I have an ASA 5510 and was wondering if someone could shed some light on this. If someone internally would install a producted (keylogger or something of that nature) that gathered information and then sent it to a remote location could the ASA detect this traffic and/or prevent the leak of information.
The ASA has an IPS module that may help you with what you want. I'm not aware of any device that will log when a keylogger is installed because that type of activity, local to the workstation, would be restricted by antivirus software. Anything traversing the network, i.e. buffer overflows, DoS attacks, MITM attacks, etc, can be seen with an IPS.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...