Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Section 1. Cisco Firewall and ASA Techno... > Cisco Adaptive Security Appliance - Pg. 8

[8] Section 1: Cisco Firewall and ASA Technology Stateful Packet Filtering with Application Inspection and Control Stateful packet filtering with application inspection and control enhances stateful packet filtering to include services such as the following: In-memory reassembly of Layer 4 TCP and UDP sessions so that the application layer protocol can be parsed Filtering inside the application layer protocol and its content Application layer protocol verification Network IPS With network intrusion prevention system capabilities within the firewall, traffic can be analyzed against known attack signatures. Engineers can tune the behavior of the device to eliminate false-positive and false-negative alarm conditions. Network Behavior Analysis With network behavior analysis, traffic patterns in the network are analyzed. When traffic behaves outside the normal patterns, the firewall device alerts engineers. This capability is an exciting enhancement to a signature-based approach because it can result in catching attacks for which no signatures yet exist. These are often called Day 0 attacks. Cisco Adaptive Security Appliance The Cisco Adaptive Security Appliance (ASA) is a key component in the Cisco end-to-end security solution. The ASA is the market- leading Cisco security appliance and provides enterprise-class, integrated network security services. The ASA product line offers cost-effective, easy-to-deploy solutions. The product line ranges from compact plug-and-play desktop firewalls such as the ASA 5505 for small offices to carrier-class gigabit firewalls such as the ASA 5580 for the most demanding enterprise and service-provider environments. Cisco ASA features include the following: State-of-the-art stateful packet inspection firewall User-based authentication of inbound and outbound connections © 2012 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 123 for more details.