This module introduced the Cisco IOS Firewall feature set, the Cisco PIX
Security Appliance, and the Adaptive Security Appliance. Particular emphasis
was placed on the various models, their capabilities, and how they are utilized
in a network. Also, the basic capabilities and configuration of the PIX were
discussed. This discussion included routing capabilities and user interfaces.
Device configuration using SDM and ASDM was also discussed.
Translations use NAT or PAT technologies to change the IP address of traffic
as it goes across the PIX Security Appliance. For traffic going from the inside
network to the outside network, this provides an additional layer of security
and helps the administrator conserve IP address space. For traffic going from
outside networks to inside networks, translations help simplify the router
configuration on the internal, or perimeter, networks by controlling the
addresses that appear on these networks.
Connections are used to create
pathways through the PIX Security Appliance from lower security networks to
higher security networks. These pathways allow traffic that would otherwise be
denied by default. These pathways must be defined, so that only specified
traffic is allowed through. The PIX uses the static and
access-list commands to do this.