-
1. Re: Vulnerabilities in my ASA
Paul Stewart - CCIE Security Mar 23, 2012 5:58 PM (in response to CCIE_2B)I think you need to disable https (webvpn and asdm) on any untrusted interface or upgrade. Should be fixed in 8.4(2) or 8.2(5). I wouldn't upgrade to 8.4(2) unless you are already in 8.4 or if you are aware of its significant syntax changes.
-
2. Re: Vulnerabilities in my ASA
CCIE_2B Mar 26, 2012 6:49 AM (in response to Paul Stewart - CCIE Security)Paul, I can not disable the webvpan because we are current using it.
any more option than upgrading the OS.
-
3. Re: Vulnerabilities in my ASA
CCIE_2B Mar 26, 2012 1:41 PM (in response to CCIE_2B)I am tryin to upgrade to the version 8.4(4) but not sure if I meet the hardware requieremet.
my ASA 5510 has 256 RAM, that would be enough ?
-
4. Re: Vulnerabilities in my ASA
Paul Stewart - CCIE Security Mar 26, 2012 6:30 PM (in response to CCIE_2B)Cisco recommends a 1 Gig. My ASA5505 runs okay on 256MB in a lab only environment. It does warn you that it isn't enough. I would use 8.2.5 if you are less than 8.3 today. Wait until you can plan for it and get the memory to go to 8.4. It is a different beast if you use the command line. In my opinion, it's actually worth purchasing an ASA5505 (10 user edition) just to lab with.