Category: Cisco Quality of Service
-
Remote Access VPN – Cisco Virtual Private Network (VPN)
Remote Access VPN In a remote access virtual private network, an endpoint device located in a remote network can connect to an organization’s internal network over the Internet via a secure channel. The endpoint device uses Cisco AnyConnect Secure Mobility Client to establish a secure tunnel with a threat defense, which is deployed in an…
-
VPN Essentials – Cisco Virtual Private Network (VPN)
VPN Essentials VPN technology leverages a variety of protocols and algorithms to provide information security services. In VPN architectures, confidentiality is maintained by encrypting the packet, integrity is guaranteed by validating the hash function, and availability to authorized users is confirmed by matching the secret keys. Figure 19-1 shows three main components of information security—confidentiality,…
-
Decryption Techniques on Secure Firewall – Cisco Traffic Decryption Policy
Decryption Techniques on Secure Firewall The full suite of access control rule capabilities can be performed only on nonencrypted traffic. To decrypt, inspect, and block encrypted traffic, you need to configure an SSL policy and select the SSL policy from within your access control policy. When an SSL policy is associated with an access control…
-
Best Practices for Traffic Decryption – Cisco Traffic Decryption Policy
Best Practices for Traffic Decryption Enabling traffic decryption functionality introduces additional CPU overhead, which can impact the overall throughput of the system. Therefore, you should consider the following best practices when you configure an SSL policy: Configuring a Decryption Policy In the following sections, you learn how to configure an SSL policy to decrypt network…
-
Sending Syslog from Threat Defense – Cisco System Logging (Syslog)
Sending Syslog from Threat Defense By using the platform settings policy, you can deploy different logging configurations to different threat defense devices. The platform settings policy allows you to configure many device-specific options in one place and then deploy them to one or more threat defense devices as needed. For example, you can add a…