Lecture CCNA security partner - Chapter 9: Firewall Fundamentals and Network Address Translation

Firewall Fundamentals and Network Address Translation © 2012 Cisco and/or its affiliates. All rights reserved. 1 Ethics • The information security profession has a number of formalized codes: – International Information Systems Security Certification Consortium, Inc (ISC)2 Code of Ethics – Computer Ethics Institute (CEI) – Internet Activities Board (IAB) – Generally Accepted System Security Principles (GASSP) © 2012 Cisco and/or its affiliates. All rights reserved. 2 Contents This chapter teaches firewall concepts, technologies, and design principles.At the end of this chapter, you will be able to do the following: • Explain the operations of the different types of firewall technologies • Describe firewall technologies that historically have played, and still play, a role in network access control and security architectures • Introduce and describe the function and building blocks of Network Address Translation • List design considerations for firewall deployment • Describe guidelines for firewall ruleset creation © 2012 Cisco and/or its affiliates. All rights reserved. 3 Introducing Firewall Technologies • Afirewall protects network devices from intentional, hostile intrusions that could threaten information assurance (availability, confidentiality, and integrity) or lead to a denial-of-service (DoS) attack. • Afirewall can protect a hardware device or a software program running on a secure host computer. • This chapter introduces the firewall technologies that Cisco uses in routers and security appliances. © 2012 Cisco and/or its affiliates. All rights reserved. 4 Firewall Fundamentals Afirewall is a pair of mechanisms that perform these two separate functions, which are set by policies: • One mechanism blocks bad traffic. • The second mechanism permits good traffic. Firewall: Enforcing Access Control © 2012 Cisco and/or its affiliates. All rights reserved. 5 ... - tailieumienphi.vn