Chapter 5 Summary of Software Applications Features
External Software Applications
•VPN support—Combining Cisco IOS Firewall with Cisco IOS encryption and QoS VPN features enables secure, low-cost transmissions over public networks.
•Scalability—Cisco IOS Firewall scales to meet any network’s bandwidth and performance requirements.
•Easier management—Using Cisco ConfigMaker software, network administrators can configure Cisco IOS security features (including the Cisco IOS Firewall, network address translation, and Cisco IPSec) from a central console over the network.
Key Features
Table 5-10lists key features supported by the Cisco IOS Firewall.
Table 5-10 Key Features of Cisco IOS Firewall
Feature | Description |
| |
Context-based access control | Provides internal users secure, per-application-based access |
(CBAC) | control for all traffic across perimeters, such as perimeters |
| between private enterprise networks and the Internet. |
| |
Intrusion detection | Provides real-time monitoring, interception, and response to |
| network misuse with a broad set of the most common attack and |
| information-gathering intrusion detection signatures. |
| |
Authentication proxy | Dynamic, per-user authentication and authorization for |
| LAN-based and dial-in communications; authenticates users |
| against industry-standard TACACS+ and RADIUS authentication |
| protocols; network administrators can set individual, per-user |
| security policies. |
| |
Denial-of-service detection and | Defends and protects router resources against common attacks; |
prevention | checks packet headers, dropping suspicious packets. |
| |
Dynamic port mapping | Allows network administrator to run CBAC-supported |
| applications on non-standard ports. |
| |
Java applet blocking | Protects against unidentified, malicious Java applets. |
| |
| | Cisco ICS 7750 System Description | | |
| | |
| 78-10360-02 | | | 5-23 |
| | |
