[c-nsp] ASA Question - Antivirus
Paul Stewart
paul at paulstewart.org
Tue Jul 15 10:59:04 EDT 2008
Thanks very much... seems to be the common approach now - desktop/border
protection.... I looked at the Juniper stuff too and it seems to follow the
same trend...
Appreciate it,
Paul
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Richard Halfpenny
Sent: Tuesday, July 15, 2008 10:41 AM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] ASA Question - Antivirus
Paul Stewart wrote:
> Hi folks...
>
> We have a customer looking for a new firewall but it must have antivirus
on
> it. The AV cannot be on the fly specifically but on the desktop. Their
> currently solution forces their desktops to have a specific Antivirus
agent
> installed and updated. This is something similar to the NAC solution
> today....
>
> I'm looking at Cisco ASA 5520 Appliance Content Security Edition Bundle
> (Includes CSC-SSM-10, 50-user antivirus/anti-spyware license with 1-year
> subscription service*, firewall services, 750 IPsec VPN peers, 2 SSL VPN
> peers, 4 Gigabit Ethernet interfaces, and 1 Fast Ethernet interface)
> ASA5520-CSC10-K9
>
> Does anyone know how the antivirus/antispyware works on these? I've read
> through numerous marketing material but it's not clear where this is all
> done on the fly or if it's desktop agent based?
>
Hi Paul,
It is done on the fly.. we have a few educational customers using
CSC-SSM-20's in ASA5520's as another layer of defence in addition to PC
based antivirus. The CSC-SSM's are basically card based servers
(running Linux) and integrated into the ASA via GigE. Be careful to get
the correct module for the traffic mix you intend to run through it though:
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod
_white_paper0900aecd805c3cd6.pdf
Rich.
--
Network Operations
Exa Networks Ltd :: AS30740
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list