[c-nsp] Cisco ASA - Configuring Accounting for Network Access
harbor235
harbor235 at gmail.com
Mon Oct 31 13:01:47 EDT 2011
Assuming you have a recent version of code (8.2.1 and up) you should enable
netflow version 9
support. This will give you a five tuple of releveant flow
information: <Protocol,
Src Address, Src Port, Destination Address, Destination Port>, perhaps
netflow coupled with user info via accounting will
provide you with what you need.
Mike
On Mon, Oct 31, 2011 at 12:38 PM, Antonio Soares <amsoares at netcabo.pt>wrote:
> Hello group,
>
> I have a customer that was using a Web Proxy to monitor user access to the
> internet. Now the customer is asking me if the ASA can help him monitor the
> users access to the internet because the proxy is not working. He wants to
> know which users are accessing which sites. The only feature I was able to
> find that could help the client is Network Access Accounting:
>
>
> http://www.cisco.com/en/US/docs/security/asa/asa84/asdm64/configuration_guid
> e/access_fwaaa.html#wp1151104
>
> I made a test in my lab and basically the ASA sends information about the
> source-ip:source-port->destination-ip:destination-port to the aaa server.
> This should be enough but it is not very practical. The customer wants some
> nice real time graphics showing him what users are doing. Do we have any
> solution without replacing the ASA with something else ? Is this just me or
> the reporting capabilities of the ASA are very basic ?
>
>
> Thanks.
>
> Regards,
>
> Antonio Soares, CCIE #18473 (R&S/SP)
> amsoares at netcabo.pt
> http://www.ccie18473.net
>
>
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list