A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

Firewalls have been a first line of defense in network security for over 25 years. They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet. A firewall can be hardware, software, or both. [1]

Figure 1. The Features of Cisco IOS Firewall

Figure 1 shows The Cisco IOS Firewall feature set is an optional security solution integrated into the network through selecting the correct Cisco IOS software. The integration of the firewall features into the IOS means the organization security policy can be implemented and enforced throughout the network. Whether securing the links between departments or partner networks, or between the organization and the Internet, the IOS implementation allows for an end-to-end security solution that can grow and change with the organization.

The Cisco IOS Firewall is also completely interoperable with, and often enhances, other features, such as AAA, NAT, Cisco encryption technology (CET), and system logging, as well as standard and extended access control list features, such as Time-Based and Lock in Key. [2]

Cisco IOS firewall features to configure your Cisco IOS router as:

• An Internet firewall or part of an Internet firewall
• A firewall between groups in your internal network
• A firewall providing secure connections to or from branch offices
• A firewall between your company network and your company partners networks

Cisco IOS firewall features provide the following benefits:

• Protects internal networks from intrusion
• Monitors traffic through network perimeters
• Enables network commerce using the World Wide Web
• At a minimum, you must configure basic traffic filtering to provide a basic firewall. You can configure your Cisco 7200 series router to function as a firewall by using the following Cisco IOS security features:
• Static access lists and static or dynamic extended access lists
• Lock-and-key (dynamic extended access lists)
• Reflective access lists
• TCP intercept
• Context-based access control
• Security server support
• Network address translation
• Cisco Encryption Technology
• IPSec network security
• Neighbor router authentication
• Event logging
• User authentication and authorization [3]

References:

1. https://www.cisco.com/c/en_in/products/security/firewalls/what-is-a-firewall.html
2. http://etutorials.org/Networking/Cisco+Certified+Security+Professional+Certification/Part+II+Securing+the+Network+Perimeter/Chapter+6+IOS+Firewall+Feature+Set+-+CBAC/Introduction+to+Cisco+IOS+Firewall/
3. https://blog.octanetworks.com/configuring-cisco-ios-firewall-features/

Cite this article:

Thanusri swetha J (2021), Features of Cisco IOS Firewall, AnaTechmaz, pp. 42