3560 - Filter / Security Appliance Recommendations?

Oct 16, 2012

I am looking for recommendations on a device to put at the forefront of our network, mainly for web content filtering. Our network is currently setup as this:We have two Internet providers. One for each network that are physically separate except a a Cisco 3560 which is used for failover. In the event one ISP goes down, one network can use the others ISP, however, it has no access to the other network beyond that switch.Currently, each network has a web content filter (SmartFilter) server which is going end of life in a year. We would like to replace each server with a single box at the front of the network for filtering. Other bonuses would be things such as bandwidth control, virus protection, etc.Perhaps the most important thing is to make sure our ISP bandwidth download speed does not get hampered by the device we choose to put at the front. We have 50mb download on one and 30mb on the other. If the device throttles the download at 10mb then it's useless to us.

View 9 Replies


ADVERTISEMENT

Security / Firewalls :: Recommendations For The Free Content Filter That Will Run On XP?

Mar 18, 2013

Im currently doing a project, and building a machine/ bastion host with DHCP and a content filter.Its running XP. Any recommendations for the content filter that will run on XP and is also free and popular?

View 1 Replies View Related

Security / Firewalls :: Sonicwall Network Security Appliance - Receiving A Content Blocked Message?

Dec 24, 2011

I'm new to IT, and have been put in charge of managing our servers hile my boss is on vacation.We currently have a Sonicwall Network Security Appliance that handles our Firewall/VPN and have web content filtering set in place.I have a user who belongs to 2 CFS policy groups that we have set up. I've double checked with Active Directory, and he is a member of both groups.

This person SHOULD have access to Job searches/ and Restaurants,but receives a "content blocked" message on his browser.It appears to me that the settings in Sonicwall are correct, as well with AD member groups.

View 3 Replies View Related

Cisco Switching/Routing :: BPDU Filter With 3560 Model Switch?

May 28, 2013

I am testing BPDU filter with 3560 model switch so I've looped 2 interfaces in that switch by configuring STP BPDU filter on interface levels and also connected one desktop in other interface on same vlan of looped interfaces with bpdufilter config. I am facing is both the looped interfaces are having heavy traffic due to this my switch CPU utilization also reached high. How to sort out this issue like why my switch interfaces traffic & CPU utilization went high even when I am using BPDU filter at interface level? As well as correct my BPDU configuration If I configured wrong. I thought it is a good practice and enabled this conf in some of my working environment but due to some loop my entire network went down?

View 6 Replies View Related

Security Appliance With No Subscription (maintenance Fee)

Mar 10, 2011

Is there a security appliance available that provides anti-malware protection, firewall,r content filtering, etc, AND has no subscription or maintainance fee (or optional fees)?

View 1 Replies View Related

Cisco Security :: 1113 ACS Se Appliance Upgrade To 5.2

Mar 6, 2011

How to upgrade from ACS Se 1113 (running 4.2.0.124) to a new 1121 appliance running version 5.2. We also run RA for AD integration ?

View 5 Replies View Related

Cisco Security :: Migrating From ACS 1113 Appliance To ACS 1121

Mar 18, 2013

We are currently running a ACS 1113 with version 4.2 software.  We are going to replace the 1113 ACS with two 1121 ACS. 

View 1 Replies View Related

Cisco Security :: Migrating Existing Database From ACS Win 3.3 To ACS Appliance 4.2.15?

Apr 17, 2011

how to migrate the db from acs windows 3.3 to acs appliance 4.2.15.We are replacing win 3.3 to appliance 4.2.15 as a part of end of life. So we have the eap-tls/peap authentication.It has the huge records. So suggest me the steps to migrate the db from win 3.3 to appl 4.2.15.Do we need to upgrade to win 3.3 to win 4.0 to win 4.2 & then to migrate to appl 4.2 ?

View 4 Replies View Related

Cisco Firewall :: ASA5510 - Adaptive Security Appliance

Mar 20, 2011

I m getting mention error when try to open subjected web link.
 
Deny TCP (no connection) from Outside:180.87.10.44/2443 (180.87.10.44/2443) to DMZ-1:a.b.c.d/1594 (w.x.y.z/17964) with follow explanations.
 
"The adaptive security appliance discarded a TCP packet that has no associated connection in the adaptive security appliance connection table. The adaptive security appliance looks for a SYN flag in the packet, which indicates a request to establish a new connection. If the SYN flag is not set, and there is not an existing connection, the adaptive security appliance discards the packet."
 
Where, a.b.c.d = our private ip address (Natted) w.x.y.z  = Public Ip address.

