O'Reilly logo

Securing Your Business with Cisco ASA and PIX Firewalls by Greg Abelar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Intrusion Prevention Enhancements

The new service policy rules can actually fall into the category of perimeter protection or intrusion prevention. In the ASA/PIX Security Appliance, intrusion prevention is thought of in two ways:

  • Signature protection— Protection based on signature matches with an associated action such as drop, alarm, and reset.

  • Application firewall— Protection based on protocol compliance and optionally user configuration. Protocol compliance stops malicious software that tries to use HTTP as a tunneling protocol to pass other data besides web traffic through your security device. You are also given the option to write your own customer rules to enforce security features such as blocking file attachments and URI size overloading. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required