Has anyone implemented CS-MARS with ASA in active/standby, each with IPS modules?
What is the procedure for adding the devices to CS-MARS - do I define each box separately -(remember the active and standby both have the same name) or do I just define one ASA using the failover address?
I?ve asked this question before but never really received a response. So what I'm about to say is based only on my experience.
I added only the active firewall, and then added each IPS blade as a module to the active firewall.
The only drawback is that MARS does not seem to acknowledge failover capabilities. I say this because only one IPS blade (obviously)generates alerts, so the second blade will cause MARS generate an Inactive CS-MARS reporting device event.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...