Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

CBAC question - Cisco IOS firewall

Posted on 2011-03-07
3
Medium Priority
?
495 Views
Last Modified: 2012-05-11
A quick question, as I am little confused... CBAC:

ip inspect name firewall tcp
ip inspect name firewall udp
ip inspect name firewall tftp
ip inspect name firewall smtp
...

What is the point in listing ALL these protocols, if we put tcp and udp at the top of the list? I assume that if I put 'inspect tcp', it will include ftp, smtp etc... ???
0
Comment
Question by:m1979
3 Comments
 
LVL 32

Accepted Solution

by:
harbor235 earned 1000 total points
ID: 35070012

Generically you can look at TCP or UDP, layer 4, or you can look deeper into the packet via layer 7.
So, additional deep packet inspection capabilities.  So for example, inspection of mail would allow you much more granularity inspecting the commands the mail application uses, allowing or disallowing specific mail commands or security threats  

harbor235 ;}
0
 
LVL 28

Assisted Solution

by:asavener
asavener earned 1000 total points
ID: 35070027
TCP inspection simply allows the router to watch simple TCP sessions and allow the traffic back through the firewall.

For more complex protocols (such as FTP which uses secondary connectoins), or to make sure that traffic on a particular port conforms to the protocol standard (such as making sure that traffic on port 25 is SMTP), you will need to use the proper keywords.
0
 

Author Closing Comment

by:m1979
ID: 35070391
Thx
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question