© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-1 Lesson 5 Configuring Inbound Access Thru a Cisco Security Appliance.

Slides:



Advertisements
Similar presentations
© 2004, Cisco Systems, Inc. All rights reserved.
Advertisements

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
Chapter 9: Access Control Lists
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Scaling the Network with NAT and PAT.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.
CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control Non e0e1 s server.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Cisco PIX 515E Firewall. Overview What a PIX Firewall can do Adaptive Security Algorithm Address Translation Cut-Through Proxy Access Control Network.
CISCO PIX FIREWALL Configuration for DCSL Tuan Anh Nguyen CSCI 5234 University of Houston Clear Lake Fall Semester, 2005.
Chapter 8 PIX Firewall. Adaptive Security Algorithm (ASA)  Used by Cisco PIX Firewall  Keeps track of connections originating from the protected inside.
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—7-1 Address Space Management Scaling the Network with NAT and PAT.
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 8 – PIX Security Appliance Contexts, Failover, and Management.
© 2002, Cisco Systems, Inc. All rights reserved..
© 1999, Cisco Systems, Inc Chapter 10 Controlling Campus Device Access Chapter 11 Controlling Access to the Campus Network © 1999, Cisco Systems,
Cisco PIX firewall Set up 3 security zones ***CS580*** John Trafecanty Jules R. Nya Baweu August 23, 2005.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
Access Control List ACL. Access Control List ACL.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
1 © 2004 Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 11 Access Control Lists (ACLs)
Access Control List (ACL)
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Access-Lists Securing Your Router and Protecting Your Network.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Page 1 Access Lists Lecture 7 Hassan Shuja 04/25/2006.
CIT 384: Network AdministrationSlide #1 CIT 384: Network Administration Access Lists.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
Saeed Darvish Pazoki – MCSE, CCNA Abstracted From: Cisco Press – ICND 2 – 6 IP Access Lists 1.
Page 1 Chapter 11 CCNA2 Chapter 11 Access Control Lists : Creating ACLs, using Wildcard Mask Bits, Standard and Extended ACLs.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 1 ver.2 Module 6 City College.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Chapter 10 Security. A typical secured network Recognizing Security Threats 1- Application-layer attacks Ex: companyname.com/scripts/..%5c../winnt/system32/cmd.exe?/c+dir+c:\
Firewalls & Network Monitoring Advanced Registry Operations Curriculum.
Verify that timestamps for debugging and logging messages has been enabled. Verify the severity level of events that are being captured. Verify that the.
© 2002, Cisco Systems, Inc. CSPFA 2.1—3-1 PIX Firewall.
Configuring the PIX Firewall Presented by Drew Spesard.
ACCESS CONTROL LIST.
Chapter 9: Implementing the Cisco Adaptive Security Appliance
Chapter 3 Managing IP Traffic. Objectives Upon completion of this chapter you will be able to perform the following tasks: Configure IP standard access.
Tracking Rejected Traffic.  When creating Cisco router access lists, one of the greatest downfalls of the log keyword is that it only records matches.
Firewall Matthew Prestifilippo, Bill Kazmierski, Pat Sparrow.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—7-1 Lesson 7 Access Control Lists and Content Filtering.
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—8-1 Lesson 8 Object Grouping.
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—6-1 Lesson 6 Translations and Connections.
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—13-1 Lesson 13 Switching and Routing.
Virtual Private Network Configuration
© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—6-1 Lesson 6 Object Grouping.
Lesson 4 © 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—4-1 Understanding Translations and Connections.
CCNA4 Perrine / Brierley Page 12/20/2016 Chapter 05 Access Control Non e0e1 s server.
Access Control List (ACL) W.lilakiatsakun. Transport Layer Review (1) TCP (Transmission Control Protocol) – HTTP (Web) – SMTP (Mail) UDP (User Datagram.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists.
© 2001, Cisco Systems, Inc. CSPFA 2.0—5-1 Chapter 5 Cisco PIX Firewall Translations.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
© 2001, Cisco Systems, Inc. CSPFA 2.0—6-1 Chapter 6 Configuring Multiple Interfaces.
© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—9-1 Lesson 9 Advanced Protocol Handling.
Only Two Ways through the PIX Firewall
Access Control Configuration and Content Filtering
Cisco IOS Firewall Context-Based Access Control Configuration
6.6 Firewalls Packet Filter (=filtering router)
Chapter 4: Access Control Lists (ACLs)
Access Control Lists CCNA 2 v3 – Module 11
Presentation transcript:

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-1 Lesson 5 Configuring Inbound Access Thru a Cisco Security Appliance

