1. CISCO PIX FIREWALL
Configuration for DCSL
The PIX is a firewall appliance based on a hardened, specially built
operating system, PIX OS, minimizing possible OS-specific security holes.
The PIX has received ICSA Firewall and IPsec certification as well as
Common Criteria EAL4 evaluation status.
PIX firewalls provide a wide range of security and networking services including:
Network Address Translation (NAT) or Port Address Translation (PAT)
content filtering (Java/ActiveX)
URL filtering
IPsec VPN
support for leading X.509 PKI solutions
DHCP client/server
PPPoE support
advanced security services for multimedia applications and protocols including
Voice over IP (VoIP), H.323, SIP, Skinny and Microsoft NetMeeting
AAA (RADIUS/TACACS+) integration
2. C
Basic rules to configure Cisco PIX firewall
Cisco PIX firewall is a “hardware” firewall, a
network layer firewall.
Cisco PIX firewall series: 501, 506e, 515e, 525
and 535. Series used in the DCSL lab is 515e.
http://www.router-switch.com/
3. Basic rules to configure Cisco PIX firewall
(cont.)
http://www.router-switch.com/
4. Basic rules to configure Cisco PIX firewall
(cont.)
DCSL provides 2-layer firewall protection.
How to access PIX firewall
– Access via Telnet port
– Access via Console port
http://www.router-switch.com/
5. Basic rules to configure Cisco PIX firewall
(cont.)
General capabilities of PIX 515e
– Up to 6 Ethernet interfaces
– 128,000 simultaneous connections
– 170 Mbps clear text throughput
– 11Mbps DES throughput
Software: Cisco PIX firewall version 6.3(4)
Network Address Translation
VPN feature
http://www.router-switch.com/