Cisco Secure Firewall Services Module (FWSM)
Best practices for securing networks with FWSM
Ray Blair, CCIE® No. 7050
Arvind Durai, CCIE No. 7016
The Firewall Services Module (FWSM) is a high-performance stateful-inspection firewall that integrates into the Cisco® 6500 switch and 7600 router chassis. The FWSM monitors traffic flows using application inspection engines to provide a strong level of network security. The FWSM defines the security parameter and enables the enforcement of security policies through authentication, access control lists, and protocol inspection. The FWSM is a key component to anyone deploying network security.
Cisco Secure Firewall Services Module (FWSM) covers all aspects of the FWSM. The book provides a detailed look at how the FWSM processes information, as well as installation advice, configuration details, recommendations for network integration, and reviews of operation and management. This book provides you with a single source that comprehensively answers how and why the FWSM functions as it does. This information enables you to successfully deploy the FWSM and gain the greatest functional benefit from your deployment. Practical examples throughout show you how other customers have successfully deployed the FWSM.
By reading this book, you will learn how the FWSM functions, the differences between the FWSM and the ASA Security Appliance, how to implement and maintain the FWSM, the latest features of the FWSM, and how to configure common installations.
Ray Blair, CCIE® No. 7050, is a consulting systems architect who has been with Cisco for more than 8 years, working primarily on security and large network designs. He has 20 years of experience in designing, implementing, and maintaining networks that have included nearly all networking technologies. Mr. Blair maintains three CCIE certifications in Routing and Switching, Security, and Service Provider. He is also a CNE and a CISSP.
Arvind Durai, CCIE No. 7016, is an advanced services technical leader for Cisco. His primary responsibility has been in supporting major Cisco customers in the enterprise sector. One of his focuses has been on security, and he has authored several white papers and design guides in various technologies. Mr. Durai maintains two CCIE certifications, in Routing and Switching and Security.
Understand modes of operation, security levels, and contexts for the FWSM
Configure routing protocols and the host-chassis to support the FWSM
Deploy ACLs and Authentication, Authorization, and Accounting (AAA)
Apply class and policy maps
Configure multiple FWSMs for failover support
Configure application and protocol inspection
Filter traffic using filter servers, ActiveX, and Java filtering functions
Learn how IP multicast and the FWSM interact
Increase performance with firewall load balancing
Configure IPv6 and asymmetric routing
Mitigate network attacks using shunning, anti-spoofing, connection limits, and timeouts
Examine network design, management, and troubleshooting best practices
This security book is part of the Cisco Press® Networking Technology series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.
Category: Networking: Security
Covers: Firewall security
Table of Contents
- Title Page
- Copyright Page
- Part I Introduction
- Part II Initial Configuration
Part III Advanced Configuration
- Chapter 12 Understanding Failover in FWSM
- Chapter 13 Understanding Application Protocol Inspection
- Chapter 14 Filtering
- Chapter 15 Managing and Monitoring the FWSM
- Chapter 16 Multicast
- Chapter 17 Asymmetric Routing
- Chapter 18 Firewall Load Balancing
- Chapter 19 IP Version 6
- Chapter 20 Preventing Network Attacks
- Chapter 21 Troubleshooting the FWSM
- Part IV Design Guidelines and Configuration Examples
- Part V FWSM 4.x
- Title: Cisco Secure Firewall Services Module (FWSM)
- Release date: August 2008
- Publisher(s): Cisco Press
- ISBN: 9781587056093