ASA Part One

Transféré par

Ratnesh Kumar

0% ont trouvé ce document utile (0 vote)

90 vues9 pages

Introduction to Cisco ASA Firewall

Copyright

Formats disponibles

PPTX, PDF, TXT ou lisez en ligne sur Scribd

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Signaler ce document

Introduction to Cisco ASA Firewall

Droits d'auteur :

Formats disponibles

Téléchargez comme PPTX, PDF, TXT ou lisez en ligne sur Scribd

Signaler comme contenu inapproprié

0% ont trouvé ce document utile (0 vote)

90 vues9 pages

ASA Part One

Transféré par

Ratnesh Kumar

Introduction to Cisco ASA Firewall

Droits d'auteur :

Formats disponibles

Téléchargez comme PPTX, PDF, TXT ou lisez en ligne sur Scribd

Signaler comme contenu inapproprié

Passer à la page

Vous êtes sur la page 1sur 9

Rechercher à l'intérieur du document

ASA Agenda: Overview

Device Initialization
Routing Protocols
ACLs & Object Groups
MPF and Application Inspection
Quality of Service
NAT
Transparent firewall
Multiple Context mode
High Availability
System Management

ASA Overview
Stateful Firewall Filtering
- Supports Application Aware Inspection
VPN Termination
- Supports both IPsec and SSL VPNs
Intrusion Prevention System (IPS)
- IPS 5.x on Advanced Inspection and
Prevention(AIP)
Security Service Module (SSM)
Content Filtering (Virus,spy-ware, spam
etc)
- Content Security and control (CSC)
Security Service Module(SSM)

ASA Stateful firewall Filtering

Track traffic that moves from trusted network to the
untrusted network
- E.g Inside to Outside interface
Create an entry in the state table for the traffic flow
- E.g TCP port 80 HTTP session from Client A to server
B
Track traffic that tries to enter from the untrusted
network to the trusted network
- If an entry exits in the state table, permit it
E.g the return HTTP flow from sever B to Client A
If no entry exists in the state table , deny it
E.g NMAP port scan from the outside network

ASA Security Levels

ASA classifies the levels of "trust" of an interface
by its
security-levels
- Range of 0 - 100
100 is the most trusted interface
- Assigned to interface "inside" by default
0 is the most untrusted interface
- Assigned to all other interface by default

ASA Security Levels

Traffic from higher to lower security levels
- permit by default
- E.g Inside to Outside
Traffic from lower to higher security levels
- permit if state already exists
- Deny if no state by default
- E.g Outside to Inside
Traffic between interfaces of same security
- Deny by default
- Exception with same-security-traffic permit
{inter-interface | intra-interface}

ASA Context Mode

ASA supports two different context modes of
operation
- Single context mode
- Multiple context mode ( Virtual firewalls)
Single Context Mode
- Shared Configuration for all interfaces, security
policies, routing
table , administrations etc.
Multiple Context Mode
- Separate configuration, interfaces, policies per
virtual context
- Allows for multiple virtual firewall for managed
services or policy separation.

ASA Firewall Modes

ASA supports two different firewall modes of
operation
- Routed firewall
- Transparent firewall
Routed Firewall
- Interfaces are in different subnets and different
VLANS
- Traffic is routed between interfaces :means the
need for static or dynamic routing protocols
Transparent firewall
- Interfaces are in the same subnet but different
VLANS
- Traffic is bridged between interfaces

ASA Context Modes & Firewall

Modes
Context Modes and firewall Modes can run
in any combination
- Single Context Mode Routed Firewall
- Single Context Mode Transparent Firewall
- Multiple Context Mode Routed Firewall
- Multiple Context Mode Transparent Firewall

ASA VPN Termination

Supports both IPsec and SSL VPN Termination
- IPsec with AH, ESP , ESP over UDP and TCP
- SSL over TCP
Supports both LAN to LAN and Remote Access VPNs
- IPsec LAN to LAN
. AKA site to site
- IPsec Remote Access
. AKA Easy VPN Server / Client
- SSL Remote Access
. Clientless VPN (WebVPN)
. Anyconnect SSL VPN Client

Vous aimerez peut-être aussi

Cisco WSA IronPort Overview
Document78 pages
Cisco WSA IronPort Overview
Quang Anh
Pas encore d'évaluation
Module 4: Inter-VLAN Routing: Instructor Materials
Document44 pages
Module 4: Inter-VLAN Routing: Instructor Materials
giovannyram8339
100% (1)
WLAN
Document13 pages
WLAN
150ashok150
Pas encore d'évaluation
IEEE 802.11ax - An: Osama Aboul-Magd Huawei Technologies, Canada
Document30 pages
IEEE 802.11ax - An: Osama Aboul-Magd Huawei Technologies, Canada
Dayanna
Pas encore d'évaluation
MC7301 - Computer Networks
Document5 pages
MC7301 - Computer Networks
Hari Kumar S
Pas encore d'évaluation
Ccna 1) What Is An IP Address?
Document15 pages
Ccna 1) What Is An IP Address?
pankaj_subhedar
Pas encore d'évaluation
Pass4sure-Final Exam Ccna, CCNP 100% Update Daily PDF
Document4 pages
Pass4sure-Final Exam Ccna, CCNP 100% Update Daily PDF
Osama Jamil
Pas encore d'évaluation
Qo S
Document2 pages
Qo S
Randy Dookheran
Pas encore d'évaluation
f5 Floatingip Itselfip
Document2 pages
f5 Floatingip Itselfip
haha
Pas encore d'évaluation
CCIE Notes From Experience
Document27 pages
CCIE Notes From Experience
api-3817990
Pas encore d'évaluation
Creating A VSPAN Session: Objective
Document4 pages
Creating A VSPAN Session: Objective
Javier Mosquera Carrillo
Pas encore d'évaluation
IOS Zone Based Firewall Step-by-Step Basic Configuration
Document14 pages
IOS Zone Based Firewall Step-by-Step Basic Configuration
Mario Nikić
Pas encore d'évaluation
Introduction of OTV in Nexus
Document62 pages
Introduction of OTV in Nexus
sukant1980
Pas encore d'évaluation
Configuring RSTP
Document4 pages
Configuring RSTP
Jose Benitez
Pas encore d'évaluation
RTL Register Transfer Language
Document12 pages
RTL Register Transfer Language
Daniel Rizvi
Pas encore d'évaluation
CCNP Studies - Configuring DHCP Snooping - Packet Pushers PDF
Document10 pages
CCNP Studies - Configuring DHCP Snooping - Packet Pushers PDF
Kaymaynaija
Pas encore d'évaluation
EIGRP Notes
Document2 pages
EIGRP Notes
chrisg1
Pas encore d'évaluation
Ipv 6
Document24 pages
Ipv 6
Mohamed Khalid R. Jubara
Pas encore d'évaluation
Understanding MACsec Security (MACsec
Document5 pages
Understanding MACsec Security (MACsec
Shivbraham Singh Rajawat
Pas encore d'évaluation
CCNET Handbook - Good Summary For Networking Ideas
Document42 pages
CCNET Handbook - Good Summary For Networking Ideas
Anas Elgaud
Pas encore d'évaluation
Routing Protocols For AD-Hoc Wireless Networks
Document20 pages
Routing Protocols For AD-Hoc Wireless Networks
Shachi P Gowda
Pas encore d'évaluation
WLC Faq
Document21 pages
WLC Faq
api-3703368
Pas encore d'évaluation
SRWE Module 10
Document26 pages
SRWE Module 10
حمدان ناصر الغيثي
Pas encore d'évaluation
Ethernet Switching User Guide PDF
Document1 678 pages
Ethernet Switching User Guide PDF
Trần Hoàng Thông
Pas encore d'évaluation
Juniper EX 4200 Virtual Chassis Performance
Document12 pages
Juniper EX 4200 Virtual Chassis Performance
rakeshsingh005
Pas encore d'évaluation
Cisco IOS Zone Based Firewall Tutorial
Document12 pages
Cisco IOS Zone Based Firewall Tutorial
useryon
Pas encore d'évaluation
Policy Based Routing SIM (Formatted)
Document3 pages
Policy Based Routing SIM (Formatted)
Gossan Anicet
Pas encore d'évaluation
SETTING UP GRE TUNNELS
Document4 pages
SETTING UP GRE TUNNELS
amit_iihtdhn280
Pas encore d'évaluation
Core Java document title
Document191 pages
Core Java document title
Subhabrata Mishra
Pas encore d'évaluation
Module 10: LAN Security Concepts: Instructor Materials
Document41 pages
Module 10: LAN Security Concepts: Instructor Materials
Kim Andre Macaraeg
Pas encore d'évaluation
Security VPN Ipsec@@@ PDF
Document1 678 pages
Security VPN Ipsec@@@ PDF
Asif Raza
Pas encore d'évaluation
Module 8 - Policy Based Routing: ISP/IXP Networking Workshop Lab
Document15 pages
Module 8 - Policy Based Routing: ISP/IXP Networking Workshop Lab
maracyberstation
Pas encore d'évaluation
LAN and WAN Connectivity
Document11 pages
LAN and WAN Connectivity
debabratalogon
50% (2)
CCNA Presentation on Networking Fundamentals
Document38 pages
CCNA Presentation on Networking Fundamentals
Gagan Sardana
Pas encore d'évaluation
PIM Sparse Mode: 1 1999-2001, Cisco Systems, Inc
Document138 pages
PIM Sparse Mode: 1 1999-2001, Cisco Systems, Inc
jramongv
Pas encore d'évaluation
Ccna Data Center Dcicn 200
Document6 pages
Ccna Data Center Dcicn 200
Carlos
Pas encore d'évaluation
BRKCRS 2000
Document73 pages
BRKCRS 2000
Pankaj
Pas encore d'évaluation
Dynamic Routing Scalable Infrastructure Workshop
Document18 pages
Dynamic Routing Scalable Infrastructure Workshop
R.k.Thapa
100% (1)
Certkiller 300-101 Exam Guide
Document101 pages
Certkiller 300-101 Exam Guide
KAy Cee
100% (4)
WSA 9-2-0 UserGuide PDF
Document286 pages
WSA 9-2-0 UserGuide PDF
Anonymous RjuGfeQN7d
Pas encore d'évaluation
Cisco Catalyst 3850 10G PDF
Document37 pages
Cisco Catalyst 3850 10G PDF
Cesar Rene Parada Flores
Pas encore d'évaluation
Communication Protocols For Embedded Systems
Document9 pages
Communication Protocols For Embedded Systems
Gaurav Kumar
Pas encore d'évaluation
Wireless LAN Controller (WLC) FAQ - Cisco
Document19 pages
Wireless LAN Controller (WLC) FAQ - Cisco
अमित सिंह
Pas encore d'évaluation
Fabric Path Switching
Document1 page
Fabric Path Switching
Walter Valverde
Pas encore d'évaluation
STP - RSTP - MSTP Comparison Lab
Document28 pages
STP - RSTP - MSTP Comparison Lab
bruce flores
Pas encore d'évaluation
Juniper VPN
Document386 pages
Juniper VPN
Raunak Anand
Pas encore d'évaluation
Lab 9.2.7 Troubleshooting Using Network Utilities
Document5 pages
Lab 9.2.7 Troubleshooting Using Network Utilities
onlycisco.tk
Pas encore d'évaluation
MPLS-Enabled Applications: Emerging Developments and New Technologies
D'Everand
MPLS-Enabled Applications: Emerging Developments and New Technologies
Ina Minei
Évaluation : 4 sur 5 étoiles
4/5 (4)
Firewall Technologies: Packet Filtering, Stateful Filtering, Application Gateways
Document45 pages
Firewall Technologies: Packet Filtering, Stateful Filtering, Application Gateways
Niko
Pas encore d'évaluation
ASA Firewall Interview Questions and Answers Vol 1.0
Document14 pages
ASA Firewall Interview Questions and Answers Vol 1.0
Syed Mo
Pas encore d'évaluation
NETVÆRK Notes
Document8 pages
NETVÆRK Notes
Duxie Doogie
Pas encore d'évaluation
Scor 10
Document10 pages
Scor 10
Ahmed El kayal
Pas encore d'évaluation
CCNP Security PDF
Document310 pages
CCNP Security PDF
Mohd Rumman
Pas encore d'évaluation
6 IP Security
Document30 pages
6 IP Security
WHATSAPP STATUSLY
Pas encore d'évaluation
Cisco ASA firewall features under 40 chars
Document2 pages
Cisco ASA firewall features under 40 chars
Deepak Kardam
Pas encore d'évaluation
CCNP Security Firewall Notes
Document44 pages
CCNP Security Firewall Notes
dwthomas
Pas encore d'évaluation
CCIE Security Bootcamp v6
Document256 pages
CCIE Security Bootcamp v6
Mathieu N'guessan
100% (1)
1.4.1 Cisco Network Foundation Protection
Document6 pages
1.4.1 Cisco Network Foundation Protection
dhananjayagamage
Pas encore d'évaluation
Firewalls: Dr.P.V.Lakshmi Information Technology GIT, GITAM University
Document31 pages
Firewalls: Dr.P.V.Lakshmi Information Technology GIT, GITAM University
Nishant Madaan
Pas encore d'évaluation
