ASA fire services and security context
Hello.
We have an old asa 5510, and we would like to change with a new x 5525 asa with services of firepower, using the fueatures IPS.
In the firewall of the production, we organize 6 security contexts; so the question is: If buy us this product, we can use IPS FirePower feauters in any security context or do we not have limits?
Thank you
Daniele
The only restriction is that one set of politics of power must be applied for all contexts will share policy.
Tags: Cisco Security
Similar Questions
-
Check the number of users and security
Gurus,
In our EPM (System 11.1.2) environment, we have four applications/databases (planning and essbase included) and I need to list the total number of users in all applications and see what he put in service and security are. How I might be able to do?
Do I need security on each of them for export and filter or is it possible to check the users in all applications at the same time?
Thank youdeparture from Hyperion wrote:
Thanks for your reply Celvin
Is there a way I can view a list of users by Department?
Y at - it something like that to sort by Department/Group.
Thank youList of users by Department - there are groups of Shared Services, are your groups classified by Department? If the answer to this is 'Yes', then Yes, the export of all shared Services groups will track children (members) in each group.
I don't think that there is some kind of Shared Services, but once the csv file is exported, you can sort it out.
-
Recently we have heard people talk of "Cisco ASA several flaws let users deny remote Service and bypass the security controls" under the securitytracker. However, as everyone knew, ASA 8.3 need a lot more resources on ASA HW to run. I checked that the bugs associated to above problem "CSCtg69742, CSCth36592, CSCtg61810, CSCte53635, CSCte46460, CSCte20030, CSCtf29867, CSCte14901, CSCsz80777, CSCsz36816" in the Cisco Bug Toolkit. None of them show any information if there is a fix for ASA 8.2 (x).
This means that Cisco starts to stop supporting 8.2 (x) and to push customers to their "so-called" best image 8.3 version (x) as a strategy of "marketing?
Cisco is best to find a solution for this problem on 8.2 (x) rather than push customers to something Cisco "love." It may not be the best interest of the customers AT ALL. Instead of pushing customers to ASA 8.3 (x), Cisco likely to push customers to its big competitor Juniper:)
Sean,
I did a quick search on the Bug Toolkit for CSCtg69742 and found the following result.
Fixed in
8.2 (3)
8.3 (1.5)
8.3 (2)
8.2 (2.15)
8.2 (2.107)
100,7 (0.17) M
100.5 (5.16) M
8.3 (1,100)
100.7 (6.1) M
8.4 (0.99)This was posted in the column on the left side of the search results page.
I recommend you research each ID of Bug Bug Toolkit (http://tools.cisco.com/Support/BugToolKit/action.do?hdnAction=searchBugs) for the version name (number) that contains the fix for this bug.
HTH
Amol
-
License problem of security context for Cisco ASA 5585
Hello
Can someone help me in license number for the ASA 5585 security environment,
We recently purchased a box ASA (5585) which has 2 default security context and we had like to have context for this ASA 25 permit and we got two codes PAK of Cisco for 20 licenses and 5 respectively.
When we generate the license key by combining the two codes Portal Cisco PAK and apply the same on ASA, do not see the 25; Instead, it shows only 20.
Is it really possible to stack context like 20 + 5 licenses or to buy a PAK code for any license 25 context?
Please advise me on this.
Thanks in advance!
Kind regards
Kam
Hello
This should probably not be handled with Cisco directly or through the company that got you the license.
To my knowledge, there is a possibility that the you have everything first to install a license key and the other licence could be upgraded from the previous license until the following limit of function under license.
I had several occasions where I was provided with the wrong license and had to communicate with Cisco/provider to get licenses appropriate for my device.
While I was announcing this response I checked the document of licensing for ASA models. It seems to me that there is no security content license 25 for the SAA. The deadline is 20 and license of SC 50 SC
Check this document:
http://www.Cisco.com/en/us/docs/security/ASA/asa84/configuration/guide/intro_license.html#wp1230400
-Jouni
-
ASA with firepower and Licensing Service
Hello
If I buy an ASA with the power of Fire Service (e.g. 5516-X) should which licenses I buy?
