04-06-2008 08:19 PM - edited 03-03-2019 09:26 PM
Hi,
I have a Firewall,whose Outside interface is connected to a ISP with a Public IP address,now I want to protect this Outside interface.How can I do this?Basically it is like a Hardening the Firewall or a Router which is directly exposed to global network.
Please help me.
Thanks and Regards,
S.Venkataraman
04-06-2008 11:06 PM
Your firewall is already providing perimeter security but you may still provide another layer of security protection in your edge router facing internet, I personally use the examples provided in these links.
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801a1a55.shtml
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801afc76.shtml#intro
HTH
Rgds
Jorge
04-06-2008 11:56 PM
Hi Venkat,
Actually your firewall already provides functions to protect a outside interface.As you know,Traffics originating from inside should be allowed by a firewall. It will deny all traffics originating from outside unless you want to allow them.One thing when you enable IOS firewall on a router you need to manually configure an acl to deny traffics from outside-to-inside.
Hopes this helps
Thot
04-07-2008 01:35 AM
Hi Thot,
Thanks a lot for the info.
Best Regards,
S.Venkataraman.
04-07-2008 01:34 AM
Hi Jorge,
Thanks for the info.It helped me a lot.
Best Regards,
S.Venkataraman.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: