Firewalls typically provide the function of effectively blocking TCP/IP ports to and from an Internet connection. IDS/IPS inspects traffic looking for malicious activity. Most firewalls or IPS/IDS systems provide the ability to lock out malicious addresses. Malicious addresses are defined as remote machines attempting several known forms of attack, such as port scanning, DoS (Denial of service), and signature-based attacks. When such malicious activity is detected, it should be locked out immediately, effectively preventing further system compromise. Since this could potentially lead to system compromise, it receives a medium threat rating.
1. Consult the vendor or provider of your firewall or IDS/IPS product to ensure that such activity can be detected and blocked by your specific device.
I have the ASA5510 with the IPS module. Both have the latest in firmware and software. I believe they are already doing this, but can anyone confirm this unit does this?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...