Limits filtering urls using MPF on the ASA5520

Unanswered Question
Jul 30th, 2008
User Badges:

Can anyone give 2-3 good reasons for doing url filtering using the CSC instead of MPF? Is there a limit on the number of entries in the list? How about other resource or process hits to the ASA?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rhermes Thu, 07/31/2008 - 07:39
User Badges:
  • Gold, 750 points or more

mfalcon -

This forum might not be the best place to ask a URL filtering questions. The IDS/IPS aspects of the ASA are usualy as deep as the discussions go into the ASA chassis here. You might try asking in the Firewall forum.

Farrukh Haroon Thu, 07/31/2008 - 18:10
User Badges:
  • Red, 2250 points or more

Here are some reasons:

1) The ASA can only have 4GE interface card, AIP -SSM (IPS) or the CSC at once. If you need the other two the only remaining choice is MPF or external server

2) Cost! The CSC costs money, and maybe a particular customer requires just to block a handful of websites, the CSC would be over-kill there.

Regards :)



This Discussion