Lecture CCNA security partner - Chapter 10: Cisco Firewalling Solutions Cisco IOS Zone-Based Firewall and Cisco ASA

This chapter explains the two Cisco Firewall solutions: Cisco IOS Zone-Based Policy Firewalls and Cisco Adaptive Security Appliance. It describes in detail Cisco IOS Zone-Based Policy Firewall, and how the solution uses the Cisco Common Classification Policy Language (C3PL) for creating firewall policies. The chapter then presents the Cisco ASA firewall, identifying key supported features and the building blocks of its configuration using ASDM. | Cisco Firewalling Solutions: Cisco IOS Zone-Based Firewall and Cisco ASA 1 At the end of this chapter, you will be able to do the following: • Introduce and describe the function, operational framework, and building blocks of Cisco IOS Zone-Based Firewalls • Describe the functions of zones and zone pairs, as well as their relationship in hierarchical policies • Describe Cisco Common Classification Policy Language for creating zone-based firewall policies • List the default policies for the different combinations of zone types • Demonstrate the configuration and verification of zone-based firewalls using Cisco Configuration Professional and the CLI • Demonstrate the configuration of NAT services for zone-based firewalls • Describe the Cisco ASA family of products, identifying key supported features • Describe the building blocks of Cisco ASA configuration • Describe the navigation options, features, and requirements of Cisco ASDM • Describe the use of access control lists on Cisco ASA | Cisco Firewalling Solutions: Cisco IOS Zone-Based Firewall and Cisco ASA 1 At the end of this chapter, you will be able to do the following: • Introduce and describe the function, operational framework, and building blocks of Cisco IOS Zone-Based Firewalls • Describe the functions of zones and zone pairs, as well as their relationship in hierarchical policies • Describe Cisco Common Classification Policy Language for creating zone-based firewall policies • List the default policies for the different combinations of zone types • Demonstrate the configuration and verification of zone-based firewalls using Cisco Configuration Professional and the CLI • Demonstrate the configuration of NAT services for zone-based firewalls • Describe the Cisco ASA family of products, identifying key supported features • Describe the building blocks of Cisco ASA configuration • Describe the navigation options, features, and requirements of Cisco ASDM • Describe the use of access control lists on Cisco ASA • Describe the deployment of policies using the Cisco Modular Policy Framework • Describe the configuration procedure to deploy basic outbound access control on Cisco ASA using Cisco ASDM Contents Cisco offers multiple different firewall solutions, each geared to a different environment. Currently, Cisco Firewall offerings include • Cisco IOS Firewall • Cisco ASA 5500 Adaptive Security Appliances • Cisco ASA 1000V Cloud Firewall • Cisco Virtual Security Gateway for Nexus 1000V Series Switch • Cisco Catalyst 6500 Series ASA Services Module • Cisco Catalyst 6500 Series Firewall Services Module • Cisco Small Business SA500 Series Security Appliances Cisco Firewall Solutions Cisco IOS Zone-Based Policy Firewall 4 To demonstrate this model, the figure shows three zones: • Untrusted: Represents the Internet • DMZ: Demilitarized zone, which contains the corporate servers accessed by the public • Trusted: Represents the inside network Zone-Based Policy Firewall Overview The interzone policies

Không thể tạo bản xem trước, hãy bấm tải xuống
TÀI LIỆU MỚI ĐĂNG
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.