Where Cisco defines what this new ASA's brings into place, so for your Content aware question you are looking for this:
pplication Visibility and Control (AVC), which recognizes over 1000 applications and more than 75,000 micro-applications, enabling administrators to enforce individual- and group-based access to specific components of an application while disabling others. Specific behaviors within allowed micro-applications can also be controlled.
– Web Security Essentials (WSE) enables reputation-based web application security policies. In addition, WSE enables robust content-based URL filtering with differentiated access policies based on user, group, device, and role.
– Cisco IPS, the only solution that combines passive OS fingerprinting and reputation for better threat mitigation.
– Cisco Cloud Web Security (CWS), which provides exceptional threat protection and control for organizations of all sizes, delivered through the cloud.
– Cisco ASA Botnet Traffic Filter (BTF), which monitors network ports across all ports and protocols for rogue activity, and detects infected internal endpoints sending command and control traffic back to a host on the Internet.
WSE, IPS, and CWS use threat intelligence feeds from Cisco Security Intelligence Operations (SIO) for advanced web reputation analysis and near-real-time protection from zero-day threats. For more information on how SIO helps IPSs control threats in real-life production environments, visit:
Check my blog at http:laguiadelnetworking.com for further information.
Julio Carvajal Segura
Julio Carvajal Senior Network Security and Core Specialist CCIE #42930, 2xCCNP, JNCIP-SEC
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...