O'Reilly logo

Securing Your Business with Cisco ASA and PIX Firewalls by Greg Abelar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Network Intrusion Prevention

Network-based intrusion prevention is a key component of defense in depth and the ASA/PIX Security Appliance. The purpose of this technology is to recognize and stop attacks when they flow through the appliance. The ASA/PIX version 7 operating system implements two basic forms of network intrusion prevention; one is signature-based, and the other is behavior-based and is called application firewall features.

Signature-based intrusion prevention is similar to the way that antivirus software works on a host. The prevention device looks for a sequence of bytes on the network that matches an attack string; if the string matches, the device can either drop the traffic or report the attack to a logging server. Using the ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required