Chapter 5 Summary of Software Applications Features
External Software Applications
5-24
Cisco ICS 7750 System Description
78-10360-02
VPNs, IPSec encryption, and QoS
support
Operates with Cisco IOS software encryption, tunneling, and QoS
features to secure VPNs.
Provides scalable, encrypted tunnels on the router while
integrating strong perimeter security, advanced bandwidth
management, intrusion detection, and service-level validation.
Standards based for interoperability: Supports Internet Protocol
Security (IPSec) encryption standards with both 56-bit Data
Encryption Standards (DES) and 168-bit Triple DES (3DES);
generic routing encapsulation (GRE); Layer 2 forwarding (L2F);
Layer 2 tunneling protocol (L2TP).
Real-time alerts Logs alerts for denial-of-service attacks or other preconfigured
conditions; configurable on a per-application, per-feature basis.
Audit trail Details transactions; records time stamp, source host, destination
host, ports, duration, and total number of bytes transmitted for
detailed reporting; configurable on a per-application, per-feature
basis.
Event logging Allows administrators to track potential security breaches or
other nonstandard activities in real time by logging system error
message output to a console terminal or syslog server, setting
severity levels, and recording other parameters.
Firewall management Wizard-based network configuration tool offers step-by-step
guidance through network design, addressing, and Cisco IOS
Firewall security policy configurations.
Integration with Cisco IOS
software
Interoperates with Cisco IOS features, integrating security policy
enforcement into the network.
Basic and advanced traffic filtering Standard and extended access control lists (ACLs) let you apply
access controls to specific network segments and define the traffic
permitted to pass through a network segment.
Policy-based multi-interface
support
Can control user access by IP address and interface as determined
by the security policy.
Redundancy/failover Automatically routes traffic to a backup router if a failure occurs.
Network address translation Hides internal network from the outside for enhanced security.
Table 5-10 Key Features of Cisco IOS Firewall (continued)
Feature Description
