ASA question

SRTMCSESRTMCSE Senior MemberMember Posts: 249
Figured this is the best place to ask this question. Those of you who have experience with the ASA. I know that the ASA can provide permiter AV and IPS functionality, but I was wondering, can the ASA provide both of these functions at the same time or can the ASA only provide firewall AND AV or firewall AND IPS.


  • opers13opers13 Senior Member Member Posts: 100
    AIP SSM and CSC SSM are two separate modules....I would run the IPS module, the AV module costs a lot specially when you add extra users and URL filtering licenses.

    We were thinking about replacing Websense by adding the AV/URL filtering module to our ASAs. Besides the cost, the ASA's URL filtering feature is not that great.
  • SRTMCSESRTMCSE Senior Member Member Posts: 249
    We were planning on adding perimeter anti-virus and since we're adding an ASA to replace our Pix I was interested in the anti-virus capabilities of it and my boss and I were discussing that it might be IPS or AV and weren't sure if the ASA supported running both concurrently. As far as web filtering, we're running a Bluecoat SG and we're pretty pleased with that.
  • AhriakinAhriakin SupremeNetworkOverlord Member Posts: 1,799 ■■■■■■■■□□
    I'd agree on going with the IPS, it effectively covers a lot of AV functions from a different angle and provides complimentary protection in conjunction with standard software AV. The single best use I've gotten out of our existing IDS (Snort, also waiting on ASA upgrades) has been tracking Worms.
    We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place?
Sign In or Register to comment.