Ccna Security Ch14 Configuring Basic Firewall Policies Cisco Asa
Document38 pages
Ccna Security Ch14 Configuring Basic Firewall Policies Cisco Asa
florinn81
Pas encore d'évaluation
Prime Part 3
Document10 pages
Prime Part 3
Ratnesh Kumar
Pas encore d'évaluation
ASA Multiple Context
Document39 pages
ASA Multiple Context
Ratnesh Kumar
Pas encore d'évaluation
Cisco P Rime Infrastructure 3.1 V1 30 Minutes Part 4 Scenario 5. Reports
Document7 pages
Cisco P Rime Infrastructure 3.1 V1 30 Minutes Part 4 Scenario 5. Reports
Ratnesh Kumar
Pas encore d'évaluation
Cisco Prime Infrastructure 3.1 V1 30 Minutes Part 1 Scenario 2. Visualizing The Network
Document11 pages
Cisco Prime Infrastructure 3.1 V1 30 Minutes Part 1 Scenario 2. Visualizing The Network
Ratnesh Kumar
Pas encore d'évaluation
IWAN App Lab v1 (With LiveAction Integration)
Document56 pages
IWAN App Lab v1 (With LiveAction Integration)
Ratnesh Kumar
Pas encore d'évaluation
Ccna Security Section 3b
Document21 pages
Ccna Security Section 3b
Ratnesh Kumar
Pas encore d'évaluation
Apic 1 PNP
Document14 pages
Apic 1 PNP
Ratnesh Kumar
Pas encore d'évaluation
CCNA Security Part 4 Firewall
Document83 pages
CCNA Security Part 4 Firewall
Ratnesh Kumar
Pas encore d'évaluation
Cisco Prime Infrastructure 3.1 V1 30 Minutes Part 1 Scenario 1: Dashboard
Document14 pages
Cisco Prime Infrastructure 3.1 V1 30 Minutes Part 1 Scenario 1: Dashboard
Ratnesh Kumar
Pas encore d'évaluation
6500 Part 3
Document62 pages
6500 Part 3
Ratnesh Kumar
Pas encore d'évaluation
LiveAction 6.0 For IWAN Management and PfRv3 Deployment v2
Document23 pages
LiveAction 6.0 For IWAN Management and PfRv3 Deployment v2
Ratnesh Kumar
Pas encore d'évaluation
6500 Part 7
Document30 pages
6500 Part 7
Ratnesh Kumar
Pas encore d'évaluation
Ccna Security Part 2c
Document29 pages
Ccna Security Part 2c
Ratnesh Kumar
Pas encore d'évaluation
6500 Part 2
Document47 pages
6500 Part 2
Ratnesh Kumar
Pas encore d'évaluation
Multicast Basics Part 8
Document12 pages
Multicast Basics Part 8
Ratnesh Kumar
Pas encore d'évaluation
Chassis Overview Fan Tray Overview Power Supply Overview
Document22 pages
Chassis Overview Fan Tray Overview Power Supply Overview
Ratnesh Kumar
Pas encore d'évaluation
6500 Part 4
Document57 pages
6500 Part 4
Ratnesh Kumar
Pas encore d'évaluation
Multicast Basics Part 5
Document10 pages
Multicast Basics Part 5
Ratnesh Kumar
Pas encore d'évaluation
Multicast Basics Part 7
Document6 pages
Multicast Basics Part 7
Ratnesh Kumar
Pas encore d'évaluation
Multicast Basics Part 6
Document11 pages
Multicast Basics Part 6
Ratnesh Kumar
Pas encore d'évaluation
Ccna Security Section 3a
Document21 pages
Ccna Security Section 3a
Ratnesh Kumar
Pas encore d'évaluation
Multicast Basics Part 4
Document10 pages
Multicast Basics Part 4
Ratnesh Kumar
Pas encore d'évaluation
Multicast Basics Part 1
Document19 pages
Multicast Basics Part 1
Ratnesh Kumar
Pas encore d'évaluation
Multicast Basics Part 3
Document6 pages
Multicast Basics Part 3
Ratnesh Kumar
Pas encore d'évaluation
Multicast Basics Part 4
Document10 pages
Multicast Basics Part 4
Ratnesh Kumar
Pas encore d'évaluation
Ccna Security Part 2b
Document13 pages
Ccna Security Part 2b
Ratnesh Kumar
Pas encore d'évaluation
CCNA Security: Chapter Two Securing Network Devices
Document16 pages
CCNA Security: Chapter Two Securing Network Devices
Ratnesh Kumar
Pas encore d'évaluation
Multicast Basics Part 2
Document26 pages
Multicast Basics Part 2
Ratnesh Kumar
Pas encore d'évaluation
SeC Part2
Document29 pages
SeC Part2
Ratnesh Kumar
Pas encore d'évaluation
Storage Area Networking Part 2
Document14 pages
