allows users to integrate the IronPort appliance's data gathering capabilities into other IT and business reporting systems. 
  DOWNLOADING REPORTING DATA
  You can retrieve the data used to build the charts and graphs in the Email Security Monitor feature via HTTP. This is useful if you plan to perform further analysis on the data via other tools. The data is available in standard comma separated value (CSV) format. The easiest way to get the HTTP query you will need is to configure one of the Email Security Monitor pages to display the type of data you want. You can then simply click the Export... link to initiate the download process.

  It went away, there's a new one (RESTful) in 9.0/9.1
  http://www.cisco.com/c/dam/en/us/td/docs/security/esa/esa9-0/ESA_API_1-0_Getting_Started_Guide.pdf

• Erasing Securely in Disk Utility

  Erasing Securely in Disk Utility
  I wish I could send this directly to the Apple software engineer in charge of Disk Utility, but maybe there is someone on this Forum who is technically very savvy and would stake their reputation on their answer.
  I would bet thousands have had this same question cross their mind...
  I'm trying to understand the process regarding erasing a hard disk using Disk Utility.
  For this example, use a 300 GB hard drive that has the following:
  150 GB of readable files
  100 GB of files that were sent to the trash and emptied (but not "secure empty trash"… so just their directory info was erased when trashed)
  50 GB of never used free space
  I'm confused by the wording in the Disk Utility's erase options.
  One of the choices is Zero Out Free Space.
  Does that mean it only writes zeroes over the 50GB of never used space?
  Or does it write zeroes over the 50GB AND the 100GB spaces?
  Another confusing choice is Zero Out Data
  Does that mean it only writes zeroes over the 150GB of readable data?
  Or does it write zeroes over the 150GB AND the 100GB of unreadable data ?
  If the latter is true, then the sequence probably should be
  erase free space (unless it ONLY writes zeroes to never used space)
  then choose
  zero out data (assuming it also zeroes the unreadable data too)
  Thanks for any help

  Perhps I did not make myself clear (or you misread a verb or two).
  I did read your link,but it does not clarify the technical design of this software.
  The Erase button lets you "Zero Out All Data", but data to me is a file (whether or not it is readable in the directory of not).  Whereas Free Space can be either virgin territory or trashed files with the directory info stripped clean.  So why do you say that Zero Out All Data would include virgin disk space when there was never data there ?
  Also if Erase>Zero Out All Data "writes zeroes to every byte on the drive", and projects an erase time of 13 hours, then why does it estimate 2 days 9 hours when I choose Erase Free Space>Zero Out Deleted Files? (Which further confuses the reader with this Apple description: It writes zeroes over the UNUSED space in the disk.) (My capitalization for emphasis).  Yes, parts of it are CURRENTLY not being recognized, but it IS filled with data (as opposed to the virgin space being filled with no data).
  So you can see why I am confused.
  And though you may be right, I alwatys ask. "Would you bet your child's or your mother's life on your answer?"
  That's why I left it an Open question for the moment ... hoping to also snag an Apple Moderator.
  Thank you for your help though.

• Time Capsule: Files lost after Secure Shared Disk: with accounts

  I Changed the Disks: Secure Shared Disk option to 'with accounts' on my Time Capsule and now all files are invisible. It looks the files must be still on the disks because of the amount of free/used bytes used that is displayed.
  How can I restore the 'old' files?

  Restore the old files by removing the accounts.. ie press and hold reset.. once you go back to a reset all files are available again anyway so the security is illusionary.
  If you want to secure files encrypt them.
  BTW the old airport utility would have warned you that what you were doing will stop access to your files.
  Of course the latest toyland utility probably showed you nothing.
  Never start accounts with files on the TC.. you should offload them.. create accounts then load them back.. to the illusion of security at least.

• Ask the Expert: Introduction to Cisco Adaptive Security Appliance (ASA) version 9.x (Context Aware Security and VPN Features)