I understand that I need to order a license for the Service of firepower. E.g. IPS, URLS, and AMP.
Should I order a license management FireSIGHT, too? The centre of mandatory FireSIGHT management? This license is necessary?
Concerning
You will need the license of control (CTRL). It is free and automatically included with any package of power of fire SKU (i.e. ASA5516-FPWR-K9).
Then you must add the IPS, URLS or AMP (or combination of both) services in term 1, 3 or 5 years.
FireSIGHT Management Center is not required for entry-level (5506, 5508 or 5516) models. It is optional on those you can use the entry firesight level integrated in ASDM for the model.
For all other models, it is necessary. If you manage more than a simple ASA (even an HA pair) it is recommended even for the entry level models that you will be so power sync policies through them all.
-
ASA 5510 w / license more lost security contexts
I have an ASA 5510 with license more than security and when I looked the devices a few days ago, I had 2 contexts, however after you have configured the port of Mgm as a regular port contexts show 0, why? I can't find anywhere on the internet where this problem occurred: this is the result of show worm:
Cisco Adaptive Security Appliance Software Version 7.0 (8)
Updated Sunday, 31 May 08 23:48 by manufacturers
System image file is "disk0: / asa708 - k8.bin.
The configuration file to the startup was "startup-config '.
SHIELDASA01 up to 21 hours 16 minutes
Material: ASA5510, 256 MB of RAM, processor Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256 MB
BIOS Flash M50FW080 @ 0xffe00000, 1024 KB
Hardware encryption device: edge Cisco ASA - 55 x 0 Accelerator (revision 0 x 0)
Start firmware: CNlite-MC-Boot-Cisco - 1.2
SSL/IKE firmware: CNlite-MC-IPSEC-Admin - 3.03
Microcode IPSec:-CNlite-MC-IPSECm-HAND - 2.05
0: Ext: Ethernet0/0: the address is 0021.a025.2d3c, irq 9
1: Ext: Ethernet0/1: the address is 0021.a025.2d3d, irq 9
2: Ext: Ethernet0/2: the address is 0021.a025.2d3e, irq 9
3: Ext: Ethernet0/3: the address is 0021.a025.2d3f, irq 9
4: Ext: Management0/0: the address is 0021.a025.2d3b, irq 11
5: Int: not used: irq 11
6: Int: not used: irq 5
The devices allowed for this platform:
The maximum physical Interfaces: unlimited
VLAN maximum: 25
Internal hosts: unlimited
Failover: Active / standby
VPN - A: enabled
VPN-3DES-AES: enabled
Security contexts: 0
GTP/GPRS: disabled
VPN peers: 150
This platform includes an ASA 5510 Security Plus license.
I'm not showing the serial number and keys licese for obivious reasons. Any help? Thanks in advance.
You might want to try upgrading your IOS on the SAA, see if it can help, can you check the firewall mode (single or multiple) you're currently on? is your asa transparant or routed?
-
Service packs, security updates, and the performance of the PC
First turn off let me say that I am certainly NOT too computer savvy... I know my way around, but do not know what things to say or do... That being said... My computer runs very slowly, even though I have downloaded MSE, clean space disk and Defrag... I was looking on my installed programs, and I have SO MANY service packs and security updates! (1) how security updates day and service packs? (2) they occupy space and make my computer run slower? (3) is it OK to delete the service packs and security updates
1 - security patches close security holes that have been found or improve security in some way. Service Packs are large infrequent updates that contain a selection of 'wound' of many previous updates as well as adding features/features additional.
2 & 3 - Microsoft/Windows updates take little space, but not a huge amount. However, given their importance and usefulness, I highly recommend that you leave alone, and then assign windows Update automatic recommended settings. If you start to remove the updates in a timely manner without the necessary expertise you can cause you problems.
Even if you say that you've defragmented & used cleaning disc, there are a few other things to look at in this article:
-
Windows 7 Security Center service is missing from the (local) services and cannot be started
Hi Experts,
I use the version of windows 7 Home premium. My computer suddenly got hit by the virus and I found the message in the center of action as "Activate windows Security Center service", but when I do, the message I m getting "failed to start the windows Security Center service"
Options, I tried to replace as follows.
one) went to the services (local) and checked the Security Center to check the startup mode but the Security Center is missing here
(b) tried to run the malwarebytes software, he finds some virus and I deletedYet, I could not able to get rid. Help, please
Hello
Some antivirus/security products may cause this error. McAfee, Norton, Windows Live OneCare.
