I have a Cisco ASA in my network. It works as my Firewall, VPN Server.
I cannot retire the ASA, because it ties to my IPS system.
Since many port scanners attacks to my network, a friend of mine recommend me to use a Mikrotik.
I am wondering if I can place Microtik between the router of my ISP and the ASA to just block all the port scanners. However, I do not know what will happen to my legitimate traffic such as VPN, RDP, and all other services.
Is it a practical solution?
Can I route all legitimate traffic from Mikrotik to the ASA and vice versa?