Cisco Context Directory Agent (CDA) & Other Materials [Redhat Hacker]

seeders: 5
leechers: 3
Download torrent
Added on April 7, 2014 by RedhatHackerin Other > Unsorted
Torrent verified.


Cisco Context Directory Agent (CDA) & Other Materials [Redhat Hacker] (Size: 3.92 GB)
 asa871-3.ova54.79 MB
 asa871-3.md548 bytes
 asa902-k8.bin26.33 MB
 asa912-k8.bin26.21 MB
 asa903-k8.bin26.14 MB
 asa911-4-k8.bin26.02 MB
 asa901-k8.bin26 MB
 asa911-k8.bin26 MB
 asa913-k8.bin25.73 MB
 asa844-9-k8.bin24.1 MB
 asa844-5-k8.bin24.08 MB
 asa844-1-k8.bin24.05 MB
 asa844-3-k8.bin24.05 MB
 asa843-k8.bin24.03 MB
 asa845-k8.bin24.03 MB
 asa842-k8.bin23.99 MB
 asa841-k8.bin23.78 MB
 asa846-5-k8.bin23.71 MB
 asa846-k8.bin23.68 MB
 asa847-k8.bin23.66 MB
 asa822-k8.bin15.7 MB
 asa832-39-k8.bin15.35 MB
 asa832-k8.bin15.22 MB
 asa832-npe-k8.bin15.22 MB
 asa831-k8.bin15.21 MB
 asa825-41-k8.bin14.75 MB
 asa825-33-k8.bin14.73 MB
 asa825-k8.bin14.68 MB
 asa823-k8.bin14.54 MB
 5500.md51.32 KB
 asa871-3-smp-k8.bin40.99 MB
 asa912-smp-k8.bin36.42 MB
 asa913-smp-k8.bin35.91 MB
 asa911-4-smp-k8.bin35.7 MB
 asa911-smp-k8.bin35.68 MB
 asa902-smp-k8.bin35.53 MB
 asa903-smp-k8.bin35.28 MB
 asa861-2-smp-k8.bin32.92 MB
 asa844-1-smp-k8.bin30.18 MB
 asa845-smp-k8.bin30.16 MB
 5500-x.md5538 bytes
 AD_Agent-v1.0.0.32-build-539-Installer.exe70.07 MB
 2011 Jun.md578 bytes
 AD_Agent-v1.0.0.32.1-build-598.Installer.exe70.07 MB
 2012 May.md580 bytes
 anyconnect-win-vpnapi-3.1.04066.zip70.14 MB
 anyconnect-win-3.1.04066-k9.pkg30.95 MB
 anyconnect-profileeditor-win-3.1.04066-k9.exe21.13 MB
 anyconnect-win-3.1.04066-pre-deploy-k9.iso20.98 MB
 anyconnect-linux-64-3.1.04066-k9.pkg9.84 MB
 anyconnect-linux-3.1.04066-k9.pkg9.79 MB
 anyconnect-predeploy-linux-64-3.1.04066-k9.tar.gz7.14 MB
 anyconnect-predeploy-linux-3.1.04066-k9.tar.gz7.06 MB
 anyconnect-linux-3.1.04066-vpnapi.tar.gz5.89 MB
 anyconnect-macosx-i386-3.1.04066-vpnapi.tar.gz5.11 MB
 anyconnect-win-vpnapi-3.1.04059.zip70.12 MB
 anyconnect-win-3.1.04059-k9.pkg30.85 MB
 anyconnect-profileeditor-win-3.1.04059-k9.exe21.13 MB
 anyconnect-win-3.1.04059-pre-deploy-k9.iso20.93 MB
 anyconnect-macosx-i386-3.1.04059-k9.pkg10.81 MB
 anyconnect-linux-64-3.1.04059-k9.pkg9.83 MB
 anyconnect-linux-3.1.04059-k9.pkg9.79 MB
 anyconnect-macosx-i386-3.1.04059-k9.dmg8.11 MB
 anyconnect-predeploy-linux-64-3.1.04059-k9.tar.gz7.13 MB
 anyconnect-predeploy-linux-3.1.04059-k9.tar.gz7.06 MB
 anyconnect-win-vpnapi-3.1.01065.zip69.39 MB
 anyconnect-win-3.1.01065-k9.pkg28.81 MB
 anyconnect-profileeditor-win-3.1.01065-k9.exe21.12 MB
 anyconnect-win-3.1.01065-pre-deploy-k9.iso20.12 MB
 anyconnect-macosx-i386-3.1.01065-k9.pkg10.59 MB
 anyconnect-linux-3.1.01065-k9.pkg10.54 MB
 anyconnect-linux-64-3.1.01065-k9.pkg9.49 MB
 anyconnect-macosx-i386-3.1.01065-k9.dmg7.87 MB
 anyconnect-predeploy-linux-3.1.01065-k9.tar.gz7.68 MB
 anyconnect-predeploy-linux-64-3.1.01065-k9.tar.gz6.8 MB
 anyconnect-win-vpnapi-3.1.02040.zip69.35 MB
