Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2348
Views
0
Helpful
1
Replies

Cisco ASA an "Application Firewall"

jacquesl2
Level 1
Level 1

‎10-19-2009 10:36 AM - edited ‎03-11-2019 09:27 AM

Is the Cisco ASA generally considered a screening firewall or a proxy based application firewall (http://en.wikipedia.org/wiki/Application_layer_firewall)?

Thanks,

Jack

Labels:
0 Helpful
1 Reply 1

Panos Kampanakis
Cisco Employee
Cisco Employee

‎10-19-2009 11:55 AM

Someone could say that it is both.

In general it can firewall on a network basis. In other words it sits in the middle without intervening, it monitors connections, timeouts, ACLs, sequence number etc and blocks and allows packets.

Though for applications that use signaling protocols that actively inspected by the firewall (i.e. h323, sip) it actually proxies in the middle. Moreover, for application like ftp, http etc it also looks into the application layer and can block or allow according to protocols specific fields (website for http, file name for ftp etc).

I hope it helps.

PK

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card