Skip to main content

New to Cisco Firewalling - Approach?

More
16 years 5 months ago #26609 by Harry_Hard
Hi there everybody,

Well, first lets introduce myself - i am from Vienna/Austria and yeah well, relatively new to Cisco Eqipment Configuration. In Fact I just started preparing myself for CCNA Exam and i'd be glad if i could participate with you in your Free Cisco Lab.

And well, here's my first question, which may be a little bit weird. We got a new Firewall in our Company, a Cisco ASA 5510 Security Plus Appliance, and the Guy who's assigned to configure it is - guess who - well yeah, it's me. The Problem is I never ever configured a Cisco Component in my whole Life. Neither a Switch or a Router and a Firewall least of all. I know maybe some 5 IOS-Commands and that's it. Neither am I familiar with ASMD. I started reading the including Basic Instrunction today, which is very very basic, and then I downloaded the ASDM 5.0 and IOS Reference for ASA 7.1 and both Cisco Manuals are about 2000 Pages thick. It's daunting one can say. Now my very simple but strange Question is, what Approach would you recommend me to master it.

At your Home-Site i found a Link to a Video by CiscoPress posted by User Chris:

www.ciscopress.com/bookstore/product.asp?isbn=1587201984

Would you recommend it? I searched for some Books, before we got the Firewall delivered, however - but didnt find anything useful for Beginners, what I definately am. However, if there is no good Book out there, I'll start working trough both Manuals downloaded from Cisco.

Cheers.
More
16 years 5 months ago #26614 by Chojin
within the ASDM you can configure the most things you would need.

If you need a quick guide just install the ASDM as instructed in your manual and configure the box by ASDM.

Keep in mind things like

-routing
-interfaces (ip/subnet mask)
-vpn tunnels
-user accounts for maintenance.

This should cover a big pile I think.


-Set up basic features
-Expand your config to your needs

CCNA / CCNP / CCNA - Security / CCIP / Prince2 / Checkpoint CCSA
More
16 years 5 months ago #26620 by TheBishop
Try to build things up a layer at a time. First set up all the interfaces and routing you need so you have the box passing all traffic without restriction. Then make sure you've got all your administrative users set up. Then any monitoring, alerting, logging etc you will want. Then you need to sit down with others and define/describe your security policy for the organisation - what will be allowed to talk to what and where using what protocol(s), and what won't. Then plan the commands you'll need to implement this, preferably broken down into testable stages so you can proceed a step a a time and back out easily. Then do it. And finally, when it's all working, back it up. Your plan will obviously need to be more detailed and specific than this but this should give you a start
Time to create page: 0.128 seconds