 anyconnect-win-3.1.02040-k9.pkg29.3 MB
 anyconnect-profileeditor-win-3.1.02040-k9.exe21.12 MB
 anyconnect-win-3.1.02040-pre-deploy-k9.iso20.59 MB
 anyconnect-macosx-i386-3.1.02040-k9.pkg10.63 MB
 anyconnect-linux-3.1.02040-k9.pkg10.56 MB
 anyconnect-linux-64-3.1.02040-k9.pkg9.51 MB
 anyconnect-macosx-i386-3.1.02040-k9.dmg7.89 MB
 anyconnect-predeploy-linux-3.1.02040-k9.tar.gz7.69 MB
 anyconnect-predeploy-linux-64-3.1.02040-k9.tar.gz6.82 MB
 anyconnect-win-vpnapi-3.1.02026.zip69.32 MB
 anyconnect-win-3.1.02026-k9.pkg29.21 MB
 anyconnect-profileeditor-win-3.1.02026-k9.exe21.12 MB
 anyconnect-win-3.1.02026-pre-deploy-k9.iso20.52 MB
 anyconnect-macosx-i386-3.1.02026-k9.pkg10.61 MB
 anyconnect-linux-3.1.02026-k9.pkg10.56 MB
 anyconnect-linux-64-3.1.02026-k9.pkg9.51 MB
 anyconnect-macosx-i386-3.1.02026-k9.dmg7.89 MB
 anyconnect-predeploy-linux-3.1.02026-k9.tar.gz7.68 MB
 anyconnect-predeploy-linux-64-3.1.02026-k9.tar.gz6.82 MB
 anyconnect-win-vpnapi-3.1.00495.zip68.2 MB
 anyconnect-win-3.1.00495-k9.pkg28.43 MB
 anyconnect-profileeditor-win-3.1.00495-k9.exe21.11 MB
 anyconnect-win-3.1.00495-pre-deploy-k9.iso19.8 MB
 anyconnect-macosx-i386-3.1.00495-k9.pkg10.67 MB
 anyconnect-linux-3.1.00495-k9.pkg10.47 MB
 anyconnect-macosx-i386-3.1.00495-k9.dmg9.53 MB
 anyconnect-linux-64-3.1.00495-k9.pkg9.42 MB
 anyconnect-predeploy-linux-3.1.00495-k9.tar.gz7.62 MB
 anyconnect-predeploy-linux-64-3.1.00495-k9.tar.gz6.74 MB
 anyconnect-win-vpnapi-3.0.08057.zip66.08 MB
 anyconnect-win-3.0.08057-k9.pkg27.44 MB
 anyconnect-profileeditor-win-3.0.08057-k9.exe20.38 MB
 anyconnect-win-3.0.08057-pre-deploy-k9.iso18.96 MB
 hostscan_3.0.08062-k9.pkg15.27 MB
 anyconnect-macosx-i386-3.0.08057-k9.pkg10.2 MB
 anyconnect-linux-3.0.08057-k9.pkg9.82 MB
 anyconnect-linux-64-3.0.08057-k9.pkg8.88 MB
 anyconnect-macosx-i386-3.0.08057-k9.dmg8.84 MB
 anyconnect-predeploy-linux-3.0.08057-k9.tar.gz6.95 MB
 rdp2-plugin.090211.jar858.51 KB
 rdp_09.11.2012.jar670.09 KB
 ssh-plugin.120911.jar367.49 KB
 ssh-plugin.130918.jar367.4 KB
 vnc-plugin.111018.jar86.21 KB
 post-plugin.090722.jar43.4 KB
 ica-plugin.04.23.2012.zip7.37 KB
 cisco_vpn_auth.jar5.18 KB
 1.1.1.md5456 bytes
 rdp-plugin.101215.jar672.61 KB
 rdp-plugin.120424.jar669.96 KB
 rdp-plugin.111024.jar660.73 KB
 ssh-plugin.080430.jar395.51 KB
 ssh-plugin.111006.jar250.05 KB
 vnc-plugin.080130.jar88.03 KB
 ica-plugin.100805.zip7.31 KB
 1.0.0.md5399 bytes
 anyconnect-symbian-armv5_urel-2.4.5004-asa-package.pkg1.43 MB
 anyconnect-symbian-armv5_urel-2.4.5004-AnyConnect.sis1.26 MB
 asdm-demo-714.msi31.86 MB
 asdm-demo-649.msi28.22 MB
 asdm-demo-713.msi27.51 MB
 asdm-demo-712.msi27.4 MB
 asdm-demo-647.msi27.25 MB
 asdm-demo-711.msi27.21 MB
 asdm-demo-702.msi27.16 MB
 asdm-demo-701.msi26.82 MB
 asdm-demo-645.msi25.41 MB
 asdm-demo-641.msi24.99 MB
 Cisco Context Directory Agent.zip786.78 MB
 Cisco ASA 5540 8.2(1) Keymaker v1.0 (Sep 2009) by SSG.exe7.5 KB
 info.txt717 bytes
 DOC.txt68 bytes

