I while back I asked if you could block directly from the sensor in version 4 without VMS or CSPM - and was told you cannot - however further reading leads me to beleive that you can block without a separate management console - can anyone verify this for me.
Which leads me to my next question - can it send email alerts without a separate management console.
The blocking / shunning is a function of the sensor. so this can be configured on the sensor using the CLI. If you get into the "service NetworkAccess" configuration, you will see all the aprameters that are required to setup shunning.
On the other hand, the email notification is a function of the Security Monitor and not that of the sensor, hence email alerts can be sent only via the Security Monitor which is part of the VMS. CSPM is out of question as it does not support the newer version, 4.x, of the sensors.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...