Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1242
Views
0
Helpful
1
Replies

ASDM 6.1 and Antispoofing

nigel-telfer
Level 1
Level 1

‎11-04-2008 08:58 AM - edited ‎03-11-2019 07:07 AM

We recently upgraded to ASDM 6.1 and IOS 8.04 on a ASA 5520. I noticed while poking around the ASDM that under Firewall-->Advanced-->AntiSpoofing that the interfaces say that Antispoofing is not enabled.

I thought on these Cisco ASA's that antispoofing is on by default. Is this feature related to something else. Any information would really help.

Labels:
0 Helpful
1 Reply 1

smahbub
Level 6
Level 6

‎11-10-2008 02:11 PM

The feature is disabled by default and you have to enable then same when required.Antispoofing capabilities deployed throughout the network can reduce the likelihood of spoofed packet exploitation as well as aid in attack traceback.Antispoofing protection in the form of unicast Reverse Path Forwarding (uRPF) can provide limited mitigation if properly configured. This feature should not be relied upon to provide 100% mitigation since spoofed packets may still enter the network from the interface expected by uRPF. Care must be taken to ensure that the appropriate uRPF mode (loose or strict) is configured to ensure that legitimate packets are not dropped.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card