Foundation Summary
The "Foundation Summary" provides a convenient review of many key concepts in this chapter. If you are already comfortable with the topics in this chapter, this summary can help you recall a few details. If you just read this chapter, this review should help solidify some key facts. If you are doing your final preparation before the exam, this summary provides a convenient way to review the day before the exam.Rules or translations have to be put in place to allow data traffic to and from hosts in a network. Rules are usually made up of a static nat command and access list. The static nat command identifies the subnet or host to which connections will be permitted to go. Access lists are then configured to identify and permit the type of traffic to the subnet or host identified by the static command.TurboACL is a feature introduced with Cisco PIX Firewall Version 6.2 that improves the average search time for ACLs containing a large number of entries. TurboACL feature is applied only to access lists with a minimum of 19 ACEs to a maximum of 16,000 ACEs.The object grouping feature enables you to group objects such as hosts (servers and clients), services, and networks and apply security policies and rules to the group. The four types of object groups are these:- network
- protocol
- service
- icmp-type
PIX Firewall supports several popular multimedia applications. Its application inspection function dynamically opens and closes UDP ports for secure multimedia connections. Popular multimedia applications such as RealPlayer and Microsoft NetMeeting are supported by Cisco PIX Firewall. |
لطفا منتظر باشید ...
