| This book is meant to be used as a tool in your day-to-day tasks as a network or security administrator, engineer, consultant, or student. I have attempted to provide a thorough explanation of many of the more complex firewall features. When you better understand how a firewall works, you will find it much easier to configure and troubleshoot. This book is divided into chapters that present quick facts, configuration steps, and explanations of configuration options for each Cisco firewall feature. The chapters and appendixes are as follows: Chapter 1, "Firewall Overview" Describes how a Cisco firewall inspects traffic. It also offers concise information about the various firewall models and their performance. Chapter 2, "Configuration Fundamentals" Discusses the Cisco firewall user interface, feature sets, and configuration methods. Chapter 3, "Building Connectivity" Explains how to configure firewall interfaces, routing, IP addressing services, and IP multicast support. Chapter 4, "Firewall Management" Explains how to configure and maintain security contexts, Flash files, and configuration files; how to manage users; and how to monitor firewalls with SNMP. Chapter 5, "Managing Firewall Users" Covers the methods you can use to authenticate, authorize, and maintain accounting records for a firewall's administrative and end users. Chapter 6, "Controlling Access Through the Firewall" Describes the operation and configuration of the transparent and routed firewall modes. Other topics include address translation, traffic filtering, user authentication, content filtering, application inspection, and traffic shunning. Chapter 7, "Increasing Firewall Availability with Failover" Explains firewall failover operation and gives configuration information. Chapter 8, "Firewall Load Balancing" Discusses how firewall load balancing works and how it can be implemented in a production network. Chapter 9, "Firewall Logging" Explains how to configure a firewall to generate an activity log, as well as how to analyze the log's contents. Chapter 10, "Verifying Firewall Operation" Covers how to check a firewall's vital signs to determine its health, how to verify its connectivity, and how to observe data that is passing through it. Chapter 11, "Cisco IOS Firewall: Controlling Access" Presents the address translation, traffic inspection, and content filtering features that can be used on a device running the Cisco IOS software. Chapter 12, "Cisco IOS Firewall: Managing Activity" Discusses IOS firewall logging, configuring the firewall clock for time stamps, and authenticating users through an IOS firewall. Chapter 13, "Intrusion Detection System (IDS) Sensors" Explains how a Cisco firewall (PIX or IOS) can act as an IDS sensor and how you can configure it to do so. Appendix A, "Well-Known Protocol and Port Numbers" Presents lists of well-known IP protocol numbers, ICMP message types, and IP port numbers that are supported in firewall configuration commands. Appendix B, "Security Appliance Logging Messages" Provides a quick reference to the many logging messages that can be generated from a PIX, ASA, or FWSM firewall.
|
