search

Cisco PIX-515-RPS - PIX 515-R - Firewall Manuel d'utilisateur Page 9

  • Télécharger
  • Ajouter à mon manuel
  • Imprimer
  • Page
    / 28
  • Table des matières
  • MARQUE LIVRES
    • Noté. / 5. Basé sur avis des utilisateurs
Vue de la page 8
9
Cisco PIX Security Appliance Release Notes Version 7.2
OL-10104-01
New Features
For more information, see the “Skinny (SCCP) Inspection” section in the Cisco Security Appliance
Command Line Configuration Guide. For a complete description of the command syntax, see the Cisco
Security Appliance Command Reference.
SIP IP Address Privacy
This feature allows you to retain the outside IP addresses embedded in inbound SIP packets for all
transactions, except REGISTER (because it is exchanged between the proxy and the phone), to hide the
real IP address of the phone. The REGISTER message and the response to REGISTER message will be
exempt from this operation because this message is exchanged between the phone and the proxy.
When this feature is enabled, the outside IP addresses in the SIP header and SDP data of inbound SIP
packets will be retained. Use the ip-address-privacy command to turn on this feature.
For more information, see the “SIP Inspection” section in the Cisco Security Appliance Command Line
Configuration Guide. For a complete description of the command syntax, see the Cisco Security
Appliance Command Reference.
Remote Access and Site-to-Site VPN
This section includes the following topics:
Network Admission Control, page 9
L2TP Over IPsec, page 10
OCSP Support, page 10
Active RIP Support, page 11
Multiple L2TP Over IPsec Clients Behind NAT, page 11
Nokia Mobile Authentication Support, page 11
Zonelabs Integrity Server, page 11
Hybrid XAUTH, page 11
IPsec Fragmentation and Reassembly Statistics, page 12
Network Admission Control
Network Admission Control (NAC) allows you to validate a peer based on its state. This method is
referred to as posture validation (PV). PV can include verifying that the peer is running applications with
the latest patches, and ensuring that the antivirus files, personal firewall rules, or intrusion protection
software that runs on the remote host are up to date.
An Access Control Server (ACS) must be configured for Network Admission Control before you
configure NAC on the security appliance.
As a NAC authenticator, the security appliance does the following:
Initiates the initial exchange of credentials based on IPsec session establishment and periodic
exchanges thereafter.
Relays credential requests and responses between the peer and the ACS.
Enforces the network access policy for an IPsec session based on results from the ACS server.
Supports a local exception list based on the peer operating system, and optionally, an ACL.
Vue de la page 8
1 2 3 4 5 6 7 8 9 10 11 12 13 14 ... 27 28

Commentaires sur ces manuels

Pas de commentaire
Produits connexes et manuels pour Systèmes de contrôle d'accès de sécurité Cisco PIX-515-RPS - PIX 515-R - Firewall
Systèmes de contrôle d'accès de sécurité Cisco PIX 525 Spécifications   (604 pages)
  • Dranetz Crate Amplifiers Engelholm audio Quick-cable Pioneer Industrial
  • LC-Power Unités d'alimentation électrique Innovaphone Adaptateurs téléphoniques VoIP Navman Navigateurs Cub Cadet Tracteur Bennett Marine Non
  • Bosch MUZ5CC2 HP DreamColor Z32x Professional Display LG DP450 Securitron M380BD Samsung MM-D330D
  • D-Link DWL-7100AP Manuel de l'utilisateur Samsung SGH-I780 Manuel de l'utilisateur Asus UX52VS Manuel de l'utilisateur Casio AP-270 Manuel MSI 845PE Neo Manuel d'instructions