I am trying to understand the Cisco IOS firewall feature sets in regards to SDM.
As I understand it, depending on the IOS, SDM will allow you to create any customized firewall using the Cisco IOS firewall feature sets.
However, when creating basic or advanced firewall policies using SDM, is it simply using standard and extended ACL?s for denied traffic and CBAC lists for the permitted traffic?
To my understanding CBAC lists examine the application layer (L7).
What I do not understand is what is being examined when CBAC lists are configured.
For example, if CBAC?s are configured and ip inspect ftp or ip inspect http was configured, what would the CBAC?s be examining for? Malformed packets? Open/Close sessions, etc. Also where is the signature list kept to determine what to examine, if there is such. Also what criteria are used to determine to drop the packets, etc?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...