Chapter6.Controlling Access Through the Firewall

Previous page
Table of content
Next page

team bbl


Chapter 6. Controlling Access Through the Firewall

Refer to the following sections for information about these topics:

  • 6-1: Transparent Firewall Mode Discusses the transparent mode of firewall operation and its Layer 2 behavior. This section also covers the steps needed to configure transparent mode.

  • 6-2: Routed Firewall Mode and Address Translation Presents the routed mode of firewall operation and the underlying Layer 3 address translation methods. This section covers the configuration steps needed to translate IP addresses from one firewall interface to another. Several different methods of address translation are possible, each of which is covered.

  • 6-3: Controlling Access with Access Lists Describes the steps you can use to configure object groups and access lists to define firewall policies.

  • 6-4: Filtering Content Covers third-party web content-filtering applications you can use to control outbound access through a firewall.

  • 6-5: Defining Security Policies in a Modular Policy Framework Explains the modular approach to configuring and enforcing security policies, as introduced in PIX 7.0. Traffic can be matched with one type of module and acted on within another module. The whole hierarchy of policies is then applied to firewall interfaces.

  • 6-6: Application Inspection Provides an overview of the mechanisms a Cisco firewall uses to inspect specific application traffic. Some applications embed information about their connections within normal traffic, requiring additional inspection by the firewall.

  • 6-7: Shunning Traffic Presents a method you can use to manually and immediately stop traffic to and from hosts. This is particularly useful when a host is attacking others and needs to be stopped.

A firewall's main function is to provide effective security between pairs of its interfaces. To do this, all the traffic destined to pass through it must undergo a variety of operations, inspections, trans-lations, filters, and special handling. You must configure each aspect of these actions to thoroughly enforce the security policies that apply to your network.

All the features related to controlling user access through the firewall are described in this chapter. The size of this chapter is a testament to the broad range of security policy tools available to you as a firewall administrator.

    team bbl


    Previous page
    Table of content
    Next page
    Cisco ASA and PIX Firewall Handbook
    CCNP BCMSN Exam Certification Guide (3rd Edition)
    ISBN: 1587051583
    EAN: 2147483647
    Year: 2003
    Pages: 120
    Authors: David Hucaby
    BUY ON AMAZON
    Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
    Inside Network Security Assessment: Guarding Your IT Infrastructure
    Metrics and Models in Software Quality Engineering (2nd Edition)
    Adobe After Effects 7.0 Studio Techniques
    Building Web Applications with UML (2nd Edition)
    Programming .Net Windows Applications
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy