Bob wants to go out to the internet, so he makes his request. Imagine a user on our internal network named Bob. Stateful inspection is the mechanism that allows the ASA to do so. When internal users make requests to the internet, an ASA saves session information so that when a valid response comes back, it can recognize and permit that traffic through.
It also means allowing valid requests from the internet to reach web servers.Īn ASA's default behavior may be to allow no packets through to either the inside zone or the DMZ, but it has a host of bells and whistles that make safe, valid interaction with the internet possible. Using the internet isn't optional for most companies - and that means users being able to leave the internal networks for the outside world and receiving replies. But you can imagine why that's usually not very useful. The only way to keep a network absolutely safe is to allow absolutely no connection to the internet. When a network has an ASA protecting it, outside traffic gets stopped before it can even make its way to any device on the network. And so the ASA, by default, says that any traffic trying to come in from the outside, whether that's a user, a server or a system, is going to be denied at the connection to the ASA. We all know that the outside world is a dangerous place. Imagine a network and give it an "inside" zone and a "de-militarized zone" (DMZ) of several servers that touch the internet, then put an ASA in-between the network and the Internet – protecting the entire network.
To understand what an ASA does on a network, let's picture one. A Cisco Adaptive Security Appliance, or ASA, is especially powerful because it bundles many features and capabilities into one network security device. Different hardware and software solutions offer unique protections. In the world of cybersecurity, there are many types of protection. But Cisco has also built ASAs to have highly intelligent and robust capabilities that can recognize permissible traffic of many different types. Rogue actors can't perform mischief if they never get in from the outside in the first place. Watch now How Does an ASA Secure a Network?Ī Cisco Adaptive Security Appliance's (ASA) default behavior is to prevent all external traffic from entering a network.
0 kommentar(er)
