Inside Commands of Cisco's PIX Firewall
PIX firewall appliances allows data to
pass out, but not in. How? What is (in reality) going on
inside of a Cisco PIX firewall? According to Andy Fox, (a
certified Cisco Systems instructor for Global Knowledge)
there are six basic computer commands inside each Cisco PIX
firewall: nameif, interface, ip address, global, nat,
and route. The next paragraph briefly covers what
these commands mean and what transpires from them.
From the nameif command, we
can derive the type of hardware used, interface names, and
assigned security levels. Security levels are assigned to
interfaces—some interfaces are more trusted than others. The
interface command identifies network interfaces and
hardware speed; and when using the IP address
command, an IP address is assigned to an interface to make
it easily identifiable. Stats from an interface can be
obtained (which allow administers to check connectivity
within a business network). Even though the PIX firewall is
not a router, it behaves as one as it routes or
passes data. Then, in order for the PIX firewall to
translate trusted (or less trusted) IP addresses, it will
either allow or block data from coming through. For tight,
intelligent network security, global and nat
addresses are required. For example, the nat_id
must match global statements before data can enter
through a PIX firewall.
In plain English, Cisco's PIX security
appliances offer advanced application policy enforcement for
today's site-to-site and remote access IPSec virtual private
networks (which includes Voice-Over-IP and multimedia). A
PIX appliance “tracks the state of all network
communications and prevents unauthorized network access. . .
and delivers strong application layer security through 30
intelligent, application-aware inspection engines that
examine network flows at Layers 4-7” (Cisco PIX 535 Security
Appliance Datasheet).
 Because
Cisco's PIX security appliances have multi-vector attack
protection services, they can effectively defend businesses
from many popular forms of attacks, such as:
denial-of-service (D0S) attacks, fragmented attacks, replay
attacks, and malformed packet attacks. To conclude, the
benefits deriving from PIX firewalls are: improved
productivity, lower operational costs, and increased
competitive advantage. If you are interested in looking into
new, used, or refurbished PIX firewalls, PIX firewall
interfaces, and cards, please contact Genesis Global at
1-800-908-9665 or e-mail a Sales Accounts Manager at
sales@genesisglobalinc.com . Don't forget to ask about
the ReNew™ Program: Trade-In and Trade-Up. Genesis Global is
renowned for finding the right networking solutions! Your
equipment is backed with warranty plans.
About Genesis Global's Author: |
|
Debbie Jensen, an expert
writer for business and technology for Genesis Global,
has a Bachelor's Degree in Visual Communication
(Multimedia). With her twenty year history of creative
expressions and formalized study of Information
Technology of digital print/web design and development,
she is now publishing articles about networking for
Genesis Global. | |
Give Genesis Global's Account Sales Managers a call
at:
1-800-908-9665
The Best Business Connection
"Cisco believes the network is the
platform for organizations to connect with their
constituents and for individuals to connect with each
other," said Dan Scheinman, senior vice president and
general manager of the Cisco Media Solutions Group" (CMSG).
Used Cisco Hardware
Used Cisco Accessories
Used EqualLogic
Used Foundry
Used Juniper
Used Brocade
Used Marconi
Used 3Com
Used Riverstone
Used Nortel
Used 3Com
Call 1-800-908-9665 and our Sales Accounts Managers and
about ReNew!
|
|
|