Description

Context Directory Agent Overview

Unlike traditional security mechanisms, Cisco’s security gateways such as ASA-CX, WSA, ASA and the Cloud-based CWS service, provide security to networks based on the context of the entity requiring access. While traditional network and content security gateways used to rely on the entity’s IP Address only to determine if it should pass the security gateway or not, today’s Cisco products allow to take into account much additional information, and make decisions based on the complete context of the network entity, such as the user currently using it, what operating system it uses, what location is it in, and so on. Security administrators write policies using reference to this context, and when network traffic hits the security gateway, it needs to check what is the context of the originating (and sometimes, also the destined) IP Address.

Cisco Context Directory Agent (CDA) is a mechanism that maps IP Addresses to usernames in order to allow security gateways to understand which user is using which IP Address in the network, so those security gateways can now make decisions based on those users (or the groups to which the users belong to).

CDA runs on a Cisco Linux machine; monitors in real time a collection of Active Directory domain controller (DC) machines for authentication-related events that generally indicate user logins; learns, analyzes, and caches mappings of IP Addresses and user identities in its database; and makes the latest mappings available to its consumer devices.

Starting with patch 2, CDA can now receive information from Cisco Identity Services Engine (ISE) and Cisco Secure Access Control Server (ACS) machines about 802.1x network logins, in order to map users that do not directly login into Active Directory. CDA acts as a syslog server, receiving syslog messages from ISE and ACS, and populates the mapping table using network login information derived from ISE and ACS.

Consumer devices, such as the Cisco Adaptive Security Appliance (ASA) and the Cisco IronPort Web Security Appliance (WSA), interact with the CDA using the RADIUS protocol in order to obtain the latest set of IP-to-user-identity mappings, in any one of the following ways:

On-Demand —CDA can respond to an on-demand query from the consumer device for a specific mapping.
Full Download —CDA can respond to a request from the consumer device for the entire set of mappings currently in its cache.

For both the on-demand and full-download methods, the request from the consumer device can be specially tagged to indicate that it also includes a registration regarding any subsequent updates.

For example, when a consumer device requests a basic on-demand query, CDA responds with the specific mapping that might have been found in its cache, and does not send any further updates about that mapping. On the other hand, if the on-demand query also includes a registration, the initial response from CDA is the same as before and if, at a later point in time, that specific mapping undergoes a change, then CDA proactively notifies the requesting consumer device (as well as any other consumer devices that have registered for notification) about the change in that specific mapping.

Similarly, when a consumer device requests a basic full download, CDA transfers a snapshot of the session data containing all of the mappings currently found in its cache, and does not send any further updates. On the other hand, if the request is to register for replication, then the initial response from CDA is the same as before. At a later point in time, if the set of mappings undergoes any sort of change (new mappings added or certain mappings changed and so on), then CDA proactively notifies the requesting consumer device (as well as any other consumer devices that have registered for replication) about these changes, relative to the snapshot that was previously sent.

The IP-to-user-identity mappings that are discovered, maintained, and provided by CDA can include not only IPv4 addresses, but also IPv6 addresses.

CDA can send logs to one or more syslog servers.

CDA continues to function if any of the Active Directory domain controllers or the consumer devices have failed. It obtains information from other domain controllers. However, there is no failover for CDA. CDA internally contains a “watchdog” functionality that continuously monitors the Linux processes internal to it, automatically restarting them if it detects that they have crashed. While there is no failover for CDA in itself, the solution as a whole does support failover, controlled by the consumer devices, using their capability to configure a primary and secondary CDA (similar to primary and secondary RADIUS server), and failover to the secondary server in case the primary is unresponsive. It should be noted that primary and secondary CDAs are completely unaware of each other, and do not exchange any state information.

Sharing Widget


Download torrent
3.92 GB
seeders:5
leechers:3
Cisco Context Directory Agent (CDA) & Other Materials [Redhat Hacker]