ASA 5500

Unanswered Question
Aug 19th, 2008

Hi

I'm looking at using a ASA 5500 to replace our aging pix. Other than normal firewall functionality, I want the unit to scan http content for malware, which I understand the Content Security Bundle provides.

I also need to at least throttle an exceptionally greedy application, but ideally dynamically throttle heavy users to an acceptable allocation.

Is this possible with this level of hardware, if not, any clues as to achieving this.

Many Thanks

Rich

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
robertson.michael Tue, 08/19/2008 - 08:04

Hi Rich,

You are correct that malware scanning is done through the CSC module.

As for throttling your application, this depends on how exactly you want to throttle it but it should be possible. The ASA offers some functionality such as QoS, limiting the number of connections, etc.

Take a look through the configuration guide, which should give you some idea about the options you have for this:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/conf_gd.html

Hope that helps.

-Mike

Actions

This Discussion