Cisco ASA EAL4 transparent firewall config? Do I need to use MAC filtering?

I am configuring an ASA5540 firewall for a client, only difference to usual being that it is to run in Transparent mode. I have looked through for an EAL4 transparent firewall config guide but found nothing and therefore assumed that the usual one would be used.

The clients security bod has now come back and insisted MAC filtering should be used but I can find no reference of this anywhere.

Can someone tell if MAC filtering is required to make a transparent box EAL4 compliant and if so where I can find documentation supporting this?

Thanks in advance
Chris
Chris_944Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Chris_944Connect With a Mentor Author Commented:
Incase anyone runs accross the same question after an hour or 2 trawling through the EAL4 config guide again I came accross this. So Yes, it is required.

Inspect ARP
To configure the ARP inspection engine, use the arp-inspection command in global configuration mode. ARP inspection is required when a firewall context is operating in transparent mode, to prevent IP spoofing of traffic.

To complete the configuration of ARP inspection the administrator must create static ARP entries for each host protected by the firewall context.

hostname(config)# arp inside 1.2.3.4 0050.abcd.1234
hostname(config)# arp-inspection outside enable
hostname(config)# arp-inspection inside enable

Cheers Chris
0
All Courses

From novice to tech pro — start learning today.