Cisco PIX Firewalls: Configure, Manage, & Troubleshoot

This completely updated bestseller covers Cisco PIX Security Appliance Software Version 7.0, as well as the entire family of Cisco PIX 500 Series Firewalls. The book clearly explains how to leverage the integrated remote access and site-to-site VPN capabilities found in PIX Firewalls. It also illustrates how to securely extend your network to tele-workers, remote and satellite offices, business partners, suppliers, and customers. The authors thoroughly document all enhancements to PIX 7.0, including virtual LAN (VLAN)-based virtual interfaces, OSPF Dynamic Routing over VPNs, Secure Hypertext Transfer Protocol (HTTPS) Authentication Proxy, Local User Authentication Database for Network and VPN Access, Advanced Encryption Standard (AES), Support for VPN Accelerator Card+ (VAC+), DHCP Server Support on Multiple Interfaces. Special attention is paid to intrusion protection configuration.

• Create Multiple Security Contexts Create virtual firewalls within a single appliance, each with its own set of security policies, logical interfaces, and administrative domain.
• Utilize PIX 7.0's Advanced Active Failover Design Create an easy-to-manage, high-availability solution using geographically separated appliances, that continuously synchronize their connection state and device configuration data.
• Use Scheduled System Reloads Schedule PIX security appliance reloads at specific times to better manage network downtime and remote-access VPN connections more efficiently.
• Secure Communications with SSHv2 and Secure Copy Protocol Use SSHv2 to securely manage PIX appliances and begin using SCP for secure file transfer between appliances.
• Take Advantage of the New ASDM With ASDM all you need is a Web browser to deploy, configure, and monitor a PIX appliance, or to setup a VPN.
• Deploy OSPF Dynamic Routing Use OSPF to detect service outages and automatically reroute your network and VPN traffic for optimal performance and flexibility.
• Realize the Benefits of IPv6 PIX 7.0 provides IPv6-enabled inspection services for HTTP, FTP, SMTP, ICMP, TCP, and UDP.
• Manage and Contain Malicious Attacks Use your PIX firewall to protect against SYN Floods, malicious fragmentation of traffic, and excessive connection establishment by configuring limits.