Category: Cisco Data Center Solutions

Enable Logging on Access Control Policy In the preceding section, you added a syslog server in the platform settings policy. Next, you need to instruct Secure Firewall to send log messages to the syslog server configured in the policy. You can configure an access control policy to send syslog messages for intrusion events and file…

Verification After you successfully deploy a QoS policy, you can verify the deployment status from the threat defense CLI. Example 20-1 shows confirmation of the QoS policy configurations and the interface where the policy is deployed. Example 20-1 Policy Map Showing the Active QoS Policy on an Interface Click here to view code image !…

Configuring QoS Policy Follow these steps to create a QoS policy and add a rule within it: Step 1. Navigate to Devices > QoS. Secure Firewall does not come with a default QoS policy, so click the New Policy button to create one (see Figure 20-7). The New Policy window appears.    Figure 20-7 Home…

Quality of Service Essentials There are multiple ways to enable quality of service (QoS) in a network. A threat defense implements the traffic policing mechanism to limit the rate of traffic. With this method, the threat defense drops excessive traffic when the traffic rate reaches a predefined limit. As of this writing, the threat defense…

“Do I Know This Already?” Quiz The “Do I Know This Already?” quiz enables you to assess whether you should read this entire chapter thoroughly or jump to the “Exam Preparation Tasks” section. If you are in doubt about your answers to these questions or your own assessment of your knowledge of the topics, read…

Verification When the remote access VPN policy is deployed on the threat defense, you can test the successful operation by using a browser in the remote host, as shown in the following steps: Step 1. Log in to the remote host machine and open a browser. Step 2. On the URL bar of the browser,…

Remote Access VPN Policy Now is the time to put all the parts together. In the following steps, you use a wizard to configure a remote access VPN policy: Step 1. Navigate to Devices > VPN > Remote Access. Step 2. Click the Add button to create a new remote access VPN policy. The Remote…

Certificate Enrollment You can use the Cert Enrollment object to enter information about the certification authority (CA) server in your public key infrastructure (PKI). This information is necessary to create a certificate signing request (CSR) and to obtain an identity certificate. Secure Firewall offers four ways to select an enrollment type: Because describing the configuration…

Configuration Implementation of remote access VPN services on Secure Firewall is not a straightforward process. Before you begin the core part of the remote access VPN configuration, you need to define several components in various types of objects. When the necessary objects are configured, you invoke them into the Remote Access VPN Policy Wizard to…

Prerequisites Before you begin configuring the remote access VPN services, fulfill the following prerequisites:     Figure 19-32 Lab Topology to Implement the Remote Access VPN Services If you choose between AnyConnect Plus and AnyConnect Apex license tiers, you must consider the total number of unique users who may be using remote access VPN services at…