#1
11th February 2016, 12:43 PM
| |||
| |||
Cisco FW
Hello buddy!!! Can you please provide me details of the Cisco IOS Firewall as I want to get the information about this??
|
#2
11th February 2016, 12:43 PM
| |||
| |||
Re: Cisco FW
Cisco IOS Firewall is a stateful security software component of Cisco IOS Software. Firewall integration in Cisco IOS routers augments a router's inherent capabilities: multitopology interfaces, industry-standard routing protocols, and a broad range of services, as well as an expanding group of other security features such as virtual private network (VPN) and intrusion prevention system (IPS) features. Cisco IOS Firewall interoperates with other Cisco IOS Software technologies, including Network Address Translation (NAT), quality of service (QoS), and IP Security (IPsec) and Secure Sockets Layer (SSL) VPN, to become a vital component of an end-to-end network security infrastructure. Features of Cisco IOS -Network zone segmentation -Protect stored cardholder data -Management options and flexibility -Application traffic rate and session control -High availability -Virtual (VRF-aware) firewall -Authentication proxy PCI -Track and monitor all access to network resources and cardholder data -Transparent firewall -Policy-map policing and session control -Instant messenger blocking Benefits of Cisco IOS -Precise zone segmentation capabilities facilitate deploying security for internal, external and DMZ subgroups on the network to prevent unauthorized access. -Enable management access from Cisco Configuration Professional, Cisco Security Manager, Unified Firewall MIB, and audit trail and logging. -Policy-map policing applies rate limits to firewall policies to control network bandwidth usage. Session policing limits connection rates to network hosts and helps protect against denial-of-service (DoS) attacks. -Stateful Failover provides for active and standby failover between two routers for most TCP-based services. Firewall session state is maintained such that active sessions continue even during a router or circuit failure. -VRF-aware firewall functions offer virtual firewalls for isolated route space and overlapping addresses. -Network administrators can authenticate and authorize each user's access to network resources with Cisco IOS Firewall Authentication Proxy using HTTP, Telnet, FTP, and HTTPS interfaces. -A transparent firewall facilitates insertion of a stateful Layer 2 firewall within an existing network, without readdressing statically defined devices. It provides the same Layer 3-7 filtering as "routed" mode, but offers the simplicity of bump-in-the-wire deployment. -Policy-map policing applies rate limits to firewall policies to control network bandwidth usage. Session policing limits connection rates to network hosts and helps protect against DoS attacks. -Instant messenger blocking offers per-service control to block or allow MSN Messenger, Yahoo! Messenger, Windows Messenger and AOL Instant Messenger. It allows service restriction to text-chat only, blocking voice and video chat, and file transfer. -Peer-to-peer control individually blocks access to BitTorrent, Gnutella, KaZaA, and eDonkey file-sharing networks. Service-specific improvements were introduced in Cisco IOS Software Release 12.4(9)T to limit certain activities supported by certain peer-to-peer networks. |