  With Namit Agarwal and Rahul Govindan 
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Cisco Adaptive Security Appliance (ASA) version 9.x (Context Aware Security and VPN Features) with experts Namit Agarwal and Rahul Govindan.
  This is a continuation of the live webcast.
  Cisco ASA CX (Context-Aware) is a next generation firewall service that serves as an extension to the Cisco Adaptive Security Appliance (ASA) firewall platform. In addition to the proven stateful inspection firewall capabilities, it provides us with next-generation capabilities and a host of additional network-based security controls for end-to-end network intelligence and streamlined security operations.
  Namit Agarwal is a customer support engineer at the Cisco Technical Assistance Center in Bangalore, India. He has more than four years of experience in the security domain. His areas of expertise include ASA firewalls, IPS, and ASA content-aware security (ASA CX). He has been involved in various escalation requests from around the world. He holds CCIE certification (number 33795) in security.   
  Rahul Govindan has been an engineer with the Security Technical Assistance Center team in Bangalore for more than three years. He works on security technologies such as VPN; Cisco ASA firewalls; and authentication, authorization, and accounting. His particular expertise is in Secure Sockets Layer VPN and IP security VPN technologies. He holds CCIE certification (number 29948) in security.
  Remember to use the rating system to let Namit and Govindan know if you have received an adequate response. 
  Because of the volume expected during this event, Namit and Govindan might not be able to answer every question. Remember that you can continue the conversation in the Security community, subcommunity VPN shortly after the event. This event lasts through November 1, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.
  Webcast related links:
  Slides from the live webcast
  Video Recording of the live webcast
  Introduction to Cisco Adaptive Security Appliance (ASA) version 9.x (Context Aware Security and VPN Features): FAQ from live webcast

  Hello Namit and Rahul,
  Here are few questions that came in directly during your live webcast hence posting them here so that users can benifit:
  1)      How is ASA CX different from other UTM solutions ?
  2)      How is dynamic application inspection of CX better than other inspection engines  ?
  3)      What features or functionalities on the CX are available by default ?
  4)      what are the different ways we can run or install CX on the ASA platform ?
  5)      What VPN features are supported with multi context ASA in the 9.x release ?
  6)      What are the IPv6 Enhancements in the ASA version 9.x ?
  Request you to please provide your responses to them individually.
  Thanks.

• Changed to "Securing shared disk: with accounts" and lost previous data?

  I installed a TC in July and have been doing Time Machine backups to it ever since. Today, I decided to add File Sharing accounts using the Airport Utility. I created two accounts. The next time Time Machine ran, it failed on login. I reconfigured it to use one of the two new accounts, and (not surprisingly, in retrospect) it began a complete, new backup.
  The Finder tells me that 150GB of the TC disk is already in use. I hope that's the space used by my former backups... but how do I find them? Whenever I try and open the TC in the Finder, I'm prompted for one of the new account/passwords, neither of which allows me to view any of the former data.
  Is it possible to access data that was written to the TC disk prior to my switching to account-controlled file sharing?

  Actually, it turns out it was still there and accessible. I went back to Airport Utility and switched "Securing shared disk" back to using a disk password, as before, and there was the "full" disk . . . containing my original sparseimage file, as well as a new Users folder and a Shared folder. The latter contained the sparseimage file from the new backup.
  I hope that I can replace the new sparseimage file (in /Shared) with the original one (in /), and switch back to using accounts to control access to the TC disk.

• Clearing tcp sessions on the cisco acs secure appliance

  Hello,
  is there a possibility to view the number of tcp-session which are active on an acs secure appliance?
  Due to these hangups we have no connection to the appliance through web or console. So we are also interested in clearing the tcp-session instead of rebooting the appliance.
  Could somebody help us.
  thnx
  Torsten Waibel

  What is the acs software ver ?

• SecuRed Hard Disk Drive

  Hi
  SecuRed Hard Disk Drive:
  Does anyone know how I can get this device back to the factory settings as someone has created a vault container and I would like the entire hardisk to be encrypted? I have all the relevant passwords etc for the encryption. Operating system is XP SP3.
  Thanks in Advance
  CJV

  Hi mate,
  I had the same problem and after raising a request @ the toshiba hotline, I get the information to send the HDD to an service partner because they can set it back to factory defaults.
  After sending it to the ASP here in croatia, I received my HDD with factory settings again.
  Hope that helps.
  Greets
  Dennis

• About CPU utilization value of ironport C370 email-security-appliance

  Hello all,
  What is the normal / abnormal value for the following parameters of ironport C370 email-security-appliance ?
  total active recipients
  active messages in work queue
  CPU utilization

  Each appliance would be a little different based on the expected mail processing, throughput for your environment/domains... and then throw in which processes you have turned up (IPAS, AV, VOF, etc.)...
  Typical C370 (running 8.0.1) should be able to handle:
  1. ~18 +/- recipients/sec
  2. average workqueue ~ 462 
  3. average CPU utilization of ~ 91%
  The #s vary, again, based on what you have enabled and licensed.  You would be well suited to open a dialog with your Sales Ops/Account team, as they have means to determine the proper numbers and outcomes for your environment.
  I hope this helps!
  -Robert
  (*If you have received the answer to your original question, and found this helpful/correct - please mark the question as answered, and be sure to leave a rating to reflect!)

