Device Options
Appliance-based, server-based, and integrated firewalls

The most well-known security device is the firewall. By conventional definition, a firewall is a partition made of fireproof material designed to prevent the spread of fire from one part of a building to another. A firewall can also be used to isolate one compartment from another. When applying the term firewall to a computer network, a firewall is a system or group of systems that enforces an access control policy between two or more networks .

All firewalls fall within three classes:

  • Appliance-based firewalls – Appliance-based firewalls are hardware platforms that are designed specifically as dedicated firewalls. The appliance may serve other functions, but they are secondary to the firewall feature set.
  • Server-based firewalls – A server-based firewall consists of a firewall application that runs on a network operating system (NOS) such as UNIX, NT or Win2K, or Novell. The underlying operating system is still present, so vulnerabilities and resource use of the operating system must be taken into consideration when implementing a this type of firewall.
  • Integrated firewalls – An integrated firewall is implemented by adding firewall functionality to an existing device.

Cisco provides a full lineup of firewall solutions. This course will help students design, install, and configure firewalls using IOS Firewall routers and PIX Security Appliances.

While the PIX Security Appliance and Cisco IOS Firewall will be the focus of this course, students should understand that other Cisco firewall options and other vendor firewalls are available. A basic understanding of the PIX Security Appliance and Cisco IOS Firewall should allow students to easily transition to other manufacturer firewalls if needed. While it is beyond the scope of this class to go into detail on these products, it is recommended that students familiarize themselves with each of them.