3-1. Configuring Interfaces
Every firewall has one or more interfaces that can be used to connect to a network. To pass and inspect traffic, each firewall interface must be configured with the following attributes:
IP address and subnet mask (IPv4; beginning with PIX 7.x, IPv6 is also supported)
Security level (a higher level is considered more secure)
Traffic is allowed to flow from a higher-security interface to a lower-security interface (“inside” to “outside,” for example) as soon as access list, stateful inspection, and address translation require-ments are met. Traffic from a lower-security interface to a higher one must pass additional inspection and filtering checks.
Firewall interfaces can be physical, where actual network media cables ...