Cisco ASA and PIX Firewall Handbook > Managing Firewall Users

Table of Contents

Download Safari Books Online apps: Apple iOS | Android

Entire Site

Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Search

About the Author

About the Technical Reviewers

Acknowledgments

Icons Used in This Book

Command Syntax Conventions

Foreword

Introduction

Ch. 1. Firewall Overview

Ch. 2. Configuration Fundamentals

Ch. 3. Building Connectivity

Ch. 4. Firewall Management

Ch. 5. Managing Firewall Users

Managing Generic Users

Managing Users with a Local Database

Defining AAA Servers for User Management

Configuring AAA to Manage Administrative Users

Configuring AAA for End-User Cut-Through Proxy

Firewall Password Recovery

Ch. 6. Controlling Access Through the Firewall

Ch. 7. Increasing Firewall Availability with Failover

Ch. 8. Firewall Load Balancing

Ch. 9. Firewall Logging

Ch. 10. Verifying Firewall Operation

Ch. 11. Cisco IOS Firewall: Controlling Access

Ch. 12. Cisco IOS Firewall: Managing Activity

Ch. 13. Intrusion Detection System (IDS) Sensors

Appendix A: Well-Known Protocol and Port Numbers

Appendix B: Security Appliance Logging Messages

Index

Chapter 5. Managing Firewall Users

Refer to the following sections for information about these topics:

5-1: Managing Generic Users— Covers how default “generic” or ambiguous users can be allowed to connect to a firewall and execute commands or make configuration changes.
5-2: Managing Users with a Local Database— Presents methods to configure unique usernames locally on the firewall. You can then manage these users' privileges and monitor their activity.
5-3: Defining AAA Servers for User Management— Discusses external servers that can be used to authenticate, authorize, and keep accounting records about user activity on and through a firewall.
5-4: Configuring AAA to Manage Administrative Users— Explains the configuration steps needed to offload user management functions when administrative users connect to a firewall.
5-5: Configuring AAA for End-User Cut-Through Proxy— Covers the methods that can be used to authenticate users initiating connections through a firewall and to authorize their ability to do so.
5-6: Firewall Password Recovery— Discusses procedures that can be used to recover or bypass a firewall's privileged user password when it is lost or forgotten.

Although its primary function is to provide and enforce security policies at the boundaries of networks, a Cisco firewall also supports several methods to manage users who interact with it. Firewall users fall into the following general categories:

You are currently reading a PREVIEW of this book.

Get instant access to over
$1 million worth of books and videos.

Start a Free Trial