Pages

Cissco ASA Version 8.4 new feature



Cisco has introduced the concept of Identity Firewall from its ASA version 8.4 (2). Traditionally, Cisco ASA/Pix policies are enforced using Access control list i.e. ACL. ACL allows or denies access to certail network based on the sources or destination network & port numbers. Suppose We want to  Source IP 192.168.100.1 to be able to access port 80 (HTTP) traffic on network 192.168.100.1. In that case we wpuld create an entry on ACL which allows 192.168.100.1 to access port 80 on 192.168.100.1


But now onwards with Cissco ASA Version 8.4 we can allow or deny network access based on the USER instead of source IP address. Suppose user abc wants to acccess https on 192.168.100.1, then we just need to create rule says abc can access http on 192.168.100.1. This is user based authentication..


We need to integrate Cisci ASA with Microsoft Active Directory (Radius) for User authentication..