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-2 ACLs

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-3 Security Levels Revisited Security levels tag the security appliance interface with a number, 0 being the least secure and 100 being the most secure. Security levels enable the security appliance to identify whether a requested session is inbound or outbound: –An inbound session is a session from a less secure to a more secure interface. –An outbound session is a session from a more secure to a less secure interface. Outside Security Level 0 Inside Security Level 100 Internet More Secure Less Secure More Secure Less Secure Outbound Inbound

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-4 Security Appliance ACL Configuration Outside Inside Internet ACL for Inbound Access ACL for Outbound Access No ACL - Outbound permitted by default - Inbound denied by default Security appliance configuration philosophy is interface-based. Interface ACL permits and denies the initial incoming and outgoing packets on that interface. An ACL must describe only the initial packet of the application; return traffic does not need to be described. If no ACL is attached to an interface: –Outbound packet is permitted by default. –Inbound packet is denied by default.

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-5 ACL Usage Guidelines Higher to lower security level: –Use an ACL to restrict outbound traffic. –The ACL source address is the actual (untranslated) address of the host or network. Lower to higher security level: –Use an ACL to enable inbound traffic. –Use an ACL to restrict inbound protocols. –The ACL destination address is the mapped (translated) global IP address.

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-6 Inbound Traffic to DMZ Web Server There is no ACL, so by default, inbound access is denied. To permit inbound traffic, complete the following steps: Configure static translation for web server address Configure inbound ACL Apply ACL to outside interface Public Web Server Internet DMZ Inside Outside.2.1 Inbound X

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-7 Create a Static Translation for Web Server Public Web Server Internet DMZ Inside Outside Maps an inside private address to an outside public address fw1(config)# static (DMZ,outside)

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-8 access-list Command Public Web Server Internet DMZ Inside Outside Permit Inbound HTTP Permits outside HTTP traffic to access public web server fw1(config)# access-list aclout permit tcp any host eq www firewall(config)# access-list id [line line-number] [extended] {deny | permit} {protocol | object-group protocol_obj_grp_id}{host sip | sip mask | interface ifc_name | object-group network_obj_grp_id | any}{host dip | dip mask | interface ifc_name | object- group network_obj_grp_id | any}[log [[level] [interval secs] | disable | default]][inactive | time-range time_range_name]

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-9 access-group Command Public Web Server Internet DMZ Inside Outside.2.1 Apply ACL to outside interface fw1(config)# access-group aclout in interface outside Apply ACL to Interface firewall(config)# access-group access-list {in | out} interface interface_name [per-user-override]

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-10 show access-list Command fw1(config)# show access-list access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 4096) alert-interval 300 access-list ACLOUT; 4 elements access-list ACLOUT line 1 extended permit tcp host eq www (hitcnt=4) access-list ACLOUT line 2 extended permit tcp host host eq ftp (hitcnt=1) access-list ACLOUT line 3 extended permit tcp any host eq www (hitcnt=4) access-list ACLOUT line 4 extended deny ip any any (hitcnt=0) access-list ICMPDMZ; 1 elements access-list ICMPDMZ line 1 extended permit icmp host bastionhost any echo-reply (hitcnt=12) access-list ACLIN; 1 elements access-list ACLIN line 1 extended permit tcp any host eq www (hitcnt=0) ICMP DMZ ACL Inbound ACL Outbound Internet

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-11 clear access-list counters Command fw1(config)# clear access-list aclout counters fw1(config)# show access-list access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 4096) alert-interval 300 access-list ACLOUT; 4 elements access-list ACLOUT line 1 extended permit tcp host eq www (hitcnt=0) access-list ACLOUT line 2 extended permit tcp host host eq ftp (hitcnt=0) access-list ACLOUT line 3 extended permit tcp any host eq www (hitcnt=0) access-list ACLOUT line 4 extended deny ip any any (hitcnt=4) access-list ICMPDMZ; 1 elements access-list ICMPDMZ line 1 extended permit icmp host bastionhost any echo-reply (hitcnt=10) access-list ACLIN; 1 elements access-list ACLIN line 1 extended permit tcp any host eq www (hitcnt=19) Internet Web Server ACL Inbound ACL Outbound

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-12 Time Range Configuration Define a time when certain resources can be accessed. Apply defined time range to the ACL Web Server Internet DMZ Inside Enable Access 8 a.m to 5 p.m. 1 Aug to 30 Aug Temp Worker fw1(config)# time-range temp-worker fw1(config-time-range)# firewall(config)# time-range name

