Applying Application Inspection; Applying Connection Limits; How The Firewall Services Module Works With The Switch - Cisco 7604 Configuration Manual
Catalyst 6500 series switch and cisco 7600 series router firewall services module configuration guide using the cli
Hide thumbs
Also See for 7604:
- Configuration manual (1011 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Chapter 1
Introduction to the Firewall Services Module
Applying Application Inspection
Inspection engines are required for services that embed IP addressing information in the user data packet
or that open secondary channels on dynamically assigned ports. These protocols require the FWSM to
perform a deep packet inspection.
Applying Connection Limits
You can limit TCP and UDP connections and embryonic connections. Limiting the number of
connections and embryonic connections protects you from a DoS attack. The FWSM uses the embryonic
limit to trigger TCP Intercept, which protects inside systems from a DoS attack perpetrated by flooding
an interface with TCP SYN packets. An embryonic connection is a connection request that has not
finished the necessary handshake between source and destination.
How the Firewall Services Module Works with the Switch
You can install the FWSM in the Catalyst 6500 series switches and the Cisco 7600 series routers with
Cisco IOS software on both the switch supervisor and the integrated MSFC (known as "supervisor
IOS").
Note
The Catalyst Operating System (OS) is not supported.
The FWSM runs its own operating system.
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
OL-20748-01
How the Firewall Services Module Works with the Switch
1-5
- Quick Links:
- C H a P T E...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
