This module discussed CBAC for Cisco routers. CBAC was shown to be a more
specific, security minded implementation of ACLs. ACLs are used to filter and
secure network traffic. While ACLs filter network traffic by controlling
whether routed or switched packets are forwarded or blocked at the interface,
CBAC is used to create temporary openings in the firewall access lists. The
student should understand the steps required for configuring CBAC:
- Pick an interface – internal or external.
- Configure IP access lists at the interface.
- Set audit trails and alerts.
- Set global timeouts and thresholds.
- Define port-to-application mapping (PAM).
- Define inspection rules.
- Apply inspection rules and ACLs to interfaces.
- Test and verify.
By understanding the tasks required to configure CBAC, the student
should understand the following concepts:
- What CBAC is, how it works, and how to configure and test the different
components
- How and why inspection rules are used with Java, RPC Applications, SMTP,
and IP Fragmentation, and how they are applied to router interfaces.
- The different configuration requirements for a two-interface solution
compared to a multi-interface solution.