View 1 Replies View Related

Cisco Security :: A120 ACS - 2nd NIC Card For RSA Securid Appliance

May 20, 2012

I have RSA Securid appliance 3.0 "A120"  V 7.1 Sp4  and Cisco Secure Access Control System (ACS) Appliance V4.1.1 (build 23)..I make  communication between the Cisco Secure ACS and the RSA Securid appliance using RADIUS Protocol .I only configure 1st IP for RSA appliance and Add this ip In cisco ACS  and i go through implementation guide that is attached in this discussion  all things is fine in authentication.
 
now i enabled second IP for RSA but i did not know how to configure the Cisco ACS to know Second IP for RSA?

View 1 Replies View Related

Security / Firewalls :: Linksys WRT54G - Set Up Mac Address Filter?

Jul 31, 2011

I have a Linksys WRT54G router.I am trying to set up my internet connection so only my approved MAC Addresses can connect.I set everything up. I purposely excluded my laptop from the list to see if I did it right and I guess I didn't because my laptop is still able to connect to my network.

View 7 Replies View Related

Cisco Security :: C3800 / Filter Traffic By Mac Address?

Jan 23, 2011

Is it possible to configure cisco router like C3800 or catalyst switches like C4500 or C2960  to filter traffic based on allowable mac addresses only? I would like only to allow those devices that belongs to the domain, meaning if a user connects a computer or any devices that concerns network which I have not allowed the mac addresses, it will be denied access to the network. However, any of the allowable devices could able to use any port of the switch, meaning I dont want to associate an allowable Mac Address to a physical port on the switch.

View 2 Replies View Related

Cisco Security :: Reimage MARS 25 Appliance For Admin Password Recovery Procedure

Apr 25, 2011

I am trying to reimage a Cisco MARS 25 appliance for the pnadmin password recovery procedure. I am trying to boot the system with Recovery DVD (Version 5.3.2) shipped with the appliance. I connected a VGA monitor and USB keyboard to the appliance and when I do a reboot, I can see the Installation options. Please Choose A MARS Model To Install...

1. Distributed Mars - Local Controller But I am not able to select the Option 1 for the reimaging of Local Controller since my keyboard is not responding for the selections. During the LILO boot process, I can see some error message that 'Keyboard Not Present'. I tried to connect the keyboard to different USB ports and the PS/2 port using a USB to PS/2 adapter. Still keyboard is not functioning.I am able to select the BIOS options while connecting the USB keyboard to appliance. But it is not functioning when booting from Recovery DVD. Also the keyboard is functioning if I boot the appliance directly with previous image. Unfortunately I dont have any PS/2 keyboard available for connecting and admin password for Login.Is there any workaround/solution for supporting the USB keyboard during the Recovery Procedure ?I tried the serial connection with hyperterminal but some junk charaters appear even after setting the recomended Baud rate, parity, flow control etc.The Ethernet console seems not working with the default IP address 192.168.0.101 for eth1. 

2. Distributed Mars - Global Controller
3. Mars Operating System Recovery
4. Quit

View 5 Replies View Related

Cisco VPN :: Adaptive Security Appliance Asa 5540 Unable To Block Server Ports

Aug 10, 2011

I was configure IPSEC vpn on ASA5540 and i have problem with port blocked.  I am unable to block server ports to remote users.See below configuration.  I need to configure vpn filter list but don't know how to configure vpn filter list.

View 5 Replies View Related

Wireless :: Anod Security Network Filter - Should This Be Deleted For Windows?

Jan 22, 2012

I found anod secruity network filter driver for D-Link router to install on my pc , I don't use d-link router so it shouldn't be there, and also someone around my area is using my wireless internet connection, this how they must of got in. Now should this be deleted .

View 1 Replies View Related

Cisco Application :: ACE4710 Appliance To ANM Virtual Appliance NATed

Oct 12, 2011

We have an ACE Appliance in a DMZ and the ACE Appliance's Admin Context IP is translated between ACE and ANM. The ANM Server does not get translated. It is just the opposite then in another Community discussion.
 
Our Problem: When adding the ACE4710 Appliance to the ANM imported Device List, we use the ACE's NATed Admin Context IP. Import works well, but ANM reflects the Admin Context IP with it's real configured IP. Polling the ACE Appliance does not work therefore.
 
Is there a possibility of telling the ANM, that the ACE has to be polled through a NATed IP? I could not find a field to set a NATed Mgmt IP.
 
Configured IP on ACE Admin Context: 192.168.0.10
NATed ACE Admin  Context IP:           172.16.0.10
 
Imported ACE with IP 172.16.0.10 into ANM, but ANM polls for Rserver, Vserver, Probes, etc. via 192.168.0.10 - which is not reachable from the ANM.