• SunBlade 100 to Cisco PIX Security Appliance

  I have a problem connecting a SunBlade 100 workstation with Cisco Routers, and the PIX Security Appliance at the Console ports of both a Cisco router and the Cisco PIX Security Appliance. This should be out of the serial port of the SunBlade 100 workstation..
  I have tried to use the UNIX command tip hardwire. No luck connecting to the console port. I also tried to use the UNIX cu command again no response from the console port. I tried connecting a modem temporarily to the SunBlade 100 workstation and was successful in echoing a phone number to a modem. However, I need to use a direct connection from the SunBlade 100 workstation.
  Currently, Windows 2000 workstations are used with
  Hyperterminal to connect to routers and the PIX Security Appliance. I have 24 SunBlade workstations in my classroom and need to use them to connect to the console port on Cisco routers, and the PIX Security Appliance. I would appreciate any help anyone might be able to give on this subject.

  Hello Namit and Rahul,
  Here are few questions that came in directly during your live webcast hence posting them here so that users can benifit:
  1)      How is ASA CX different from other UTM solutions ?
  2)      How is dynamic application inspection of CX better than other inspection engines  ?
  3)      What features or functionalities on the CX are available by default ?
  4)      what are the different ways we can run or install CX on the ASA platform ?
  5)      What VPN features are supported with multi context ASA in the 9.x release ?
  6)      What are the IPv6 Enhancements in the ASA version 9.x ?
  Request you to please provide your responses to them individually.
  Thanks.

• Usage meter appliance disk full

  Hi,
  our usage meter appliance disk is full and postgres is not starting. I've tried to increase the disk from 15Gb to 30Gb and reboot the vm, but the vm is not picking up the new disk size.
  do you have any idea of how to clean space, but most important how to increase the disk in the appliance.
  thanks in advance
  Best
  Juan Luis

  Hello.
  Try to add new hdd to appliance.

• Ironport web security appliance

  Hi,
  Just want to check if the IRONPORT
  S series web security appliances support
  failover/clustering of 2 boxes.
  thanks,

  Each Cisco IronPort web security appliance can be configured as a standalone proxy or to co-exist with other proxies (such as in a proxy hierarchy for conditional routing, failover and load balancing

• 10.5.2, Screensaver Security, and Disk Utility

  After installing the 10.5.2 software update, it is appropriate to use Disk Utility (DU) to repair permissions. I learned this from the fact that I had somehow lost the protection I had previously set up by requiring my password to wake up the computer from its screensaver mode. I checked my preferences and found them to continue to call for that form of security with the use of my screensaver. Because my preferred security settings were being ignored, I assumed I needed to repair permissions on my system files. When something isn't working as it should, then it's my understanding that in all likelihood permissions are out of kilter. The Software Update process somehow managed to alter some of my permissions, and again, as I understand it, this is a matter that should be suspected after any software installation.
  So I ran Disk Utility to repair permissions.
  With Leopard, Disk Utility's repair process runs differently from the way it did in Tiger.
  Under Leopard, Disk Utility's repair permissions routine presents a funny user interface. At the outset of the repair process, it ain't exactly clear that anything is really happening even though the repairs are indeed underway.
  First thing DU does when the repair process starts is show you a blue progress bar and words to the effect that the process will require about 1 minute more. Then that blue bar sits there doing nothing whatsoever in terms of measuring progress - until about five minutes have passed. During this 5 minute hiatus, DU is building its own permissions data base which it will subsequently use to do its repair work.
  Once the permissions data base is constructed, DU's progress bar will suddenly come alive again to show about fifteen minutes longer to complete the repair process. That fifteen minute item changes rapidly from then on, with all repairs being completed in just about five minutes more. (DU took altogether about ten minutes to do its repair thing under Leopard on my computer.)
  DU will show you a list of permission faults that it finds, with the ones it can fix, repaired. You may, according to Apple, safely ignore faults listed involving "SUID" or "ACL". (With 10.5.2, the "SUID" faults appear to have stopped showing up but the "ACL" faults continue to be presented on my computer.)
  If you have any wonderment about Disk Utility being at work when it appears that it is hung up for about five minutes, then open your Activity Monitor (AM) and select the CPU column. You'll be able to watch DU's use of the CPU while it is building the permissions data base. When DU's CPU usage ceases, you'll find that your permissions have been repaired. You can keep both DU and AM windows open on your monitor if you wish to suffer along with this sort of discombobulation.
  After repairing permissions, I rebooted to find my screensaver password once again being called for as it should.

