07-23-2009 02:13 PM - edited 03-10-2019 04:42 AM
I would like to know which model of the ASA can block sql injections to help keep a web server safe.
07-24-2009 03:31 PM
All ASA models should be able to accommodate for this using a specific enough regex string within an inspect class-map riding in an http inspect policy-map. You'd have to know what you are looking for to match with regex, whose config lines are limited to 100-something chars. For something more scalable and configurable, a full-fledged IPS would probably be preferred.
08-03-2009 12:19 PM
You might also take a look at the ACE Web Application Firewall (WAF). This product is specifically designed for protecting websites against attacks like this (and a number of other web specific attacks).
Jim
08-03-2009 03:53 PM
Any ASA with IPS module in it can take care of all types of known attacks.
the signature definition database of ips gets updated every week/ 15 days.you can set it up to auto update and it'll fetch those definitions on it's own.
f/w with intrusion prevention system is the complete solution to go for.Alone,f/w is not effective enough when it comes to layer 7 inspection.
hTh
Sushil
TAC
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: