Cisco ASA and PIX Firewall Handbook

6-5. Defining Security Policies in a Modular Policy Framework

Traditionally, Cisco firewalls have supported security policies that are applied to all traffic passing through them. Although that does offer a common level of security to all the protected networks and hosts, it doesn't offer a way to fine-tune or vary the policies according to differing requirements.

Beginning with PIX 7.0, a Cisco firewall can be configured to provide security policies that are tailored for various traffic types, quality of service (QoS), or inspection requirements. This is known as the modular policy framework (MPF).

With the MPF feature, you can define policies to identify a specific set of traffic and take any of the following actions on it:

Apply application ...

Get Cisco ASA and PIX Firewall Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cisco ASA and PIX Firewall Handbook by Dave Hucaby

6-5. Defining Security Policies in a Modular Policy Framework

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly