A strict inspection is performed to confirm RFC compliance on the
TCP header (advanced header examination for flags and checking option, window variation, checksum
verification and detection of data tampering in retransmitted packets). Several other advanced features and
enhancements are available in the more recent software version releases.
The Security Appliance combines in one device advanced stateful firewall, VPN concentrator functionality, and
advanced protection features to intercept and respond to network attacks.
The Security Appliance software supports an intuitive, easy-to-use GUI-based application called Adaptive
Security Device Manager (ASDM). ASDM is a browser-based Java applet used to configure, monitor, and
manage the Security Appliances. ASDM is covered in Chapter 24, "Security and Policy Management."
With the brief introduction and product overviews, sections to follow will discuss the features and the
configuration details.
Firewall Modes
The Security Appliance runs in two firewall modes:
Routed firewall mode
Transparent firewall mode (stealth firewall)
Routed Firewall Mode
In this mode, the Security Appliance is considered to be a router hop in the network.
Pages:
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256