Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
Cisco IOS Firewall Full Report

Cisco IOS Firewall Full Report

Ratings: (0)|Views: 192 |Likes:
Published by Monisha Phalguni

More info:

Published by: Monisha Phalguni on Feb 05, 2012
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

01/31/2013

pdf

text

original

 
Seminar Report ’03
Cisco IOS FirewallDept. of IT MESCE, Kuttippuram
-1-
INTRODUCTION
The Cisco IOS Firewall, provides robust, integratedfirewall and intrusion detection functionality for every perimeterof the network. Available for a wide range of Cisco IOSsoftware-based routers, the Cisco IOS Firewall offerssophisticated security and policy enforcement for connectionswithin an organization (intranet) and between partner networks(extranets), as well as for securing Internet connectivity forremote and branch offices.A security-specific, value-add option for Cisco IOSSoftware, the Cisco IOS Firewall enhances existing Cisco IOSsecurity capabilities, such as authentication, encryption, andfailover, with state-of-the-art security features, such as stateful,application-based filtering (context-based access control),defense against network attacks, per user authentication andauthorization, and real-time alerts.The Cisco IOS Firewall is configurable via CiscoConfigMaker software, an easy-to-use Microsoft Windows 95,98, NT 4.0 based software tool.
 
Seminar Report ’03
Cisco IOS FirewallDept. of IT MESCE, Kuttippuram
-2-
CHAPTER ONE
FIREWALL BASICS
Definition Of FireWall
A FireWall is a network security device that ensures that
all communications attempting to cross it meet an organization’s
security policy.FireWalls track and control communicationsdeciding whether to allow ,reject or encrypt communications.
FireWalls are used to connect a corporate’s local network
to the Internet and also within networks.In otherwords theystand in between the trusted network and the untrustednetwork.
Design and Implementation issues
Basic Design Decisions in a FireWallThe first and most important decision reflects the policy ofhow your company or organization wants to operate the system.Is the firewall in place to explicitly deny all services except thosecritical to the mission of connecting to the net, or is the firewallis in place to provide a metered and audited method of
‘Queuing’ access in a non
-threatening manner. The second iswhat level of monitoring, reducing and control do you want?Having established the acceptable risk level you can form a
 
Seminar Report ’03
Cisco IOS FirewallDept. of IT MESCE, Kuttippuram
-3-
checklist of what should be monitored, permitted and denied.The third issue is financial.Implementation methodsTwo basic methods to implement a firewall are1.As a Screening Router:A screening router is a special computer or an electronicdevice that screens (filters out) specific packets based on thecriteria that is defined. Almost all current screening routersoperate in the following manner.a. Packet Filter criteria must be stored for the ports of thepacket filter device. The packet filter criteria are calledpacket filter ruler.b. When the packets arrive at the port, the packet header isparsed. Most packet filters examine the fields in only theIP, TCP and UDP headers.c. The packet filter rules are stored in a specific order. Eachrule is applied to the packet in the order in which thepacket filter is stored.d. If the rule blocks the transmission or reception of a packetthe packet is not allowed.e. If the rule allows the transmission or reception of a packetthe packet is allowed.f. If a packet does not satisfy any rule it is blocked.

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->