Summary

Previous page
Table of content
Next page

In this chapter, you used ASDM to configure the ASA/PIX Security Appliance to enable the users inside your business or enterprise to securely access the World Wide Web.

In this chapter, you did the following:

  • Gained an understanding of basic networking terminology

  • Defined a network topology

  • Assigned IP addresses to the network devices

  • Configured connectivity between the ASA/PIX Security Appliance and the PC running ASDM

  • Used the ASDM Startup Wizard to configure your network

Table 5-2 provides a summary of the network terminology defined in this chapter.

Table 5-2. Network Terminology Summary

Terminology

Definition

Inside IP address

The IP address of the inside interface of your firewall.

Outside IP address

The IP address of the outside interface of your firewall. This is provided by your service provider.

Default gateway

The next-hop IP address of your firewall outside interface. This is provided by your service provider.

Domain name

This is optional. If you are providing public services, you need to identify a domain name for those services. Either your ISP or a web registration service provides the domain name.

Public services

The public services include mail, web, or DNS servers. The intent of a public server is to share or exchange data with other Internet users. You may elect not to manage your own services and have your ISP manage the services for you.

Network address translation

This protocol enables you to use private addresses inside your network and still obtain Internet access.

Access passwords

These passwords allow privileged access to your firewall.

Inside addressing options (DHCP)

These are IP addresses that need to be assigned to devices on the inside of your firewall.

Internet

Several thousands of networks and hosts interconnected that reach all over the globe.

Service provider

The Internet service provider is a company that provides you with your access point into the Internet.


You then defined a topology that described your Internet connection in relation to your firewall and your protected users. The firewall outside interface, Ethernet 0, was plugged into a network connection provided by your ISP. Your inside users were connected to the inside of your firewall on the interface Ethernet 1.

IP addresses were then defined for both the outside and the inside interfaces of the ASA/PIX Security Appliance.

You were then stepped through the following three-step process to connect your PC to your ASA/PIX Security Appliance using ASDM:

1.

You used the ASA/PIX Security Appliance console and a series of native commands to configure a security appliance interface port.

2.

You used the security appliance console and a series of native commands that allowed your PC to have ASDM access to the ASA/PIX Security Appliance.

3.

You upgraded the Java Runtime Environment on your PC so that it could run ASDM.

After connectivity was established between the ASA/PIX Security Appliance and your PC, you used the ASDM Startup Wizard to configure the ASA/PIX Security Appliance. The following parameters were configured during these steps:

  • ASA/PIX Security Appliance host name Device identification

  • Domain name Unique Internet suffix associated with all of your hosts

  • Enable password Allows privileged access to the ASA/PIX Security Appliance

  • Outside interface IP address, gateway address, and security level

  • Inside interface addressing DHCP addresses to be automatically given to hosts as they access the inside network

  • Network address translation Translates private inside addresses so that they can use the Internet

  • Access filter for DNS Allows DNS to go through the ASA/PIX Security Appliance so that inside users can resolve URLs

Now that you have finished this chapter, you have secure connectivity to the Internet. Traffic can be sourced only from the inside and sent to the Internet. Any traffic sourced from the Internet will be blocked by the firewall.

This chapter represents only step one in securing your network. The following chapters provide you with step-by-step instructions on how to fully integrate security into your network. If you have no plans to host public mail or web servers, you can skip Chapter 6 and proceed to Chapter 7.

  • Chapter 6, "Deploying Web and Mail Services"

  • Chapter 7, "Deploying Authentication"

  • Chapter 8, "Deploying Perimeter Protection"

  • Chapter 9, "Deploying Network Intrusion Prevention"

  • Chapter 10, "Deploying Host Intrusion Prevention"

  • Chapter 11, "Deploying VPNs"


Previous page
Table of content
Next page
Securing Your Business with Cisco ASA and PIX Firewalls
Securing Your Business with Cisco ASA and PIX Firewalls
ISBN: 1587052148
EAN: 2147483647
Year: 2006
Pages: 120
Authors: Greg Abelar
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
Agile Project Management: Creating Innovative Products (2nd Edition)
An Introduction to Design Patterns in C++ with Qt 4
Special Edition Using Crystal Reports 10
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
What is Lean Six Sigma
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy