5. What is Security?
•“The quality or state of being secure/to be free from
danger”
•multiple layers of security
–Physical security
–Personal security
–Operations security
–Communications security
–Network security
–Information security
11. VPN
•Virtual Private Network
•It is a Data Tunnel to pass safely without being
seen by hacker (attacker)
•VPN Types according to devices:
•1- Site-to-Site: No host used generally
•(router-router) (ASA-ASA) (router-ASA)
•2- Remote Access (router-host) (Server-client)
12. •VPN Types according to layers:
•IPSEC: L3 (IP) used for both site-to-site &
remote access
•SSL: Secure Socket Layer (TCP/L4) used for
remote access
23. WSA: Web Security Appliance
1. An internal user makes an HTTP request to an external website. The client
browser is configured to send the request to the Cisco WSA.
2. The Cisco WSA connects to the website on behalf of the internal user.
3. The firewall (Cisco ASA) is configured to only allow outbound web traffic from
the Cisco WSA, and it forwards the traffic to the web server.
24. Web Cache Communication Protocol (WCCP).
1. An internal user makes an HTTP request to an external website.
2. The internal router (R1) redirects the web request to the Cisco WSA using WCCP.
3. The Cisco WSA connects to the website on behalf of the internal user.
4. Also in this example, the firewall (Cisco ASA) is configured to only allow outbound
web traffic from the WSA. The web traffic is sent to the Internet web server.
32. ASA – Configuring ACL
•()#access-list cisco extended permit tcp any any
•()#access-list cisco extended permit icmp any any
•()#access-group cisco in interface outside
33. ASA – Configuring DHCP
•Be careful!!
•Delete the default configuration
•Convert the 2 PC from static to DHCP
•()#No dhcpd address 192.168.1.5-192.168.1.35 inside
•()#dhcpd address 172.16.1.5-172.16.1.6 inside
•()#dhcpd dns 8.8.8.8 interface inside