ThreatFire are some. What antivirus/antispyware/security products you have on machine now. And
who have you ever on it, even if you have uninstalled them. (These leave the remains that can cause some)
strange questions.)Start - type in the search-> find abuse at top box - click on - RUN AS ADMIN
Service set to AUTOMATIC (delayed start) Security Center and BEGAN to
Chech also the serices dependent as below.References to Vista also apply to Windows 7.
Check the default services and dependencies to ensure that they are running.
http://wiki.blackviper.com/wiki/Security_CenterSecurity Center not related anti-virus or firewall State correctlyhttp://www.winhelponline.com/blog/security-center-not-reporting-anti-virus-or-firewall-status-correctly/
How to fix Vista Reporting incorrect information Security Center
http://www.Vistax64.com/tutorials/195736-Security-Center-not-reporting-correct-information.htmlHow to disable or enable the Security Center in Vista
http://www.Vistax64.com/tutorials/67737-Security-Center.htmlThis thread might help as it might be a permissions problem.
http://social.answers.Microsoft.com/forums/en-us/vistawu/thread/3d2049ae-4581-439b-8E15-3f603f5c60f0/====================================
To look for the Windows 7 KB and responses for Solutions (most are above).
Searck of Ko &-> 1058 Security Center
http://support.Microsoft.com/search/default.aspx?mode=a&query=1058+Security+Center&SPID=14019&catalog=LCID%3D1033&AST=28&RES=10I hope this helps.
-
I have a Toshiba running Windows 7. I was wondering what was the "Windows Security Center" Service and what it does?
He will tell you the State of the AV / Firewall that is installed. Whether or not they are
-
Multi-tenant IOS Firewall and security even subinterfaces 9.0
Hi all
I'm so used to< 8.3="" and="" am="" having="" great="" difficulty="" getting="" an="" environment="" working="" properly="" so="" i'm="" now="" going="" to="" leverage="" the="" cisco="">
We set up a network with clients behind a pair of 5510 s. All of these clients will have their own dedicated sous-interface in their own VLAN. Out the door, I got inter - allowed security-same interface and all networks communicate with each other. I certainly don't want that, so I have disabled this command and now each network client is unable to communicate with each other, as expected.
The problem now lies in networks where a customer have 2 VLANS separated (say a staging and a prod environment) where they need to communicate. Is it feasible if they are of the same security level and even security allowed inter-interface is disabled? I just need to create an ACL for the networks to talk? Is there a better way to do this with the same security allowed active inter-interface?
8.3 pre, I have same security allowed active inter-interface, but traffic could not speak to the other interface unless I created an exemption NAT and ACLs. Always create a NAT exemption?
Hello
The basic problem that you run with different software levels is the parameter 'nat-control' that exists in 8.2 (or earlier version), but does not exist in version 8.3 (or subsequent version of the Software ASA).
In the 8.2 and pre software you got with the nat configuration change 'control' of requiring a connection to have a NAT configuration to be able to pass traffic through the ASA. Of course this coupled with the 'security level' gave you more changes to control traffic without resorting to the ACL.
However, in the new software of 8.3 and later the "nat-control" level no longer exists and that a connection has a NAT configuration that be applied or not ASA still allows the connection (subject other ASA controls allow) so basically you won't need NAT configurations between your local interface. The most common NAT configurations should be between your local interface and the "external" ASA interface.
If you try to control traffic between interfaces with the global configuration commands you mention, you will eventually be 'juggling' with the 'security level' configurations autour constantly so that the correct rules for traffic is applied.
This question came up on these forums every now and then, and I almost always offer the same approach which is to set up an ACL on EACH interface of the ASA.
