ASA see the proxy as attacker

Unanswered Question
Oct 28th, 2009

we r using ASA5510 for internet link.

we activated basic threat detection.

to access internet users must use one BlueCoat Proxy.

in ASA i allowed all IP traffic coming from the proxy.

in firewall dashboard, under Top 10 protected servers under sync attack, i can see that my proxy is always an attacker for many external servers.

why this is happen? can i add my proxy as a trusted host?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Panos Kampanakis Thu, 10/29/2009 - 09:55

threat-detection pulls statistic from the traffic of all the hosts. Since you proxy is doing all your http it is identified as a host that is "doing to much". It is normal.

You cannot disable it from showing up in the threat detection stats though.

I hope it helps.



This Discussion