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-13 Time-Range Submode Define a time when certain resources can be accessed: –Absolute start and stop time and date –Recurring time range time and day of the week fw1(config)# time-range temp-worker fw1(config-time-range)# absolute start 00:00 1 August 2004 end 00:00 30 August 2004 fw1(config-time-range)# periodic weekdays 8:00 to 17:00 firewall(config)# time-range absolute [start ] [end ] periodic to Web Server Internet DMZ Inside Temp Worker Enable Access 8 a.m to 5 p.m. 1 Aug to 30 Aug

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-14 Time-based ACL Apply time range to an ACL fw1(config)# static (dmz,outside) fw1(config)# access-list aclin permit tcp host host eq www time-range temp-worker Web Server Internet DMZ Inside Temp Worker firewall(config)# access-list id [line line-number] [extended] {deny | permit} {protocol | object-group protocol_obj_grp_id}{host sip | sip mask | interface ifc_name | object-group network_obj_grp_id | any}{host dip | dip mask | interface ifc_name | object- group network_obj_grp_id | any}[log [[level] [interval secs] | disable | default]][inactive | time-range time_range_name] Enable Access 8 a.m to 5 p.m. 1 Aug to 30 Aug

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-15 Time-based ACL Example fw1(config)# static (dmz,outside) fw1(config)# access-list aclin permit tcp host host eq www time-range temp-worker fw1# show run time-range time-range temp-worker absolute start 00:00 1 August 2004 end 00:00 30 August 2004 periodic weekdays 8:00 to 17:00 fw1(config)# show clock 13:48: UTC Fri Jul fw1(config)# show access-list access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 4096) alert-interval 300 access-list aclin; 1 elements access-list aclin line 1 extended permit tcp any any eq www time-range temp- worker (hitcnt=0) (inactive) Web Server Internet DMZ Inside Temp Worker Enable Access 8 a.m to 5 p.m. 1 Aug to 30 Aug

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-16 ACL Logging Log option enabled for inbound ICMP to fw1(config)# access-list outside-acl permit icmp any host log 7 interval 600 firewall(config)# Syslog Server ACL Syslog Messages Internet access-list id [line line-number] [extended] {deny | permit} {protocol | object-group protocol_obj_grp_id}{host sip | sip mask | interface ifc_name | object-group network_obj_grp_id | any}{host dip | dip mask | interface ifc_name | object- group network_obj_grp_id | any}[log [[level] [interval secs] | disable | default]][inactive | time-range time_range_name]

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-17 access-list deny-flow-max and alert-interval Commands Specify the maximum number of concurrent deny-flows Specify the time interval at which to generate the message that the deny-flow limit has been reached fw1(config)# access-list deny-flow-max 1024 fw1(config)# access-list alert-interval 120 firewall(config)# access-list deny-flow-max n access-list alert-interval secs Syslog Server Msg Deny-Flow Reached Internet DOS Attack

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-18 ACL Line Number Insert ACE into existing ACL fw1(config)# access-list aclout line 4 permit tcp any host eq www fw1(config)# show access-list access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 4096) alert- interval 300 access-list aclout line 2 extended permit tcp any host eq www (hitcnt=0) access-list aclout line 3 extended permit tcp any host eq www (hitcnt=0) access-list aclout line 4 extended permit tcp any host eq www (hitcnt=0) access-list aclout line 5 extended permit tcp any host eq www (hitcnt=0) Insert access-list id [line line-number] [extended] {deny | permit} {protocol | object-group protocol_obj_grp_id}{host sip | sip mask | interface ifc_name | object-group network_obj_grp_id | any}{host dip | dip mask | interface ifc_name | object-group network_obj_grp_id | any}[log [[level] [interval secs] | disable | default]][inactive | time-range time_range_name]

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-19 fw1(config)# show access-list access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 4096) alert- interval 300 access-list aclout line 1 remark web server http access-list access-list aclout line 2 extended permit tcp any host eq www (hitcnt=0) access-list aclout line 3 remark web server http access-list access-list aclout line 4 extended permit tcp any host eq www (hitcnt=0) ACL Comments Inserts ACL comment fw1(config)# access-list outside line 1 remark web server http access-list firewall(config)# access-list id [line line-num] remark text

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-20 Inbound HTTP Access Solution Permits outside HTTP traffic to access public web server fw1(config)# static (DMZ,outside) fw1(config)# access-list aclout permit tcp any host eq www fw1(config)# access-group aclout in interface outside Public Web Server Internet DMZ Inside Outside Inbound

