Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
292
Views
0
Helpful
1
Replies

ASA 5505 Security Tips

allen.malanda_2
Level 1
Level 1

‎01-09-2008 07:41 AM - edited ‎03-11-2019 04:45 AM

My company is using an ASA 5505 for security. I've enable IP Audit and IP verify reverse-path. Are there any other securities tips build in the device? Or, what is the best way to secure your network with ASA 5505

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎01-09-2008 08:30 PM

The best way to secure your network with it is to simply plug it in between the Internet and your network. By default all outbound traffic (to the Internet) will be allowed (assuming you set up NAT rules as necessary) and all inbound traffic (from the Internet) will be denied.

If you don't specifically allow any inbound traffic into your network then "ip audit" is not going to be of much use to you, and "ip verify reverse-path" will benefit the rest of the Internet community by not allowing any of your internal PC's to send out spoofed packets.

If you need to allow inbound traffic make sure to only allow the bare minimum in, that is specifically define the protocol, port and destination IP addresses in your access-list. Turn on protocol inspection using the "inspect ..." command if there is an inspection for the protocol in question.

Set up a syslog server and log all your level 1-4 syslog messages to it and archive them off for future reference.

Other than that, have fun and relax.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card