Ciscoasa#show traffic

outside:
received (in 124.650 secs):
295468 packets 167218253 bytes
2370 pkts/sec 1341502 bytes/sec
transmitted (in 124.650 secs):
260901 packets 120467981 bytes
2093 pkts/sec 966449 bytes/sec
inside:
received (in 124.650 secs):
261478 packets 120145678 bytes
2097 pkts/sec 963864 bytes/sec
transmitted (in 124.650 secs):
294649 packets 167380042 bytes
2363 pkts/sec 1342800 bytes/s
Ciscoasa#
show memory

Free memory: 845044716 bytes (79%)

Used memory: 228697108 bytes (21%)

------------- ----------------

Total memory: 1073741824 bytes (100%)

Ciscoasa#
show xlate count

84 in use, 218 most used

Ciscoasa(config)#show xlate

3 in use, 3 most used

Flags: D - DNS, d - dump, I - identity, i - inside, n - no random,

o - outside, r - portmap, s - static

TCP PAT from inside:10.1.1.15/1026 to outside:192.150.49.1/1024 flags ri

idle 62:33:57 timeout 0:00:30
UDP PAT from 10.1.1.15/1028 to outside:192.150.49.1/1024 flags ri
idle 62:33:57 timeout 0:00:30
ICMP PAT from inside:10.1.1.15/21505 to outside:192.150.49.1/0 flags ri
idle 62:33:57 timeout 0:00:30

Ciscoasa# clear xlate global 10.10.10.10

static (inside,outside) tcp interface 2323 1.1.1.1 telnet netmask

255.255.255.255
 Responsible for all day-to-day management of Networking Devices Routers Switches
Firewalls
 Involved
in Designing, Implementation, Troubleshooting of Network Infrastructure

 Provide L3 support for Network

devices (Routers/Switches)

 Hands on Firewall Cisco ASA 5500 Series, SonicWALL

 Hands on Switches
installation, upgradation, troubleshooting of 4500, 6500 Chassis

 Knowledge on Network Monitoring

tools such as What's UP Gold

 Hands on Layer 2 Switches 2900, 3500 POE Switches, Dell Switches 3048,
3024

 Knowledge of VTP, STP, VSS, RSTP, PVST, ether channels /LACP/Port Channel/PAGP
 Hands on
Wireless Access Points

 Hands On Protocol BGP, HSRP, Site to Site IPSEC VPN, client to Site VPN,
RSA Tokens

 Knowledge on Optical Fibers, Fiber Modules

 Knowledge on Data Center Passive Cabling
Structure CAT 5 E, CAT 6, Fiber Cabling

 Documentation of network topology design along with the

layout for various cabling

 Designing of Network considering the security requirements of organization

and its customers

 Identify and Troubleshoot performance bottlenecks for Network devices

 Ability
to multi task, prioritize work in high pressure situations

 Be able to effectively work with business

users, developers and other technology colleagues outside of your direct team, across a
broad range of
business functions and at all levels of the organization
Virtual server type Description of virtual server type
Standard A Standard virtual server directs client traffic to a load balancing pool and is the most basic type of virtual server. It is
everything not expressly provided by the other type of virtual servers.
Forwarding (Layer A Forwarding (Layer 2) virtual server typically shares the same IP address as a node in an associated VLAN. A Forw
2) conjunction with a VLAN group.
Forwarding (IP) A Forwarding (IP) virtual server forwards packets directly to the destination IP address specified in the client request
members to load balance.
Performance A Performance (Layer 4) virtual server has a FastL4 profile associated with it. A Performance (Layer 4) virtual server
(Layer 4) processes packets.
Performance A Performance (HTTP) virtual server has a FastHTTP profile associated with it. The Performance (HTTP) virtual ser
(HTTP) the virtual server processes HTTP requests.
Stateless A Stateless virtual server improves the performance of UDP traffic in specific scenarios.
Reject A Reject virtual server rejects any traffic destined for the virtual server IP address.
DHCP Relay A DHCP Relay virtual server relays DHCP client requests for an IP address to one or more DHCP servers, and prov
address for the client. (11.1.0 and later)
Internal An Internal virtual server enables usage of ICAP servers to modify HTTP requests and responses by creating and ap
or Response Adapt profiles to the virtual server. (11.3.0 and later)
Message Routing A Message Routing virtual server uses a SIP application protocol and functions in accordance with a SIP session pro

SIEM Use cases :

Detection of Possible Brute Force Attack

Cisco ASA fundamentals:

1) When you allow accesslist on inbound connection on ASA for NATed ip,you have to apply access
list using real ip address not nated one
2) After inspection happens, it look up for egress interface from NAT statement or routing.
3) By default, egress interface can be identified using NAT statement not using rout lookup. But
you can change it