- Remember to leave the 'same-security-traffic"on the SAA configurations. It is because even if you have interface ACL allowing traffic, if they are for some reason any left with identical "security level"custom ACL be sufficient to allow the traffic. "
- Configure each interface an ACL
- Initially to configure the ACL to create a "object-group" that will contain EACH network behind your local interface of firewall (except the "outside" ofcourse)
- Use this category 'object' at THE start of ACL interface to BLOCK ALL traffic behind this interface to these networks
- After that allow or block different/Out Internet - linked as usual traffic
- In the same networks 2 (or more) behind the need of different interfaces to communicate with each other, set up a statement that allows early each ACL. The already existing 'decline' exposed with the 'object' group already will ensure that other traffic between networks are blocked
A very simple example, you might want to consider the following
Networks:
- LAN1: 10.10.10.0/24
- LAN2: 10.10.20.0/24
- DMZ1: 192.168.100.0/24
- DMZ2: 192.168.200.0/24
permit same-security-traffic inter-interface
Interface GigabitEthernet0/0
Description box
interface GigabitEthernet0/0.10
VLAN 10
nameif LAN1
security-level 100
IP 10.10.10.1 255.255.255.0
interface GigabitEthernet0/0.20
VLAN 20
nameif LAN2
security-level 100
IP 10.10.20.1 255.255.255.0
interface GigabitEthernet0/0.100
VLAN 100
nameif DMZ1
security-level 100
IP 192.168.100.1 address 255.255.255.0
interface GigabitEthernet0/0,200
VLAN 200
nameif DMZ2
security-level 100
192.168.200.1 IP address 255.255.255.0
object-group network BLOCK-LOCAL-NETWORKS
object-network 10.10.10.0 255.255.255.0
object-network 10.10.20.0 255.255.255.0
object-network 192.168.10.0 255.255.255.0
object-network 192.168.20.0 255.255.255.0
access-list LAN1 - IN note allow HTTP / HTTPS in the DMZ1 Server
access-list LAN1 - permit tcp 10.10.10.0 255.255.0 host 192.168.100.100 eq www
access-list LAN1 - permit tcp 10.10.10.0 255.255.0 host 192.168.100.100 eq https
LAN1-IN access-list note block traffic to another local network
access-list LAN1 - deny ip any object-group NETWORK-LOCAL-BLOCK
Note LAN1-IN access list allows any outbound
access-list IN LAN1 ip 10.10.10.0 allow 255.255.255.0 any
LAN1-IN group access to the LAN1 interface
And of course all other ACL would follow the same model in one form or another. You would really have to worry about traffic is allowed between interfaces, but rather the most work would probably add "allowed" in the upper part of each ACL when required for communication inter-interface. But I guess that the amount of these additions would remain also to a manageable level for FW admins.
Naturally in environments the biggest you would probably get a high-end ASA and virtualize it and separate each customer environment in their own security context where you would avoid this situation together. Naturally the biggest points against this solution usually can be fresh and the fact that virtualize the ASA multiple context mode disables some essential operational capability of the SAA, which the most important is probably the Client VPN connections (VPN L2L is supported in the software in multiple context Mode 9.x)
Hope this helps
Don't forget to mark the reply as the answer if it answered your question. And/or useful response rates
Request more if needed
-Jouni
-
AIP - SSM recreate the image in secondary ASA 5500 (failover) with virtual contexts
Hello guys,.
The scenario is as follows:
2 ASA 5500 with virtual contexts for failover.
The ASA elementary school has the work of the AIP-SSM20.
ASA school (which is in active / standby) has its SSM20 AIP to work now and everything is in production.
Someone tried to configure this 2nd AIP - SSM, changed the password and lost, so I tried to re - the image (without authorized passage recovery), but the connection fails on the TFTP server, where is the image of the AIP - SSM.
Now questions, documentation Cisco re-imaging view orders under ASA #.
but as this scenario has several virtual contexts the ASA # shell contains no IP address as you know (which I suppose is the reason why the ASA cannot download the image from the TFTP server) and switch to another context (ASA / admin #) re-imaging commands do not work (hw-module module 1... etc...).
What is the solution? Is there documentation for it (with security contexts)?
Thank you very much for reading ;) comment on possible solutions.
Yes,
Some things to keep in mind.
