Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Can the ASA block sql injection

I would like to know which model of the ASA can block sql injections to help keep a web server safe.

3 REPLIES
New Member

Re: Can the ASA block sql injection

All ASA models should be able to accommodate for this using a specific enough regex string within an inspect class-map riding in an http inspect policy-map. You'd have to know what you are looking for to match with regex, whose config lines are limited to 100-something chars. For something more scalable and configurable, a full-fledged IPS would probably be preferred.

Bronze

Re: Can the ASA block sql injection

You might also take a look at the ACE Web Application Firewall (WAF). This product is specifically designed for protecting websites against attacks like this (and a number of other web specific attacks).

Jim

Silver

Re: Can the ASA block sql injection

Any ASA with IPS module in it can take care of all types of known attacks.

the signature definition database of ips gets updated every week/ 15 days.you can set it up to auto update and it'll fetch those definitions on it's own.

f/w with intrusion prevention system is the complete solution to go for.Alone,f/w is not effective enough when it comes to layer 7 inspection.

hTh

Sushil

TAC

1592
Views
5
Helpful
3
Replies