CiscoSecure SCAS - Cisco 5500 ASA

Unanswered Question
Sep 23rd, 2007

The parameter we want to control is the specification of the optional packet-length parameter. It's OK if analysts accept the default (e.g. they do not specify the packet-length parameter), but we want to control who can execute the capture command with a packet-length different from the default (actually it would be OK if they specified a smaller packet-length that the default 68 bytes, but I'll be happy if we can control the use of the packet-length parameter at all).

So, capture Test1 access-list acl-test interface inside would be an example of a command we would want to permit, but capture Test1 access-list acl-test interface inside packet-length 256 we would want to control. I don't know if packet-length can be abbreviated, or if it could be specified in other positions since it is optional, but assume you will test for those things as well.

Can we control the priviledge access for Cisco 5500 ASA in CiscoSecure 3.3?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
htarra Fri, 09/28/2007 - 06:29

You can control the privilege access for Cisco 5500 ASA in Cisco Secure but you can't set parameter. You can do by setting by commands.

shahreezal Sun, 09/30/2007 - 17:02

Thanks for the info, Tarra. But how do I control the priviledge access in CiscSecure? For example in my case I want to control the "capture" command for Cisco 5500 ASA in CiscoSecure. Do Cisco System have a manual or whitepaper on example on how to control the "capture" command in CiscoSecure? It will be great if I can see some example on how to configure the SCAS in CiscoSecure to control the priviledge access.


This Discussion