introduction to firewalls and the adaptive security appliance (asa).pdf
TRANSCRIPT
-
1 2014 Cisco Systems, Inc. All rights reserved.Cisco Networking Academy, U.S./Canada
Introduction to Firewalls and the Cisco Adaptive Security Appliance (ASA)
Mr. Jim RiedmuellerNetwork EngineerJanus Research Group, Inc.dbf IT Training Center, US Army National Guard Professional Education Center, USA
-
2 2014 Cisco Systems, Inc. All rights reserved.Cisco Networking Academy, U.S./Canada
CCNA R/S & SecurityCCNP R/S & Voice
CCNA & CCNP Instructor Trainer
Grandfather, Razorback Fan, Motorcycle Enthusiast, US Army Retired
More about the Speaker
-
3 2014 Cisco Systems, Inc. All rights reserved.Cisco Networking Academy, U.S./Canada
Goals and Agenda
At the end of this session, the participant will
Understand what a Firewall is
Be familiar with the different types of Firewall
Be familiar with the range of Cisco Firewalls
Be familiar with the ASA 5505 and 5510 devices
Understand the basic operational principles of the ASA
-
4 2014 Cisco Systems, Inc. All rights reserved.Cisco Networking Academy, U.S./Canada
Defining The FirewallA Firewall is a software- or hardware-based network security system that connects two or more networks together and permits or restricts the flow of information between the connected networks according to a set of rules
-
5 2014 Cisco Systems, Inc. All rights reserved.Cisco Networking Academy, U.S./Canada
Types Of Firewalls Packet Filtering Firewall
Application Layer Firewall
Stateful Multilayer Inspection Firewall
-
6 2014 Cisco Systems, Inc. All rights reserved.Cisco Networking Academy, U.S./Canada
The Cisco Adaptive Security Appliance
Provides intelligent threat defense and secure communications services that stop attacks before they impact business continuity. The Cisco ASA 5500 series enables organizations to lower their deployment and operations costs while delivering comprehensive network security for networks of all sizes
-
7 2014 Cisco Systems, Inc. All rights reserved.Cisco Networking Academy, U.S./Canada
ASA 5505
-
8 2014 Cisco Systems, Inc. All rights reserved.Cisco Networking Academy, U.S./Canada
ASA 5510*
Four 10/100Ethernet ports
10/100 out-of-bandmanagement port
AUX port
CompactFlash(disk1)
Two USB 2.0 ports
Power supply(AC or DC)Console port
*The 5510, 5520, and 5540 all have the same hardware form factor. They differ in terms of interface capability (FastEthernet vs GigabitEthernet) and licensing options
-
9 2014 Cisco Systems, Inc. All rights reserved.Cisco Networking Academy, U.S./Canada
Security Levels and Traffic Flow
OutsideSecurity Level = 0
InsideSecurity Level = 100
DMZSecurity Level = 50
-
10 2014 Cisco Systems, Inc. All rights reserved.Cisco Networking Academy, U.S./Canada
Modes of Operation
192.168.1.0/24
172.16.1.0/24
192.168.1.1
172.16.1.1
Routed Mode
10.1.1.0/30
.1 .2
Transparent Mode
M0/010.1.1.1VLAN 10
E0/1.5172.16.1.1VLAN 5
E0/1.9172.20.1.1VLAN 9
Sharing E0/099.0.0.2
Sharing E0/099.0.0.3
Admin PC10.1.1.99/24VLAN 10
Cust A PC172.16.1.99/24VLAN 5
Cust B PC172.20.1.99/24VLAN 9
Multi-context Mode
-
11 2014 Cisco Systems, Inc. All rights reserved.Cisco Networking Academy, U.S./Canada
ActiveActiveActive
StandbyStandbyStandby
High Availability
FailoverControl
Active
Standby
StandbyActiveActive
ActiveStandbyStandby
Active
-
12 2014 Cisco Systems, Inc. All rights reserved.Cisco Networking Academy, U.S./Canada
Review
In this session, we have:
Defined what a Firewall is and the different types of Firewall
Become familiar with a portion of Cisco's Firewall product portfolio
Discussed the basic operational principles of the ASA
-
13 2014 Cisco Systems, Inc. All rights reserved.Cisco Networking Academy, U.S./Canada
Thank you!
Slide 1More about the SpeakerGoals and AgendaDefining The FirewallTypes Of FirewallsThe Cisco Adaptive Security ApplianceASA 5505ASA 5510*Security Levels and Traffic FlowModes of OperationHigh AvailabilityReviewThank you!