A service provider offers firewalls to his clients. Every asa si monitored by a MARS. If the clients use the same subnets in their Local networks, how can this be solved in MARS.
I mean, in the topology dashboard the firewalls will apear as connected on their inside interfaces, and in the Incident Dashboard i will see that, let's say an atacker with 10.x.x.1 tried something, but i will not know which which client (as they both have 10.x.x.x in their local lans).
To my knowledge there is no way to achive this. You have to buy separate MARS boxes for this. Cisco is offering some models with relatively less cost (based on EPS) now which you can use as local controllers. Then aggregate them to one Global Controller.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...