Re: Protecting the WAN interface

Lavanholy · ‎04-06-2008

Hi,

I have a Firewall,whose Outside interface is connected to a ISP with a Public IP address,now I want to protect this Outside interface.How can I do this?Basically it is like a Hardening the Firewall or a Router which is directly exposed to global network.

Please help me.

Thanks and Regards,

S.Venkataraman

JORGE RODRIGUEZ · ‎04-06-2008

Your firewall is already providing perimeter security but you may still provide another layer of security protection in your edge router facing internet, I personally use the examples provided in these links.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801a1a55.shtml

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801afc76.shtml#intro

HTH

Rgds

Jorge

Jorge Rodriguez

Thotsaphon Lueangwattanaphong · ‎04-06-2008

Hi Venkat,

Actually your firewall already provides functions to protect a outside interface.As you know,Traffics originating from inside should be allowed by a firewall. It will deny all traffics originating from outside unless you want to allow them.One thing when you enable IOS firewall on a router you need to manually configure an acl to deny traffics from outside-to-inside.

Hopes this helps

Thot

Lavanholy · ‎04-07-2008

Hi Thot,

Thanks a lot for the info.

Best Regards,

S.Venkataraman.

Lavanholy · ‎04-07-2008

Hi Jorge,

Thanks for the info.It helped me a lot.

Best Regards,

S.Venkataraman.