(1) run 'debug module start' on the SAA before running the command "hw-module module 1 recover boot. This will show you the ROMMON of the MSS output as it tries to make the new image and you can look for any errors.
(2) before trying to download from the SSM, first use a machine separate download tftp from your laptop. This will ensure the TFTP on your laptop works and confirm what directory (if any) that you can use as the file location.
(3) if the tftp download does not SSM, then the SSM is unable to properly connect to your laptop. You need a crossover cable to connect your laptop to the SSM. If you have a crossover cable, then you could try to connect the MSS and your laptop to a small hub, or configure a new vlan on your switch with only 2 ports and connect the MSS and your computer laptop this vlan 2 port.
(4) also try the download first at the end of the gateway to 0.0.0.0 since your laptop and the SSM will be on the same subnet. If this does not work then you can try a non-existent 30.0.0.4 address as gateway.
(5) understand that the IP address that you specify for the MSS using the command "configure the hw-module module 1 recover" is just temporary for download. Once an image is installed, then sitting at the module and run the "setup" command in order to configure the permanent address you want ure on external port of the SSM. This address in the "setup" command can the same as that used in the command 'get the 1 hw-module module configure' or a completely new (as in your case). Just make sure that you connect to the network just to what address you give.
-
Disable the protocols and encryption algorithms in VMware View connection server and security
Hello
In my recent deployment, I had a customer request to disable some protocols and encryption at the Server VMware View connection and security. I read some articles and found that this has been achieved by editing the locked.properties file. But when we have edited and replaced the file, users could not connect to the virtual desktop, so came back to us backwards and desktop computers worked fine.
I found a few articles that we don't need to edit the locked.properties file in VMware view Horizon 6. If someone has done this please guide me through. Here are the details of the protocols and encryption algorithms that should be disabled
Diffie-Hellman key
Enable SSL v2/V3 and TLS 1.1 and 1.2
Disable the RC4 encryption algorithm
Select the secret of transfer (if possible)
VMware view 6 is the connection to the server and security server.
Thank you.
Hello
I implemented the following steps (from the manual):
1. update the JCE policy files to take in charge the high-strength Cipher Suites
You can add some cipher suites of high resistance for greater assurance, but first you must update the local_policy.jar and US_export_policy.jar files to each server instance and the security strategy for JRE 7 see connection to the server. You update these policy files by downloading the files to extend JCE (Java Cryptography) unlimited strength political jurisdiction from the Oracle Java SE download site 7.
If you include some high-strength cipher suites in the list and you do not replace the policy files, you cannot restart the VMware view Horizon connection to the Server service.
Policy files are located in the directory C:\Program View\Server\jre\lib\security from VMware.
For more information on the download of the JCE unlimited strength jurisdiction policy 7 files, see the Oracle Java SE download site: http://www.oracle.com/technetwork/java/javase/downloads/index.html.
After you update the policy files, you need to create backups of the files. If you upgrade the instance of the view connection server or security server, any changes you have made to these files can be replaced, and you may need to restore the backup files.
2. the changes that policies of global acceptance with ADSI Edit
- Start the ADSI utility on your computer see connection to the server.
- In the console tree, select Connect to
- In the selection or type a unique name text box or a naming context, type the unique name
DC, DC = vdi is vmware, DC = int. - In the type or select a text field or the server box, select or type localhost: 389 or the name of a fully qualified domain (FQDN) of the server computer to connect to port 389 followed view.
For example: localhost: 389 or mycomputer.mydomain.com:389
- Expand the tree of the ADSI Editor, OU = properties, select OU = Global, then select OU = common in the right pane.
- On the object CN = common, Global = UO, UO = properties, select each attribute that you want to change and enter the new list of security protocols or cipher suites.
I used the following settings:
EAP-ServerSSLCipherSuites: \LIST:TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256
EAP-ServerSSLSecureProtocols_ \LIST:TLSv1.1,TLSv1.2
It is not the highest possible, but they work with all the features of our customers.
- Restart the service of VMware view Horizon connection server (server connection and security).
This is not Activate secret transfer (if possible) , but other points are covered.
If anyone can give a tip to activate the transfer secret, I would be grateful.
-
I've updated to fire fox and now can not connected to a webstite but I can't in other browsers...
I've updated to fire fox and can not now connected to: https://portal.recampus.com/re/hogue-school/portal/login but I can't in other browsers...
I make sure to check that Internet security software is up-to-date.
Remove Firefox from your program of trust list, and then add it again. For detailed instructions, see Configure the firewall so that Firefox can access the Internet but no luck.
I was ruining Firefox version 36.0 before I updated...
Thanks for any help!https://www.ssllabs.com/ssltest/analyze.html?d=portal.recampus.com & hideResults = we
The site uses TLS 1.0 (an older version of SSL), 37 as obsolete Firefox modes. It is a change of 36 of Firefox.
You can open the topic: config page via the address bar and use the search bar to locate this pref:
Security.TLS.insecure_fallback_hosts
You can double-click the line to edit the prefs and add the domain to this preference.
If there are already websites (domains) in this list, then add a comma and the new domain (without space).
You should see fields separated by a comma in the value column.You can open the topic: config page via the address bar.
You can accept the warning and click on "I'll be careful" to continue.http://kb.mozillazine.org/about:config
-
No mapping between account names and security IDS was done
Hello
I have a laptop of Acer under Vista Home Premium Service Pack 1. I open advanced user accounts of & assistance, and I saw two names my old & news of the administrator. He used my name as the user name and my new name as the display name, so I deleted the old username & changed to match the full name (the new name). After the change has been made, I get an error message "no mapping between account names and security IDS was done 26EE0668-A00A-44D7-9371-BEB064-C98683. Now I can't access control panel to make changes to account. Help & Support in the start menu and Windows Explorer are no longer works. Tools on the toolbar doesn't work or the other. I can't yet run a virus scan. I did find something useful from my own research. Help!
Thank you
Cheeszz
P.S. I also started a McAfee Quick Clean to remove undesirable accumulation of the computer. He cleaned the keys to an orphan registry, internet cache, temporary files & lost file fragments. I don't know if he has also nothing to do with the error message.Hello Cheeszz,
Thanks for posting your question on the Microsoft answers Forum.
Essentially, you get the "no mapping between account names and security IDS was done" is because you now have an orphaned user account. This occurred when you deleted your old username which was still in use by the system under the name of each user name has a unique SID.
I suggest that run you a system restore point, then you can go back to a previous point in time before you deleted the name of the user.
Follow the article below for the establishment of a system restore procedure.936212 KB - how to repair the operating system and how to restore the configuration of the operating system to an earlier point in time in Windows Vista
http://support.Microsoft.com/kb/936212You can also create a manual system restore point so that you can restore to that State in case of problems.
Right-click on the computer icon in the desktop, then choose Properties
In the left pane, click System Protection
Alternatively, to directly access the System Protection tab, click Start and type SystemPropertiesProtection.exe.
If you are prompted for an administrator password or a confirmation, type the password or provide confirmation.
Click the System Protection tab and then click on create.
In the System Protection dialog box, type a description, and then click on create.If you do not have a restore point system, try to see if LastKnownGood configuration might work for you.
Click on the URL link to get help setting up the last known good configuration:
http://windowshelp.Microsoft.com/Windows/en-us/help/cdb4c0dd-5698-4197-B906-d6a6d413621d1033.mspxPlease respond and let me know if these suggestions helped get your problem solved or if you still need help.
Sincerely,
Marilyn
Microsoft Answers Support Engineer
Visit our Microsoft answers feedback Forum and let us know what you think. -
Custom and Security Center alert keeps appearing allow to turn on.
I got a security alert will appear on my notification area, last night. I went to check my Security Center my firewall works and defender will work but is off I use AVG security on my computer, but when I went to do my Security Center it won't allow me to turn it on. I scanned my computer with AVG and tool repair tool program I had for some time called errorwiz, but still does not work. Please help me to resolve this issue.
Hello
AVG has been known to disable the Security Center.
