You are previewing Cisco ASA and PIX Firewall Handbook.
O'Reilly logo
Cisco ASA and PIX Firewall Handbook

Book Description

The complete guide to the most popular Cisco PIX®, ASA, FWSM, and IOS® firewall security features

  • Learn about the various firewall models, user interfaces, feature sets, and configuration methods

  • Understand how a Cisco firewall inspects traffic

  • Configure firewall interfaces, routing, IP addressing services, and IP multicast support

  • Maintain security contexts and Flash and configuration files, manage users, and monitor firewalls with SNMP

  • Authenticate, authorize, and maintain accounting records for firewall users

  • Control access through the firewall by implementing transparent and routed firewall modes, address translation, traffic filtering, user authentication, content filtering, application inspection, and traffic shunning

  • Increase firewall availability with firewall failover operation

  • Understand how firewall load balancing works

  • Generate firewall activity logs and learn how to analyze the contents of the log

  • Verify firewall operation and connectivity and observe data passing through a firewall

  • Control access and manage activity on the Cisco IOS firewall

  • Configure a Cisco firewall to act as an IDS sensor

  • Every organization has data, facilities, and workflow processes that are critical to their success. As more organizations make greater use of the Internet, defending against network attacks becomes crucial for businesses. Productivity gains and returns on company investments are at risk if the network is not properly defended. Firewalls have emerged as the essential foundation component in any network security architecture.

    Cisco ASA and PIX Firewall Handbook is a guide for the most commonly implemented features of the popular Cisco Systems® firewall security solutions. This is the first book to cover the revolutionary Cisco ASA and PIX® version 7 security appliances. This book will help you quickly and easily configure, integrate, and manage the entire suite of Cisco® firewall products, including Cisco ASA, PIX version 7 and 6.3, the Cisco IOS router firewall, and the Catalyst Firewall Services Module (FWSM). Organized by families of features, this book helps you get up to speed quickly and efficiently on topics such as file management, building connectivity, controlling access, firewall management, increasing availability with failover, load balancing, logging, and verifying operation. Shaded thumbtabs mark each section for quick reference and each section provides information in a concise format, with background, configuration, and example components. Each section also has a quick reference table of commands that you can use to troubleshoot or display information about the features presented. Appendixes present lists of well-known IP protocol numbers, ICMP message types, and IP port numbers that are supported in firewall configuration commands and provide a quick reference to the many logging messages that can be generated from a Cisco PIX, ASA, FWSM, or IOS firewall.

    Whether you are looking for an introduction to the firewall features of the new ASA security appliance, a guide to configuring firewalls with the new Cisco PIX version 7 operating system, or a complete reference for making the most out of your Cisco ASA, PIX, IOS, and FWSM firewall deployments, Cisco ASA and PIX Firewall Handbook helps you achieve maximum protection of your network resources.

    “Many books on network security and firewalls settle for a discussion focused primarily on concepts and theory. This book, however, goes well beyond these topics. It covers in tremendous detail the information every network and security administrator needs to know when configuring and managing market-leading firewall products from Cisco.”

    —Jason Nolet, Sr. Director of Engineering, Security Technology Group, Cisco Systems 

    This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

    Table of Contents

    1. Copyright
    2. About the Author
    3. About the Technical Reviewers
    4. Acknowledgments
    5. Icons Used in This Book
    6. Command Syntax Conventions
    7. Foreword
    8. Introduction
    9. Firewall Overview
      1. Overview of Firewall Operation
      2. Inspection Engines for ICMP, UDP, and TCP
      3. Hardware and Performance
      4. Basic Security Policy Guidelines
    10. Configuration Fundamentals
      1. User Interface
      2. Firewall Features and Licenses
      3. Initial Firewall Configuration
    11. Building Connectivity
      1. Configuring Interfaces
      2. Configuring Routing
      3. DHCP Server Functions
      4. Multicast Support
    12. Firewall Management
      1. Using Security Contexts to Make Virtual Firewalls
      2. Managing the Flash File System
      3. Managing Configuration Files
      4. Managing Administrative Sessions
      5. Firewall Reloads and Crashes
      6. Monitoring a Firewall with SNMP
    13. Managing Firewall Users
      1. Managing Generic Users
      2. Managing Users with a Local Database
      3. Defining AAA Servers for User Management
      4. Configuring AAA to Manage Administrative Users
      5. Configuring AAA for End-User Cut-Through Proxy
      6. Firewall Password Recovery
    14. Controlling Access Through the Firewall
      1. Transparent Firewall Mode
      2. Routed Firewall Mode and Address Translation
      3. Controlling Access with Access Lists
      4. Filtering Content
      5. Defining Security Policies in a Modular Policy Framework
      6. Application Inspection
      7. Shunning Traffic
    15. Increasing Firewall Availability with Failover
      1. Firewall Failover Overview
      2. Configuring Firewall Failover
      3. Firewall Failover Configuration Examples
      4. Managing Firewall Failover
      5. Upgrading Firewalls in Failover Mode
    16. Firewall Load Balancing
      1. Firewall Load Balancing Overview
      2. Firewall Load Balancing in Software
      3. Firewall Load Balancing in Hardware
      4. Firewall Load-Balancing Appliance
    17. Firewall Logging
      1. Managing the Firewall Clock
      2. Generating Logging Messages
      3. Fine-Tuning Logging Message Generation
      4. Analyzing Firewall Logs
    18. Verifying Firewall Operation
      1. Checking Firewall Vital Signs
      2. Watching Data Pass Through a Firewall
      3. Verifying Firewall Connectivity
    19. Cisco IOS Firewall: Controlling Access
      1. IOS Transparent Firewall
      2. Configuring Network Address Translation
      3. Configuring IOS Firewall Stateful Inspection
      4. HTTP, Java, and URL Filtering
    20. Cisco IOS Firewall: Managing Activity
      1. Synchronizing the IOS Firewall Clock
      2. Configuring IOS Firewall Logging
      3. Using Authentication Proxy to Manage User Access
    21. Intrusion Detection System (IDS) Sensors
      1. IDS Overview
      2. IDS Embedded Sensor Configuration
      3. Monitoring IDS Activity
      4. IDS Sensor Signature List
    22. Well-Known Protocol and Port Numbers
      1. IP Protocol Numbers
      2. ICMP Message Types
      3. IP Port Numbers
    23. Security Appliance Logging Messages
      1. Alerts—Syslog Severity Level 1 Messages
      2. Critical—Syslog Severity Level 2 Messages
      3. Errors—Syslog Severity Level 3 Messages
      4. Warnings—Syslog Severity Level 4 Messages
      5. Notifications—Syslog Severity Level 5 Messages
      6. Informational—Syslog Severity Level 6 Messages
      7. B-7: Debugging—Syslog Severity Level 7 Messages
    24. Index