View 2 Replies View Related

Cisco Security :: Mitel Phone 802.1x With Cat 3560 And ACS 5.2

Feb 21, 2011

I am piloting an 802.1x implementation for a client who has Mitel IP Phones.  I have setup the switch and ACS based on previous experience and a windows PC can authenticate onto the network OK.  When I use a Mitel phone however, it seems to skip past the first 802.1x LCD message and goes straight to LLDP and DHCP discovery, which obviously fails.  The phone are 5224s and the controller is on the original v10 release.  I have cleared the 802.1x config on the phone and rebooting as per Mitel documentation which leads me to believe it should then prompt for a user/pass on next reboot.  It does not do this.
 
I known the ACS is setup to support EAP-MD5 and I have tried all the various types of host modes including the default and Multi-Auth, Multi-Domain and none of them seem to make any difference.  I have tried with and without a PC attached to the phone as well.
 
A wireshark shows the EAP identity request from the switch, and I see an EAP response from the phone, although it is slightly different to the PC's response.  In the end the phone issues an EAP 4 failure message.  So something in that EAP conversation doesnt seem to work.

View 1 Replies View Related

Cisco Security :: Which IOS Version Of 3560-X Switch Support NAC-L2-IP

Apr 20, 2011

Which IOS version of 3560-X switch  support NAC-L2-IP ?

View 1 Replies View Related

Cisco Security :: 3560 Whole Switch Ports Not On Some Port

Mar 10, 2013

I am using 3560 switch senerio is that we have dhcp server on and I want that switch filter mac on whole switch ports not on a some port. Switch only give IP to the mac whcih is in mac table of switch/particular which we enter manually.I have read chapter 62 of port security but it doesnot fulfill my requirements.I am also using 3com 5500Ei switch in which we dont have to bind a mac on every port, we just enter a mac in the switch and it filter itself  by using simple commands.DHCP server is not in our hands, we cant do any things there.

View 1 Replies View Related

Cisco WAN :: Port Security Between Two Switches 3750 Or 3560 Using Trunk

Sep 2, 2012

Is it possible to use Port Security mechanism between two switch (3750 or 3560) ports while trunk has been configured? If it's not possible, is there any other way to ensure that no other Switch can be connected other then the one switch which has been configured/placed by a network engineer?

View 4 Replies View Related

Cisco Security :: Catalyst 3560-X - MACSec Possible With IEEE 802.1Q Tunneling

Apr 16, 2012

To use MACSec between 2 Catalyst 3560-X on both sides with a provider network between that is configured for IEEE 802.1Q Tunneling ?
 
Since MACSec uses 0x88e5 Frames and the Cisco SAP protocol uses 802.1x for negotiation, can that be working ? (I haven't success)

View 1 Replies View Related

Cisco Switching/Routing :: 3560 Port Security And Voice Vlan On Newer IOS

May 20, 2010

For many years we've had the following vlan and port security config on our 3560s: [code] This has worked great on 12.2(37)SE1, 12.2(40)SE and 12.2(46)SE. However since 12.2(50)SE, and I've tried all the versions since then, we have a problem with 7900 phones and ATA186s taking upwards of 20 minutes before they can get a valid IP number.The problem on the newer IOSes seems to be related to the inactivity aging.On the older IOS versions the mac address of the voice device appears on the voice vlan straight away.
 
On the newer IOS versions the mac address of the voice device appears on the DATA vlan and seems to be stuck there until the inactivity aging removes it. It then gets re-learned, sometimes on the voice vlan, and sometimes on the data vlan. If you're unlucky and it gets re-learned on the data vlan you've got to wait until the inactivity time ages the address out again. Repeat until the mac address eventually gets learned on the voice vlan. I don't want to be stuck on 12.2(46)SE forever.

View 11 Replies View Related

Cisco Switching/Routing :: 3560 Port Security Triggers With Valid Mac Address During Power On

Feb 28, 2013

I have 2 3560 switches that are running 12.2(25)SEE2. Port security is enabled on some of the ports. Whenever there is a power failure, when power is restored, 1 port on each switch goes to err-disabled. The mac address that causes this is a valid address for that port. Below is the configuration on one of the ports.

View 1 Replies View Related

Cisco :: Book Recommendations For VRF And Multicast

Mar 6, 2012

The topics I'm looking to learn about: VRF,Multicast different VPN types mpls...ect. GRE TunnelsIPS/IDS configuration. I know about the Routing TCP/IP, Volume 1 and Volume 2 by Jeff Doyle.I don't have them, but I'm interested.

View 9 Replies View Related

Cisco WAN :: 1900 New DSL Router Recommendations

May 8, 2013

I have a client whom uses a DSL 10 MG circuit as their backup circuit for Internet Connectivity in case of a failure. The circuit uses a DSL modem that is unreliable.  I was recommending yesterday tot he client that perhaps we could place a Cisco router in place of the residential grade DSL modem /router currently in place.I wanted to place a 1900 ISR G2 in there, which would allow me to swap the DSL module out whenever I can talk the company into a Metro E connection.  At that point I could swap the DSL module out and put an Ethernet module in to receive the Metro E. I was not able to find a solution last night using the Dynamic Configuration Tool.  Seems DSL has been phased out.Is there any recommendation that could be made to accommodate this clients request for a Cisco router that will handle DSL?

View 7 Replies View Related

Any Recommendations To Get Garage Desktop On Wireless Network

Jun 9, 2011

I have been trying to set up a home network to my detached garage office for personal use. I currently have a wireless network in my house but the distance from that router to my detach garage computer is too great to reach by normal, conventional means. The distance is approximately 100 feet through brick, glass, vinyl siding, drywall, etc. I am unable to relocate the router that controls the wireless network due to cabling issues plus I am not sure of the reliability of ethernet cable from the base router to garage. Currently I am running off two modems(one in garage and one in house) but the expense is ridiculous. Do you have any recommendations to get my garage desktop on the wireless network? Powerline adapters? Access Points/Repeater?

View 2 Replies View Related

Cisco VPN :: Two-factor Authentication Recommendations For ASA 5510

Dec 19, 2012

I'm wondering what people are using and/or recommending for two-factor authentication for VPN users on the Cisco ASA platform?

View 6 Replies View Related

Cisco Wireless :: Recommendations For Implementing A Second WLC 2100?

Jan 3, 2013

We have two 2100 WLC's that support 12 access points. One has been sitting in a box for some time, but we're at the point where we need to add additional access points that will put us in excess of the 12 limitation. What is the best way to go for installing the second WLC?

View 2 Replies View Related

Intel Xeon E5600 - SMB Server Recommendations

May 10, 2011

If you had to chose between Dell and another OEM manufacturer for a server to be used in a 1-20 user/employee/computer office network, which OEM would you go for? For a long time I have been recommending/selling Dell servers to my SMB clients (mainly the Poweredge T series) and am pretty comfortable working with these servers. However, I'm also a Lenovo business partner and they seem to have some aggressive pricing. Have any of you used Lenovo servers lately? Pros/cons? Warranty support good? I noticed HP is now selling Microsoft software licenses as a kit when you purchase a server, appearing to be discounted, even if you were to buy the licenses separately through a volume agreement.

Also, being that most of my clients in the 1-20 user/employee/computer office environment are looking at their bottom line, how would you configure a new server to run Microsoft SBS 2008 (some using Exchange, others not yet but may in future)? RAID1/5/10? 8GB RAM enough? Intel Xeon E5600 series processor? SATA or SAS drives?

Here is what I would normally build out a server from Dell:
single Intel Xeon E5620 processor
8GB RAM
PERC RAID card configured in RAID1
500GB SATA drives x 2
SBS2008 (I don't have much experience with SBS2011 yet, figured it would be best to let others work out any potential issues first)

View 19 Replies View Related

Cisco :: 5508 - Backup And Failover Recommendations

Dec 9, 2012

I have two 5508 WLC's setup to run about 200 AP's as the moment.  This is a hospital with patient care now running over wireless.  I am looking for the best scenario to minimize down time.  Currently both controllers are in the same mobility group and I will be setting the primary / secondary controller in the High Availability tab for each AP.  Most setting are all default still.
 
My question:
Would it better to setup the primary/secondary from the global configuration?
Can I leave them in the same mobility group if I use the global configuration?
 
My only problem so far is having AP's on different controllers caused some response delay as clients move from one controller to the other.  I need to find the best possible response time with the lowest possible fail-over time.  Any recommondeations or links to a good article on this subject?

View 4 Replies View Related

Recommendations For Remote Controllable PDU With POTS And RJ45?

Sep 20, 2012

We're looking for recommendation of remote controllable PDUs that support a phone line connection for POTS (in case the core router is down and we need to remotely power cycle connected equipment) and RJ45 for control from the network (if the core router doesn't happen to be down).

View 2 Replies View Related

Netgear WN2000RPT / Wi-Fi Range Extender / Repeater Recommendations

Jul 17, 2011

I recently bought a Netgear WN2000RPT from Best Buy and I couldn't manage to get past the setup (wouldn't connect with my existing router), and I'm returning it tomorrow.

I just need to repeat the wireless-G signal downstairs to the other side of the house upstairs.What are your recommendations?

View 1 Replies View Related

Linksys Wireless Adapters :: WMP600N Any Recommendations For External Antenna

Mar 22, 2012

 Travel in an RV and many campgrounds have poor WiFi setups.  Looking for some type of external antenna I can put outside of trailer.  I'm using a WMP600N adapter in a desktop PC running Win 7.  

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved