This document provides summaries of several firewall configuration and management videos. It discusses firewall concepts like URL filtering, threat prevention, application awareness, user identification, management interfaces, configuration types, interface management profiles, zone protection profiles, and session end reasons. Basic firewall configuration steps are also summarized, including logging in, viewing interfaces, and defining permitted management access. Methods for updating firewall software, using tap interfaces, configuring virtual wire interfaces, and managing configurations are briefly described.
This document provides summaries of several firewall configuration and management videos. It discusses firewall concepts like URL filtering, threat prevention, application awareness, user identification, management interfaces, configuration types, interface management profiles, zone protection profiles, and session end reasons. Basic firewall configuration steps are also summarized, including logging in, viewing interfaces, and defining permitted management access. Methods for updating firewall software, using tap interfaces, configuring virtual wire interfaces, and managing configurations are briefly described.
This document provides summaries of several firewall configuration and management videos. It discusses firewall concepts like URL filtering, threat prevention, application awareness, user identification, management interfaces, configuration types, interface management profiles, zone protection profiles, and session end reasons. Basic firewall configuration steps are also summarized, including logging in, viewing interfaces, and defining permitted management access. Methods for updating firewall software, using tap interfaces, configuring virtual wire interfaces, and managing configurations are briefly described.
This document provides summaries of several firewall configuration and management videos. It discusses firewall concepts like URL filtering, threat prevention, application awareness, user identification, management interfaces, configuration types, interface management profiles, zone protection profiles, and session end reasons. Basic firewall configuration steps are also summarized, including logging in, viewing interfaces, and defining permitted management access. Methods for updating firewall software, using tap interfaces, configuring virtual wire interfaces, and managing configurations are briefly described.
Download as DOCX, PDF, TXT or read online from Scribd
Download as docx, pdf, or txt
You are on page 1/ 7
Video 2
Earlier firewall filtered traffic based on ip address and layer 4 protocol [port numbers] like tcp , udp And also provides facilities of stateful filtering. URL Filtering : We can block Harmful websites , malicious websites using URL filtering based on url categories. Threat prevention & antivirus : Malicious packet content like downloading software or files that contains malware. Application awareness : Deep packet inspection , check the header & payload of the packets . User id : Based on user name we can filter the traffic not just ip address.
Video 3
Management concepts ******************* 1> Serial console : default user id & password is "admin" 2> Mgmt port : Default ip address : 192.168.1.1 , we can do either SSh or https
Video 4
Basic configuration **************** Login to device via mgmt port or comsole , login as admin admin.
Two types of configuration :
Candidate config Running config [after commit] Show interface management : To verify the configuration Device -> setup -> management interface Default ping , ssh & https is allowed on mgmt interface. We can also define permitted ip address to access firewall through mgmt interface ip address. Service route : which ip address firewall will use as a source while getting updates from internet like DNS , NTP , dynamic updates. By default it uses mgmt interface as a source.
Video 5
Updating the firewall software
************************* Device -> software -> list of ios we currently have Click on "check now" to get the latest cersion available
7.1.X ***** 7 : Major version 1 : Minor version X : Maintaintanace release.
Device > Setup > Operations > Save Named Configuration Snapshot Device > Setup > Operations > Export Named configuration Snapshot Suspend the standby device from cluster GUI Suspend the active firewall : Select Device > High Availability > Operational Commands and click the Suspend local device link. CLI > request high-availability state suspend Update the dynmaic updates [threat prevention & antivirus , wild fire] because their can be requirment of their minimum version for os upgrades. Before upgrading we should make sure we have base version downloaded on machine 7.1.10 to 8.0.10 = base version 8.0.1. Downlaod the os software , install it & reload the device Note : preemptive [should be disabled ] , Disable TCP-Reject-Non-SYN [so that sessions can failover even when they are not in sync.]
If the device is still in suspended state make it functional again
CLI > request high-availability state functional GUI : Go to Device > High Availability > Operational Commands > Make Local Device Functional Video 6
TAP Interface *********** The best use of tap interface is , -> Before creating a policy we can first understand what kind of traffic is going through network whether it is malicious or not .
So to do that we can configure tap interface connect it into the network switch. but we have to configure span configuration i.e port mirroring on cisco switch to send one copy of traffic to firewall tap interface. Video 7
Virtual wire interface
****************** We can place firewall in production with all security policy configured without configuring ip address on interfaces and its also called bump in the wire like in cisco we have Transparent firewall.
Configuration ------------------- Take any two interface convert it into virtual wire type . then we have to create virtual wire object & call those virtual wire interface their . so now this virtual wire object will be associated with both interfaces.
Commit options --------------------- 1> Commit all changes 2> Commit changes made by admin [we can choose admin name here] We can also preview the changes by his number. here it will show running & candidate configuration. -> Preview change -> change summary -> Validate commit.
Video 11
Virtual router is like VRF , if we want to route the traffic from two same subnet , mostly it used by ISP.
Video 18
Session End Reason (session_end_reason)
*********************************** 1> Threat : The firewall detected a threat associated with a reset, drop, or block (IP address) action. 2> Policy-deny : The session matched a security rule with a deny or drop action. 3> tcp-rst-from-client : The client sent a TCP reset to the server. 4> tcp-rst-from-server : The server sent a TCP reset to the client. 5> tcp-fin : One host or both hosts in the connection sent a TCP FIN message to close the session. 6> tcp-reuse : A session is reused and the firewall closes the previous session. 7> aged-out : Occurs when a session closes due to aging out. Video 19
Policy destination part
******************* Post nat zone pre nat address
Zone protection profile
******************** Network -> Zone protection -> create Zone protection profile by clicking on ADD
Interface management profile
************************* By default we can only connect to firewall via mgmt port other port blocks https , ssh , ping etc.
Network -> interface management -> Add
we can also define permitted ip address here
Configuration management ************************* Every time when we commit their is version of config stored on the firewall. we can also save the candiate config & enforce after some day . we can also give a name for candiate config.
It will revert any changes in candidate config .
Another option to revert is :
Go to : Device -> Setup -> Operations -> It will do the same thing as revert config option , It will revert any changes in candidate config . If you haven’t done any changes “commit” option wont be available.
Now we created one object & saved the changes
It will save the file to a snapshot file to a firewall.
There is two ways to save the configuration 1> Save named configuration snapshot. 2> Save the candidate configuration To restore we can use “Load named configuration snapshot”
We also have revert as per the configuration revision number
Device -> setup -> operation Loading configuration version