  Okay, just a little update.
  I added the replica server to the "Authentication" search in the Directory Utility, right after the OD Master.
  I have also added it to the search path in the Workgroup Manager on my 10.4.11 server, and authenticated. Sees it just fine.
  Now, when I fake a failure of the Master, (IE, shut it down), it just hangs forever, and doesn't timeout and move on to the replica.
  Am I missing something? Isn't this the point of a replica?
  Help?
  Thanks!

• AirPort Disk Access Existing files when changing Secure Shared Disks with Accounts

  Hey, community;
  I have a 1TB Disk which I was using on my Mac, then upon aquisition of an AirPort Extreme Base Station, plugged it into there. File sharing was fine when set to "AirPort Password" for Security settings, but when I changed to "Accounts" and set up accounts, the existing paritions were there... they just couldn't be accessed.
  Tried finding the solution online, to no avail.
  Just writing to say I've solved this! Once you set the Security type to "Accounts," folders now appear on your USB Drive, one for each user you set up, as well as a "Shared" folder.
  I just dumped the existing contents of the drive into the "Shared" folder, and now everyone can access those original files.
  I hope this helps someone out.

  Restore the old files by removing the accounts.. ie press and hold reset.. once you go back to a reset all files are available again anyway so the security is illusionary.
  If you want to secure files encrypt them.
  BTW the old airport utility would have warned you that what you were doing will stop access to your files.
  Of course the latest toyland utility probably showed you nothing.
  Never start accounts with files on the TC.. you should offload them.. create accounts then load them back.. to the illusion of security at least.

• Best Settings for making a Secure, Reliable Disk Image?

  Hi guys!
  Can anybody direct me to the best settings that can be used to make a secure Disk image using the MacOS X disc utility?
  I wish to make my computer family friendly, yet keep my proffessional and private files secure/private and innaccesible to children and unautorized individuals. I have heard that files saved inside encrypted images (password protected) are also not indexed in the finder wich is perfect for the privacy I seek (this is true right?).
  I know how to access the tools, but the right settings for making a trustworthy image remain elusive. Already tried with some of the formats and information placed inside...started becoming glitchy and unreliable, even after removing the files and making them unencrypted again.I'm abaout to try with the HFS+ format.
  I cannot lose the files I wish to protect. But I need to secure them and if anything, be capable of backing up the image by copying it into a HFS+ formated external hard drive every once in a while. Can this be done?
  Is there a risk of data loss in the encryption process? One of my external drives (FAT 32) even started to make unrelated neighboring folders "disappear" after making an image inside ( I though I could make an image anywhere and save stuff securely at that point...but nearly losing the entire cashe of info made me backtrack and simply avoid the process until i'm sure of what I'm setting up---so many compatibility problems!)
  • Don't know what settings to use.
  • Some say there is a small chance of a disk image being damaged or corrupted (for no reason whatsoever)...but having trouble right off the bat, with a brand new image worries me. WHAT ARE THE RISKS? Is the system unrefined and unrealiable?
  I plan to make the Image a sparse file,using the HMS+ format, 400GB....regular encryption. I plan to copy all my sensitive stuff inside and delete unprotected copies. Risky? Are images unreliable in general? or where my glitches abnormalities?---Can the images hold collections of files or do they become more unrealiable the bigger they get (what I fear). I don't wan't to have to make dozens of images to protect my files.
  Can a external drive be formated to HMS+ and accept  a drag and dropped copy of a 400GB image? FAT32 will just not accept it. Would there be risk of the image being damaged in the transfer? NOTE that copying the data into an external drive would be to have a secure backup of the data. If I can't trust the backup to be carbon copy intact...it isn't a backup.
  Securing files is really proving to be bothersome, despite having "refined" tools at my disposal.
  Thanks for your help!

  Do you place your backups on external disks? Are your external disks formatted HFS+?
  Can HFS+ Disk image be Drag dropped into a HFS+ formatted external disk in order to copy them? or is the process blocked like what happens to large Disk images in FAT 32?
  I'm trying to lock on to the right format to apply to everything. My steps will be:
  Make the image: So far a sparse image in HFS+ format, 400 GB, No partition map.
  Drag sensitive work to Disk image. Once transfer in complete delete originals.
  Format an external disk into the journaled HFS+ format. Drag drop Secure disk image to back it up.
  Do you see any problems with this process? Anything i'm missing?