Cisco Systems OL-12172-01 manual IP Routing Support, 15-1

Page 1

C H A P T E R 15

Firewall Mode Overview

This chapter describes how the firewall works in each firewall mode. To set the firewall mode, see the “Setting Transparent or Routed Firewall Mode” section on page 2-5.

Note In multiple context mode, you cannot set the firewall mode separately for each context; you can only set the firewall mode for the entire security appliance.

This chapter includes the following sections:

Routed Mode Overview, page 15-1

Transparent Mode Overview, page 15-7

Routed Mode Overview

In routed mode, the security appliance is considered to be a router hop in the network. It can use OSPF or RIP (in single context mode). Routed mode supports many interfaces. Each interface is on a different subnet. You can share interfaces between contexts.

This section includes the following topics:

IP Routing Support, page 15-1

How Data Moves Through the Security Appliance in Routed Firewall Mode, page 15-1

IP Routing Support

The security appliance acts as a router between connected networks, and each interface requires an IP address on a different subnet. In single context mode, the routed firewall supports OSPF and RIP. Multiple context mode supports static routes only. We recommend using the advanced routing capabilities of the upstream and downstream routers instead of relying on the security appliance for extensive routing needs.

How Data Moves Through the Security Appliance in Routed Firewall Mode

This section describes how data moves through the security appliance in routed firewall mode, and includes the following topics:

 

 

Cisco Security Appliance Command Line Configuration Guide

 

 

 

 

 

 

 

OL-12172-01

 

 

15-1

 

 

 

 

 

Image 1
Contents 15-1 IP Routing Support15-2 An Inside User Visits a Web Server15-3 An Outside User Visits a Web Server on the DMZ15-4 An Inside User Visits a Web Server on the DMZ15-5 An Outside User Attempts to Access an Inside Host15-6 DMZ User Attempts to Access an Inside HostAllowing Layer 3 Traffic Transparent Firewall NetworkAllowed MAC Addresses 15-7MAC Address vs. Route Lookups Passing Traffic Not Allowed in Routed Mode15-8 Transparent Firewall Guidelines Using the Transparent Firewall in Your Network15-9 15-10 Unsupported Features in Transparent Mode15-11 How Data Moves Through the Transparent Firewall15-12 8shows an inside user accessing an outside web server15-13 An Inside User Visits a Web Server Using NAT15-14 An Outside User Visits a Web Server on the Inside Network11 Outside to Inside 15-1515-16

OL-12172-01 specifications

Cisco Systems OL-12172-01 is a pivotal component in the landscape of networking and telecommunications, particularly catering to the needs of businesses seeking robust and efficient networking solutions. This particular offering is part of Cisco's ongoing commitment to providing advanced networking technologies that enhance connectivity, security, and overall operational efficiency.

One of the main features of Cisco OL-12172-01 is its capability to support enterprise networking environments through highly scalable and flexible architecture. The device is designed to address the growing demands for bandwidth and connectivity in corporate networks, enabling seamless communication and data exchange among various devices and applications. With support for high-speed Ethernet connections, the OL-12172-01 can significantly improve the performance of network operations, ensuring minimal downtime and optimal user experiences.

Security is a hallmark of the Cisco OL-12172-01. The device comes equipped with advanced security protocols that protect sensitive data and mitigate the risks associated with network vulnerabilities. Features such as integrated firewall capabilities, Virtual Private Network (VPN) support, and intrusion prevention systems are vital in safeguarding corporate information against cyber threats. This ensures that businesses can operate confidently in a digital landscape laden with potential risks.

Another significant aspect of the OL-12172-01 is its compatibility with various Cisco technologies, enhancing its versatility. It integrates seamlessly with Cisco’s Software-Defined Networking (SDN) solutions, allowing for dynamic network management and automation. This adaptability means businesses can respond quickly to changing network demands and efficiently manage resources without incurring excessive costs.

The OL-12172-01 also boasts comprehensive management and monitoring tools. Through Cisco's management software, network administrators can easily configure, monitor, and troubleshoot their networks. These tools provide insight into network performance metrics, enabling proactive measures to ensure optimal functionality.

In summary, Cisco Systems OL-12172-01 is a feature-rich device designed for modern enterprise networking. With advanced security measures, high-speed connectivity, and compatibility with cutting-edge technologies, it empowers businesses to optimize their network infrastructure while maintaining high levels of protection. As organizations continue to evolve their IT landscapes, the OL-12172-01 remains a reliable solution for enhancing operational efficiency and safeguarding essential data.