Chapter 4 - Implementing Firewall Technologies

Access control lists (ACLs) are widely used in computer networking and in network security for mitigating network attacks and controlling network traffic.

It is important to understand the different types of firewalls and their specific capabilities, so that the right firewall is used for each situation.

Context-based access control (CBAC) is a solution available within the Cisco IOS Firewall. CBAC intelligently filters TCP and UDP packets based on Application Layer protocol session information (stateful information).

In this model of firewalls, interfaces are assigned to zones an dthen an inspection policy is applied to traffic moving between the zones.