Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Basic IOS Firewall vs IOS FW Feature Set

Hi,

Can someone help me to find out basic difference between a Plain IOS FW and IOS FW Feature set ?

Does the IOS FW Feature set can do stateful insepction for UDP packets ?

Regards \\ Naman

1 REPLY
Cisco Employee

Re: Basic IOS Firewall vs IOS FW Feature Set

I'm not sure what you're referring to when you mention the "plian" or "basic" IOS firewall. The FW Feature set is what you want to use if you want to turn your router into a true stateful packet inspection device, and yes, it'll do both TCP and UDP inspection (although states in UDP streams are generally hard to determine unlike TCP).

You can read about the FW feature set and all the things it can give you here:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_c/scprt3/index.htm

TCP Intercept and CBAC are two very useful features of it, the rest aren't used as often.

81
Views
0
Helpful
1
Replies
CreatePlease to create content