Explain Cisco ASA security level with practical example


Explain Cisco ASA security level with practical example

In this article we learn about what is security level of cisco ASA firewall ,different types of security levels, different types of security zones and explain all the above concern with practical example.

What is Cisco ASA security level

Cisco ASA security value describes which interface is more trusted than the other interface based on security level. More  security level indicated most trusted interface among the other interface. We can also define the security zone based on the security level.

Types of Cisco ASA security levels

There are three types of security levels.

Security level 100 is the highest security level on the Cisco ASA firewall and by default it it assigned the inside interface of the cisco ASA firewall. As it has highest security level traffic from internal network can roam any where.

Security level 0 is the lowest security level on the  cisco ASA firewall and by default it is assigned to the outside interface of the cisco ASA firewall. As it is lowest security level traffic from the outside interface  can not reach the internal network unless we apply policy within the access-list.

Security level<1-99> is the another security level you can create any security level. Lets take an example suppose we create a DMZ zone and give one security level which is 50.traffic from the DMZ zone move to outside interface  and traffic from the inside interface move to DMZ zone but traffic from the DMZ zone can not reach to inside interface because inside interface has security level which is higher the security level of DMZ zone.

Explain Cisco ASA security level with practical example

                    Explain Cisco ASA security level with practical example



Types of Cisco ASA security zones


There are three types of zones based on the security level of the cisco ASA firewall.

One is the inside zone ,you can say it is the internal network of an organization . it is more secured zone because  by default its security level is 100. More security level indicates the most trusted interface as well as zone. User can send traffic any where from this zone.

Second is DMZ zone where all web servers as well as ftp servers are located. Traffic from the inside zone can reach DMZ zone but traffic from the DMZ zone can not reach to inside zone but traffic from the DMZ zone can reach to outside zone.

Third is outside zone which is less secure zone as its security level is 0.traffic from the outside zone can not reach to DMZ zone as well as inside zone unless we apply policy within the access-list.


SHARE

Admin

  • Image
  • Image
  • Image
  • Image
  • Image
    Blogger Comment
    Facebook Comment

0 comments:

Post a Comment