Chapter 23
Configuring Network Security
Configuring the Cisco IOS Firewall Feature Set
Release 12.1(11b)E and later releases include firewall feature set images.
Note
These sections describe configuring the Cisco IOS firewall feature set on the Catalyst 6500 series
switches:
•
•
•
Cisco IOS Firewall Feature Set Support Overview
The firewall feature set images support these Cisco IOS firewall features:
•
•
•
These are the firewall feature set image names:
•
•
•
•
For more information about Cisco IOS firewall features, refer to the Cisco IOS Security Configuration
Guide, Release 12.1, "Traffic Filtering and Firewalls" online publications:
•
•
•
•
The following features are supported with and without the use of a Cisco IOS firewall image:
•
•
•
•
78-14099-04
Cisco IOS Firewall Feature Set Support Overview, page 23-5
Firewall Configuration Guidelines and Restrictions, page 23-6
Configuring CBAC on Catalyst 6500 Series Switches, page 23-7
Context-based Access Control (CBAC)
Port-to-Application Mapping (PAM)
Authentication Proxy
c6sup22-jo3sv-mz
c6sup22-po3sv-mz
c6sup12-jo3sv-mz
c6sup12-po3sv-mz
The "Cisco IOS Firewall Overview" chapter at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_c/scprt3/scdfirw
l.htm
The "Configuring Context-Based Access Control" chapter at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_c/scprt3/scdcbac
.htm
The "Configuring Authentication Proxy" chapter at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_c/scprt3/scdauth
p.htm
Cisco IOS Security Command Reference publication at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_r/index.htm
Standard access lists and static extended access lists
Lock-and-key (dynamic access lists)
IP session filtering (reflexive access lists)
TCP intercept
Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide—Release 12.1 E
Configuring the Cisco IOS Firewall Feature Set
23-5