Summary

Previous page
Table of content
Next page

This chapter explained how to deploy IPsec VPNs on the security appliance and how to monitor those sessions. It included client configuration as well as ASA/PIX Security Appliance configuration using ASDM.

You have now completed all the steps to deploy defense in depth in your network. You have

  • Configured your initial security appliance and connected it to the Internet (Chapter 5).

  • Added a web and a mail server (Chapter 6).

  • Deployed authentication to the ASA/PIX Security Appliance and authenticated connections to web services (Chapter 7).

  • Deployed perimeter protection (Chapter 8).

  • Deployed intrusion detection (Chapter 9).

  • Deployed host intrusion prevention (Chapter 10).

In this chapter, you deployed VPN on your ASA/PIX Security Appliance. VPN enables employees and partners to work remotely and have complete secure access to your internal network. VPNs have the following security attributes:

  • User sessions are authenticated with usernames and passwords.

  • Tunnels are authenticated with secret preshared keys.

  • Data is encrypted so that it cannot be sniffed off of the network.

  • Data is authenticated using a private key so that you know the data came from the trusted client that authenticated on your network.

  • Networking dialup costs are reduced because your remote users can dial local ISPs to connect with VPN, reducing long-distance and toll-charged phone costs.

You used ASDM to configured VPN tunnels and to monitor and control the tunnels.

VPN monitor statistics gave you all the information the ASA/PIX Security Appliance has about VPN tunnels, including the following:

  • Number of tunnels

  • Username of the connection

  • Tunnel group name of the connection

  • IP address information

  • Protocol encryption information

  • Login time duration

  • Bytes in and bytes out

  • Full session information, including IKE parameters and ports used

  • Access lists applied to the sessions

  • IKE and IPSec parameters

In additional to viewing statistics, the monitor control panel also conveniently gives you substantial control over your VPN tunnels. It enables you to

  • Log out a VPN tunnel.

  • Ping a client with an established tunnel.

  • Log out a tunnel by username, IP address, tunnel group, or protocol.


Previous page
Table of content
Next page
Securing Your Business with Cisco ASA and PIX Firewalls
Securing Your Business with Cisco ASA and PIX Firewalls
ISBN: 1587052148
EAN: 2147483647
Year: 2006
Pages: 120
Authors: Greg Abelar
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
Metrics and Models in Software Quality Engineering (2nd Edition)
The CISSP and CAP Prep Guide: Platinum Edition
Adobe After Effects 7.0 Studio Techniques
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
GDI+ Programming with C#
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy