11-3. Configuring IOS Firewall Stateful Inspection
An IOS firewall can inspect traffic passing through according to the expected state or behavior of each protocol used. This stateful inspection process is called Content-Based Access Control (CBAC).
When a router becomes an IOS firewall by enabling CBAC, you should begin to think of the router interfaces in firewall terms. Some of the interfaces are connected to protected networks, where data or services must be secured. Others connect to public or unprotected networks, where untrusted users and resources are located.
For example, the FastEthernet 0/0 interface might become the inside firewall interface. FastEthernet 0/1 might become the outside interface, because it lies toward the Internet. ...
Get Cisco ASA and PIX Firewall Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
