5-23
Cisco ICS 7750 System Description
78-10360-02
Chapter 5 Summary of Software Applications Features
External Software Applications
• VPN support—Combining Cisco IOS Firewall with Cisco IOS encryption
and QoS VPN features enables secure, low-cost transmissions over public
networks.
• Scalability—Cisco IOS Firewall scales to meet any network’s bandwidth and
performance requirements.
• Easier management—Using Cisco ConfigMaker software, network
administrators can configure Cisco IOS security features (including the
Cisco IOS Firewall, network address translation, and Cisco IPSec) from a
central console over the network.
Key Features
Table 5-10 lists key features supported by the Cisco IOS Firewall.
Table 5-10 Key Features of Cisco IOS Firewall
Feature Description
Context-based access control
(CBAC)
Provides internal users secure, per-application-based access
control for all traffic across perimeters, such as perimeters
between private enterprise networks and the Internet.
Intrusion detection Provides real-time monitoring, interception, and response to
network misuse with a broad set of the most common attack and
information-gathering intrusion detection signatures.
Authentication proxy Dynamic, per-user authentication and authorization for
LAN-based and dial-in communications; authenticates users
against industry-standard TACACS+ and RADIUS authentication
protocols; network administrators can set individual, per-user
security policies.
Denial-of-service detection and
prevention
Defends and protects router resources against common attacks;
checks packet headers, dropping suspicious packets.
Dynamic port mapping Allows network administrator to run CBAC-supported
applications on non-standard ports.
Java applet blocking Protects against unidentified, malicious Java applets.
