Configuring CBAC
This section will discuss the configuration of CBAC.
Several steps are required to make CBAC effectively secure the corporate network:
Step 1. |
Choose an interface.
|
Step 2. |
Configure IP access lists on the interface.
|
Step 3. |
Configure global timeouts and thresholds.
|
Step 4. |
Define inspection rules and apply the inspection rule to the interface.
|
Step 5. |
Configure logging and audit trail.
|
Each of these will be discussed in turn.
Choose an Interface
The first step of configuring CBAC poses the administrator with a dilemma: Should CBAC be configured on the inside or outside interface? Should a demilitarized zone (DMZ) be created? No matter what configuration is ultimately chosen, one direction should always be configured first. ...
Get Cisco® Secure Internet Security Solutions now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
