Cisco router firewall security

Harden routers with IOS Firewalls to ensure Network Perimeter Security

• Master the use of router technologies to secure your network
• Learn how to implement IOS firewall features in complex network designs
• Extensive configuration examples provide ground-up coverage of how to use Cisco routers as a firewall solution

Cisco Router Firewall Security includes in-depth coverage of how to configure a Cisco router to secure access to it. This book explains how to use IOS routers as a firewall solution for protecting a data network from outsiders, especially hackers. Each part of the book addresses a specific type of technology or security issue and covers the IOS features both old and new that can be used to implement each security feature. Part I includes an overview of security, with emphasis on the challenges associated with firewalls. Part II addresses managing access to routers, including a discussion of disabling unnecessary features to limit network access points. Non-stateful filtering technologies are discussed in Part III, which presents basic and advanced features of access lists. In Part IV, stateful and advanced filtering technologies are covered, including Context-Based Access Control (CBAC). Part V discusses address translation and firewalls, including problems with address translation and the solutions. Part VI addresses lock-and-key ACLs, authentication proxy, and Routing Protocol Protection, couched in a discussion of managing access through routers. Detecting and preventing attacks are addressed in Part VII, including the use of different router IDS tools. VPNs are covered in Part VIII. The final part of the book presents case studies that illustrate the appropriate use of how the various technologies fit into a complete network security solution using Cisco IOS Router Firewalls.

Introduction. SECURITY OVERVIEW AND FIREWALLS. Security Threats. Introduction to Firewalls. MANAGING ACCESS TO ROUTERS. Accessing a Router. Disabling Unnecessary Services. Authentication, Authorization, and Accounting. NONSTATEFUL FILTERING TECHNOLOGIES. Access List Introduction. Basic Access Lists. STATEFUL AND ADVANCED FILTERING TECHNOLOGIES. Reflexive Access Lists. Context-Based Access Control. Filtering Web and Application Traffic. ADDRESS TRANSLATION AND FIREWALLS. Address Translation. Address Translation Issues. MANAGING ACCESS THROUGH ROUTERS. Lock-and-Key Access Lists. Authentication Proxy. Routing Protocol Protection. DETECTING AND PREVENTING ATTACKS. Intrusion-Detection System. DoS Protection. Logging Events. VIRTUAL PRIVATE NETWORKS. IPSec Site-to-Site Connections. IPSec Remote-Access Connections. CASE STUDY. Index.