Securing FTD TLS Ciphers

• Post author:Admin
• Post published:April 30, 2024
• Post category:Cisco/FTD

When using a Cisco FTD firewall for SSL/TLS Remote Access VPN, the appliance is enabled by default with TLS versions 1.0, 1.1 and 1.2. TLS versions 1.0 and 1.1 are…

Continue ReadingSecuring FTD TLS Ciphers

ASA Interface High Availability

• Post author:Admin
• Post published:April 14, 2024
• Post category:ASA/Cisco

The Cisco ASA software image running on either Firepower or ASA hardware supports interface high availability using PortChannel/Etherchannel and Redundant interfaces. This post covers describes both solutions and provides information…

Continue ReadingASA Interface High Availability

ASA Transparent Mode

• Post author:Admin
• Post published:April 7, 2024
• Post category:ASA/Cisco

The Cisco ASA software supports two firewall modes, routed and transparent. A transparent firewall is a layer 2 firewall that acts like a stealth firewall and is not seen as…

Continue ReadingASA Transparent Mode

ASA Service Policies

• Post author:Admin
• Post published:March 26, 2024
• Post category:ASA/Cisco

The Cisco ASA firewall, Service Policies use the Modular Policy Framework (MPF) to provide a flexible way to configure ASA features, such as connection settings, inspection, QoS, redirection to service…

Continue ReadingASA Service Policies

ASA TCP Intercept

• Post author:Admin
• Post published:March 20, 2024
• Post category:ASA/Cisco

An attacker can launch a DOS attack by flooding a host with thousands of TCP SYN packets, the source address would be spoofed with no way for the host server…

Continue ReadingASA TCP Intercept

ASA NAT Exemption

• Post author:Admin
• Post published:March 11, 2024
• Post category:ASA/Cisco

The Order of Operations on the ASA processes NAT before determining whether the packet should be encrypted. In most scenarios an ASA is configured with a Dynamic PAT (Auto NAT)…

Continue ReadingASA NAT Exemption