10Studying Advanced Firewalls
This chapter will focus on the following topics:
- – CISCO ASA firewalls:
- - ASA models,
- - modes of using ASA equipment,
- - an overview of ASA 5505;
- – configuring ASA using CLI:
- - the types of ASA licenses,
- - configuring the interfaces,
- - configuring the DHCP service,
- - configuring ACLs,
- - configuring the NAT service,
- - configuring the AAA;
- – configuring Cisco devices using the CCP and ASDM graphic tools;
- – the TMG 2010 firewall.
10.1. Cisco ASA firewalls
10.1.1. Introduction
A Cisco ASA (Adaptive Security Appliance) is a security device that combines a firewall, an antivirus, an Intrusion Prevention System (IPS) and VPN functionalities. It thus offers a wide range of technologies and solutions for effective network security.
10.1.2. ASA models
- – There are different models of ASAs. All the models offer advanced firewall and VPN functionalities. The biggest difference between the models is the maximal flow of traffic that can be managed by each model and the number and the types of interfaces. An ASA model is chosen based on the requirements of an organization, such as the flow, maximal connections per second and the company’s budget.
- – ASA devices also support virtualization environments. These environments run the same software as the physical device in order to offer the same security features.
Figure 10.1. The different ASA models1
Get Computer Network Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