AVG 8.x and 9.x even caused a lot of problems. If you decide to remove it using their removal tool
and download, but not install any replacement before you run it.Download - SAVE - go to where you put (all) - click right on - RUN AS ADMIN - REBOOT when each
is made and before the following.AVG removal tool
http://www.Avg.com/us-en/download-tools-------------------------------------------------
Some antivirus/security products may cause this error. McAfee, Norton, Windows Live OneCare.
ThreatFire are some. What antivirus/antispyware/security products you have on machine now. And
who have you ever on it, even if you have uninstalled them. (They leave leftovers that cause
strange questions.) Therefore a number in your case.Check the default services and dependencies to ensure that they are running.
http://www.blackviper.com/WinVista/services/Security_Center.htmSecurity Center not related anti-virus or firewall State correctlyhttp://www.winhelponline.com/blog/security-center-not-reporting-anti-virus-or-firewall-status-correctly/
How to fix Vista Reporting incorrect information Security Center
http://www.Vistax64.com/tutorials/195736-Security-Center-not-reporting-correct-information.htmlHow to disable or enable the Security Center in Vista
http://www.Vistax64.com/tutorials/67737-Security-Center.htmlThis thread might help as it might be a permissions problem.
http://social.answers.Microsoft.com/forums/en-us/vistawu/thread/3d2049ae-4581-439b-8E15-3f603f5c60f0/=====================================
Here's what I use and recommend:
Download - SAVE - go to where you put (all) - click right on - RUN AS ADMIN - REBOOT when each
is made and before the following.Avast and Prevx proved extremely reliable and compatible with everything I threw at them.
Microsoft Security Essentials and Prevx have also proven very reliable and compatible.Avast Home free - stop any shields is not necessary except away from Standard, Web and network is working.
Prevx - Home - free
Windows Firewall
Windows Defender (is not necessary if you use MSE)
Protected IE - mode
IE 8 - SmartScreen filter WE (IE 7 phishing filter)
I also IE always start with asset if filter InPrivate IE 8.
(Sometimes you have to temporarily turn off with the little icon to the left of the + bottom right of IE)Avast - stop home - free - all shields you do no need except leave Standard, Web and network running.
(Double-click the blue icon - details look OK. - upper left Shields - those that you do not cancel).
http://www.avast.com/eng/avast_4_home.htmlOr use Microsoft Security Essentials - free
http://www.Microsoft.com/Security_Essentials/Prevx works well alongside MSE or Avast
Prevx - Home - small, fast, exceptional CLOUD free protection, working with other security programs. It comes
a scan only, VERY EFFICIENT, if it finds something to come back here or use Google to see how to remove.
http://www.prevx.com/ <-->
http://info.prevx.com/downloadcsi.asp <-->PCmag - Prevx - Editor's choice
http://www.PCMag.com/Article2/0, 2817,2346862,00.aspAlso get Malwarebytes - free - use as scanner only. If you ever suspect malware, and that would be unusual with
Avast and Prevx running except a low occasional (not much), updated cookie and then run it as
a scanner. I have a lot of scanners and they never find anything of note that I started to use this configuration.I hope this helps.
Rob - bicycle - Mark Twain said it is good.
Maybe you are looking for
-
Re: Can I install Win7 on my laptop Satellite NB?
Hello I took a photo with the webcam and has always been, it appears at the beginning of the pc before the password.Yet, she is no longer in the folder "image film library. I think it's great, how can I please delete? Another question: is it possible
-
Hello... I know very little computers so any simple advice would be apreciated. I have a HP Pavilion dv600 (vista 32 bit). It has a mounted Nvidia geforce Go 6150 graphics card. I use mostly this laptop with photoshop to edit photos. Because of the l
-
Droid 2 app Motospeak will not work
So, I am struggling with Motospeak for little less than a week now. I pre-ordered and waited anxiously, the Motorola Finiti not only for its elegant design and looks fancy, but for the characteristics of Motospeak so. Voice commands on my Droid 2 are
-
phone call received today on 11 August. Claiming they were Microsoft. Mr did not name. Lady was Christina. Is - is this legitimate?Thank you for your help.
-
Want to know how my computers can I put my XP - Pro on legally.
I want to install t on my Macbook Pro using Parallels or Vmware