Summary

This lesson discussed the Cisco IOS Firewall authentication proxy feature. Students should be able to configure authentication proxy on a Cisco IOS router in order to apply specific security policies on a per-user basis.

Students should also possess an understanding of how the PIX Security Appliance supports AAA services. This understanding should include the ability to configure, monitor, and troubleshoot AAA on the PIX. The discussion included how to set usernames and passwords in the PIX local user database, so that these entries could be used for authentication. Authentication against an external AAA server was also discussed. Students should now be able to configure downloadable per-user ACLs to accomplish authorization. Students should also have an understanding of user, administration, and command accounting on the PIX.