Storage Area Networking Part 2
Ratnesh Kumar
Pas encore d'évaluation
C2022 04
Document72 pages
C2022 04
Leo2pb
Pas encore d'évaluation
CTA Ruling
Document12 pages
CTA Ruling
Ghia Talidong
Pas encore d'évaluation
Operand Storage in The CPU
Document3 pages
Operand Storage in The CPU
isaac setabi
Pas encore d'évaluation
KLAX
Document95 pages
KLAX
Jorge Vega Rodríguez
Pas encore d'évaluation
Schema Instrument Air-01
Document1 page
Schema Instrument Air-01
OudadLeO-mar
Pas encore d'évaluation
LAB 3 - Rockwell Hardness Testing
Document10 pages
LAB 3 - Rockwell Hardness Testing
LEKA THOBEJANE
Pas encore d'évaluation
Intercompany Entries
Document19 pages
Intercompany Entries
Jamil
Pas encore d'évaluation
Himanshu
Document2 pages
Himanshu
Anish Singh
Pas encore d'évaluation
Tkinter Cheat Sheet
Document2 pages
Tkinter Cheat Sheet
phanina01
Pas encore d'évaluation
Alignment: Application and Installation Guide
Document28 pages
Alignment: Application and Installation Guide
aabaroasr
100% (3)
Micropipettes SOP
Document1 page
Micropipettes SOP
Nishchaya Singh
Pas encore d'évaluation
Scrum Developer Assessment
Document11 pages
Scrum Developer Assessment
mohannad
44% (9)
Recruitment and Selection at Aviva Life Insurance
Document5 pages
Recruitment and Selection at Aviva Life Insurance
Kanika Gupta
Pas encore d'évaluation
Procedural Due Process - Refers To The Mode of Procedure Which Government
Document13 pages
Procedural Due Process - Refers To The Mode of Procedure Which Government
Charlene M. Galenzoga
Pas encore d'évaluation
Michael Haid Four Key HR Practices That Drive Retention
Document6 pages
Michael Haid Four Key HR Practices That Drive Retention
Biswajit Sikdar
Pas encore d'évaluation
Art Basel and UBS - The Art Market - 2018 PDF
Document175 pages
Art Basel and UBS - The Art Market - 2018 PDF
Ranjith Mohanmani
Pas encore d'évaluation
Huawei IPCC Solution
Document12 pages
Huawei IPCC Solution
simonpeter02
Pas encore d'évaluation
Facts: Issues: Held:: Eslao v. Comm. On Audit (GR No. 108310, Sept. 1, 1994)
Document4 pages
Facts: Issues: Held:: Eslao v. Comm. On Audit (GR No. 108310, Sept. 1, 1994)
Stephen Celoso Escartin
Pas encore d'évaluation
Capacity Building Programme Methods Template Signed1
Document14 pages
Capacity Building Programme Methods Template Signed1
REX
Pas encore d'évaluation
Solution Chapter 15
Document32 pages
Solution Chapter 15
xxxxxxxxx
75% (4)
Full Course Notes
Document33 pages
Full Course Notes
ukxgerard
100% (11)
DRDO recruitment for scientists in remote areas
Document7 pages
DRDO recruitment for scientists in remote areas
selva mech
Pas encore d'évaluation
(Ye-Tm) Thread Mills PDF
Document12 pages
(Ye-Tm) Thread Mills PDF
david
Pas encore d'évaluation
Introduction To RF For Particle Accelerators Part 1: Transmission Lines
Document58 pages
Introduction To RF For Particle Accelerators Part 1: Transmission Lines
John McCarthy
Pas encore d'évaluation
Malaysia Technical Programme Screen
Document36 pages
Malaysia Technical Programme Screen
Mohd Zainee Zainal
Pas encore d'évaluation
RRV DC: 3.54 In. (90 MM)
Document7 pages
RRV DC: 3.54 In. (90 MM)
Trevor Adams
Pas encore d'évaluation
Piksi Schematics v2.3.1
Document7 pages
Piksi Schematics v2.3.1
Danut Stanciu
Pas encore d'évaluation
SGR Recruiting Packet 12page Pages PDF
Document12 pages
SGR Recruiting Packet 12page Pages PDF
Anonymous p92Qjlt
Pas encore d'évaluation
Cultural Impacts of Tourism in Vietnam
Document4 pages
Cultural Impacts of Tourism in Vietnam
Bùi Thanh Ngọc Bích
Pas encore d'évaluation
IGCSE Syllabus Checklist - ICT (0417)
Document15 pages
IGCSE Syllabus Checklist - ICT (0417)
Melissa Li
100% (1)