This enables much more complex rules to be created and instead of only being able to block traffic based on source or destination IP addresses, rules can now be created to block traffic based on the protocol being used or to block a particular application.
Packet filtering is able to determine what protocol is being used such as TCP, UDP, RTP etc and which application is sending this traffic. Packet filtering also known as Deep packet inspection goes much further than simply matching IP addresses to an allowed list. This means that all traffic from the specific security zone going out to other networks (zones) will pass through the ASA which will impose its firewall controls to the traffic.Ī Cisco ASA is able to carry out the following services in addition to the core Stateful Packet Inspection functionality: Cisco ASA Main Core Security Features Packet Filtering All hosts inside this security zone (subnet) will have as gateway the IP address configured on the ASA firewall interface. The Cisco ASA has many physical interfaces which can be further divided into “sub-interfaces” using VLANs.Įach one of these firewall interfaces is connected to a “security zone” which is basically a Layer 3 subnet. Stateful packet inspection checks an access control list to see if the source or destination IP address (and/or ports) of the incoming packet is allowed access to the network or not. A network firewall is based on Stateful packet inspection, which I will explain below.Ī stateful network firewall, such as the Cisco ASA, typically uses stateful packet inspection to prevent unauthorised traffic from entering the network from the outside or prevent unauthorised traffic from being passed between security zones internally within a network.Ī stateful firewall keeps track of all the sessions that have been initiated from user devices inside the network and allows the responding traffic from outside the network to pass through to the initiating device. Let’s explain briefly what the core network firewall functionality is for the Cisco ASA. What is Adaptive Security Device Manager (ASDM).
0 kommentar(er)
