We are looking at replacing our Forefront TMG server with a combination Cisco ISE VMware instance and hopefully an Active Directory integration with our edge router. We need to log all authenticated users internet traffic and would like to do it with the router. Is it possible?
Asked
Active
Viewed 321 times
-1
-
How intrusive does the logging need to be? Cisco devices can log at packet level but I suspect you already know this. Simply append `log` to your firewall rules. – gparent May 03 '13 at 18:17
-
We only need basic info: source ip, ad username, timestamp, destination ip/web address – BackPacker777 May 03 '13 at 18:26
-
Did you find a soloution? I am also looking to replace a Forefront, and I also need to log my AD users Best regards – May 13 '13 at 12:18
1 Answers
0
We need to log all authenticated users internet traffic and would like to do it with the router. Is it possible?
Yes. You should dig in something like Logging, Inspection, Matching Regex in ASA
cuonglm
- 2,386
- 2
- 16
- 20
-
Is this what you are recommending?: http://www.cisco.com/en/US/docs/security/ibf/setup_guide/ad_agent_setup_guide.html – BackPacker777 May 13 '13 at 16:47
-
-
No, we currently have a 2821 router with the firewall IOS, so I was hoping to use that. To use this solution it seems like we'll need to purchase an ASA? – BackPacker777 May 13 '13 at 16:55
-
Yes, a router can not manage layer 7 protocol, and I don't know any AD agent for router cisco – cuonglm May 13 '13 at 16:58