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-21 Inbound HTTPS Access Solution Permits outside HTTPs traffic to access e-banking web server fw1(config)# static (DMZ,outside) fw1(config)# access-list aclout permit tcp any host eq https fw1(config)# access-group aclout in interface outside E-Banking Web Server Internet DMZ InsideOutside Inbound

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-22 icmp Command Enables or disables pinging to an interface All ping requests denied at the outside interface and all unreachable messages permitted at the outside interface fw1(config)# icmp permit any echo-reply outside fw1(config)# icmp permit any unreachable outside firewall(config)# icmp {permit | deny} ip_address net_mask [icmp- type] if_name Outside Inside Internet ICMP Echo ICMP Unreachable X

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-23 Internet /24 VPN (NAT 0) /24 SOHO Web (NAT) Identify site-to-site traffic that is not to be translated Commands that include an ACL enable you to: Identify traffic flow via an ACL Apply a command to the identified traffic flow Corporate Office Other ACL Uses: nat 0 Plus acl Command access-list VPN-NO-NAT permit ip nat (inside) 0 access-list VPN-NO-NAT nat (inside) 1

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-24 Policy NAT: nat Plus acl Command pix1(config)# access-list company_a permit tcp host eq www pix1(config)# nat (inside) 10 access-list company_a pix1(config)# global (outside) netmask pix1(config)# access-list company_b permit tcp host eq www pix1(config)# nat (inside) 11 access-list company_b pix1(config)# global (outside) netmask Internet Company A Company B ABC Corp.

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-25 Other Commands Plus acl Corporate Office /24 VPN Branch Office /24 Web Server Internet Authentication Identify traffic to be encrypted Identify traffic (ACL) to be authenticated Internet access-list 110 permit tcp any host eq www aaa authentication match 110 outside NY_ACS access-list 101 permit ip crypto map FW1MAP 10 match address 101

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-26 Malicious Active Code Filtering

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-27 Java Applet Filtering Java programs can provide a vehicle through which an inside system can be invaded. Java applets are executable programs that are banned within some security policies. Java applet filtering enables an administrator to prevent the downloading of Java applets by an inside system.

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-28 ActiveX Blocking ActiveX controls are applets that can be inserted in web pages or other applications. ActiveX controls can provide a way for someone to attack servers. Cisco security appliances can be used to block ActiveX controls.

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-29 ActiveX filter Command fw1(config)# filter activex Specifies that the ActiveX blocking applies to web traffic on port 80 from any local host and to any foreign host Engineering Executive Marketing DMZ Internet Block ActiveX

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-30 URL Filtering

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-31 HTTP URL Filtering Websense and N2H2 HTTP URL-filtering applications can be used to block the responses of specific URLs. URL filtering can be configured on the security appliance. -Designate a URL- filtering server -Enable filtering URL-filtering Server Request Access to Deny Access Web Server Internet X

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-32 firewall(config)# url-server [(if_name)] vendor websense host local_ip [timeout seconds] [protocol {TCP | UDP |connections num_conns] | version] Designate the URL-filtering Server Designates a server that runs a Websense URL-filtering application fw1(config)# url-server (dmz) vendor n2h2 host protocol TCP firewall(config)# url-server [(if_name)] vendor n2h2 host local_ip [port number] [timeout seconds] [protocol {TCP | UDP [connections num_conns]}] Designates a server that runs an N2H2 URL-filtering application URL-filtering Server TCP X

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-33 X Enable HTTP URL Filtering Prevents users from accessing URLs that are designated with the URL-filtering application firewall(config)# fw1(config)# filter url http allow filter url {[port[-port] | except } local_ip local_mask foreign_ip foreign_mask] [allow] [cgi-truncate] [longurl-truncate | longurl-deny] [proxy-block] URL-filtering Server Filter HTTP: All Hosts

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-34 HTTPS and FTP Filtering Prevents users from accessing HTTPS and FTP URLs that are designated with the Websense-based URL-filtering application firewall(config)# fw1(config)# filter https allow filter https {[port[-port] | except } local_ip local_mask foreign_ip foreign_mask] [allow] URL-filtering Server HTTPS and FTP Filtering (Websense Only) X

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-35 URL-filtering Configuration Example Designate URL server Enable filtering fw1(config)# url-server (dmz) vendor websense host timeout 10 protocol TCP version 4 fw1(config)# filter url http allow URL-filtering Server Request Access to Deny Access web server Internet X

© 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—5-36 ACLs enable you to determine which systems can establish connections through your security appliance. With ICMP ACLs, you can disable pinging to a security appliance interface so that your security appliance cannot be detected on your network. The security appliance can be configured to filter malicious active code. The security appliance can work with URL-filtering software to control and monitor Internet activity. Summary

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.