Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    Summary

    This chapter analyzed some application-oriented inspection mechanisms available on Cisco network firewalls. This set of upper-layer resources enhance the generic (L4-based) inspection and basically serve three purposes:

    • Adapt the appropriate parameters of application protocols that include IP addressing information above Layer 3, by performing NAT inside the IP payload.

    • Watch the negotiation of secondary channels so that the dynamic opening of Layer 4 ports, which are necessary for correct protocol transport across stateful firewalls, can be achieved.

    • Use the application knowledge to implement more powerful inspection for some of these protocols.


      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial