Zone based firewall configuration
ehnde
Member Posts: 1,103
I am watching CBT Nuggets CCNA Security series and just saw Jeremy's ZBF configuration video. SDM sent over 300 lines of commands to the router. How does this work out in the real world? When you get up to CCSP are you expected to have that kind of stuff memorized on your exams?
Climb a mountain, tell no one.
Comments
-
instant000
Member Posts: 1,745
I am watching CBT Nuggets CCNA Security series and just saw Jeremy's ZBF configuration video. SDM sent over 300 lines of commands to the router. How does this work out in the real world? When you get up to CCSP are you expected to have that kind of stuff memorized on your exams?
LOL.
Some of that stuff those SDM wizards does is "extra" like you probably saw tons of "inspects" it added for you. While "extra" it is usually an attempt to provide you more security.
Try this, it goes over zone based firewalls, and the sample configs at the very bottom of the page are indeed less than 300 lines
Zone-Based Policy Firewall Design and Application Guide - Cisco SystemsCurrently Working: CCIE R&S
LinkedIn: http://www.linkedin.com/in/lewislampkin (Please connect: Just say you're from TechExams.Net!) -
SteveO86
Member Posts: 1,423
There are some more ZBF links from this previous thread
http://www.techexams.net/forums/ccna-security/63085-zone-based-firewall-policies.htmlMy Networking blog
Latest blog post: Let's review EIGRP Named Mode
Currently Studying: CCNP: Wireless - IUWMS -
phoeneous
Go ping yourself... Member Posts: 2,333 ■■■■■■■□□□
I am watching CBT Nuggets CCNA Security series and just saw Jeremy's ZBF configuration video. SDM sent over 300 lines of commands to the router. How does this work out in the real world? When you get up to CCSP are you expected to have that kind of stuff memorized on your exams?
It's not like that at all. SDM always bloats it up with overkill, which is why I suggest never configuring zbf with sdm. The whitepaper suggested by instant000 is a very good read.
