Summary

This module discussed CBAC for Cisco routers. CBAC was shown to be a more specific, security minded implementation of ACLs. ACLs are used to filter and secure network traffic. While ACLs filter network traffic by controlling whether routed or switched packets are forwarded or blocked at the interface, CBAC is used to create temporary openings in the firewall access lists. The student should understand the steps required for configuring CBAC:

  1. Pick an interface – internal or external.
  2. Configure IP access lists at the interface.
  3. Set audit trails and alerts.
  4. Set global timeouts and thresholds.
  5. Define port-to-application mapping (PAM).
  6. Define inspection rules.
  7. Apply inspection rules and ACLs to interfaces.
  8. Test and verify.

By understanding the tasks required to configure CBAC, the student should understand the following concepts:

  • What CBAC is, how it works, and how to configure and test the different components
  • How and why inspection rules are used with Java, RPC Applications, SMTP, and IP Fragmentation, and how they are applied to router interfaces.
  • The different configuration requirements for a two-interface solution compared to a multi-interface solution.