Xem mẫu
Cisco Firewalling Solutions: Cisco IOS Zone-Based Firewall and Cisco ASA
© 2012 Cisco and/or its affiliates. All rights reserved. 1
Contents
At the end of this chapter, you will be able to do the following:
• Introduce and describe the function, operational framework, and building blocks of Cisco IOS Zone-Based Firewalls
• Describe the functions of zones and zone pairs, as well as their relationship in hierarchical policies
• Describe Cisco Common Classification Policy Language for creating zone-based firewall policies
• List the default policies for the different combinations of zone types
• Demonstrate the configuration and verification of zone-based firewalls using Cisco Configuration Professional and the CLI
• Demonstrate the configuration of NAT services for zone-based firewalls
• Describe the Cisco ASAfamily of products, identifying key supported features
• Describe the building blocks of Cisco ASAconfiguration
•20Describe. thee navigation options, features, and requirements of Cisco 2
Cisco Firewall Solutions
Cisco offers multiple different firewall solutions, each geared to a different environment. Currently, Cisco Firewall offerings include
• Cisco IOS Firewall
• Cisco ASA 5500 Adaptive Security Appliances
• Cisco ASA 1000V Cloud Firewall
• Cisco Virtual Security Gateway for Nexus 1000V Series Switch
• Cisco Catalyst 6500 Series ASAServices Module
• Cisco Catalyst 6500 Series Firewall Services Module
• Cisco Small Business SA500 Series Security Appliances
© 2012 Cisco and/or its affiliates. All rights reserved. 3
Cisco IOS Zone-Based Policy Firewall
© 2012 Cisco and/or its affiliates. All rights reserved. 4
Zone-Based Policy Firewall Overview
To demonstrate this model, the figure shows three zones:
• Untrusted: Represents the Internet
• DMZ: Demilitarized zone, which contains the corporate servers accessed by the public
• Trusted: Represents the inside network
© 2012 Cisco and/or its affiliates. All rights reserved. 5
...
- tailieumienphi.vn
nguon tai.lieu . vn