Chapter 6: IOS Firewall Feature Set - CBAC

Chapter 6: IOS Firewall Feature Set—CBAC


In this chapter, you will learn how to:

  • Recognize Cisco IOS Firewall security problems and solutions

  • Use Context-Based Access Control (CBAC)

  • Configure the Cisco IOS Firewall

  • Use the two methods of IOS Firewall Administration

With the growing awareness of, and commitment to, network security as the way to secure business transactions both internally and over the Internet, more and more businesses are recognizing that security concepts and features must be integrated into the network design and infrastructure.

According to Cisco advertising, 80 percent of the Internet backbone routers run Cisco IOS software, making it the most fundamental component of today’s network infrastructure. The Cisco IOS software-based security features, combined with the wide range of products supported, make it a logical solution for any organization’s end-to-end Internet, intranet, and remote access network security requirements.

This chapter looks at the key components of the IOS Firewall features, and compares the functionality and limitations to the PIX Firewall devices. PIX Firewall devices are introduced in the next chapter, and then expanded on later in the advanced PIX chapters.


The material in this chapter is part of the exam objectives for both the Managing Cisco Network Security (MCNS) and Cisco Secure PIX Firewall Advanced (CSPFA) exams.

Part III: Virtual Private Networks (VPNs)