With an advanced Inspection and Prevention Security Services Module (AIP-SSM 20) for the Cisco ASA 5500 Series Adaptive Security Appliance residing at my perimeter, I am in need of choosing a solution for granting safe and secure Internet access to my 2000+ userbase on the inside. A solution that would suffice as my proxy/web caching needs too and possibly allowing me to do URL filtering according to my policy.
I was looking at secure computing's webwasher and Microsoft's ISA 2006 as possible solutions. Bluecoat is expensive. These guys tout of their L7 capabilities to detect malwares and scan HTTPS traffic but I feel that my AIP SSM should be able to do that job.
What do you guys advise!!? Wouldn't my SSM module check all the internet traffic floating by for all malwares/viruses/http attacks etc?
WebWasher is good stuff. It does all those things you mention (proxy,content caching, URL filtering, anti-x). It is also very expensive though. It is absolutely a best of breed solution though and you get what you pay for. The ASA is just not best of breed. It is probably cheaper though so maybe it's "good enough".
The ASA AIP SSM just isn't designed to do the things you want. It is a network IPS. Cisco does have an ASA module for this called CSC-SSM.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...