Sunday, March 20, 2011
The last week or so I have been reading through chapter 3 in the IINS book which covers access lists (ACLs) using both the CLI (command line interface) and SDM (Security Device Manager). Of course most of the configuration is based off of SDM but most people will use CLI in the real world including my self. I'm near the end of the chapter which digs into Zone-Based Policy Firewall which confuses me still to be honest. I understand the high level view of it which involves around creating zones with multiple interfaces/devices to be inspected with traffic instead of assigning a different ACL per interface which can become complex. I'm sure I'll have this concept nailed down within the next few months.
I'm actually putting some of this security stuff into use already which is nice, I've taken over configuring Cisco 880 routers with VPN connectivity for our home users. Also after our UCS upgrade, I plan on streamlining alot of our IOS configuration and implementing all of our Cisco devices with AAA using the ACS server that we have.