Cisco SDWAN: Enterprise App Aware Firewall Configuration
Cisco SDWAN: Enterprise App Aware Firewall Configuration
⭐Amazon.com Best Deals Toys ⭐Amazon.com Best Deals Health⭐Amazon.com Best Deals Electronics ⭐Amazon.com Best Deals Video Games
The usage of the zones is defined in our prior article where we talked on the fundamentals of the Enterprise App Aware Firewall in Cisco SDWAN. In this section, we will discuss how to set them up on Cisco SDWAN vManage.
To understand the Cisco SDWAN's Enterprise App aware firewall you need to understand the zone-based model to inspect and control traffic based on applications or application families.
When data traffic flows are matched using any of the six available match criteria (Source port, destination port, protocol, application/application family, and source data prefix) on the vManage security policy dashboard, the Enterprise Firewall with App Aware policy, a localized security policy, enables stateful inspection of those flows.
Fig 1.1- Cisco SDWAN Firewall Zones |
⚡ Related : Cisco SD-WAN App-aware SLA Based routing in Action
⚡ Related : Enterprise App Aware Firewall in Cisco SDWAN
Lets stalk about how to setup the Enterprise App Aware Firewall Configuration through the Cisco vManage.
Step 1: vManage>> Configuration >> Security >> Add Security Policy ( click on the security policy) and you will see the below screen after that
Step 5: Once you applied the firewall rules, you need to apply the zone-pairs as shown below
Step 6: Save the zone based policy. we didn't add any rule here but adding the rule is easy as you did in the firewall using the source, source port, destination, destination port and the application list.
Continue Reading...
- Cisco ASR 1001-HX router as SDWAN router - The Network DNA
- Cisco ASR 1002-X router with NAT64 configurations - The Network DNA
- Cisco ASR 1002-X Basics - The Network DNA
- Cisco ASR 1000: CEF load Balancing Issue and Possible Solution
- Cisco Launches Cisco Catalyst 8000 Edge Platforms : SASE ready, SDWAN enabled
- Downgrade IOS-XE SD-WAN to IOS-XE - The Network DNA
- Redefining Connectivity with new Cisco Services Edge Platform
- Cisco SDWAN Resources - The Network DNA
- Cisco ASR 1001-X Router
- Cisco ASR Compare models- Hardware Comparison ( ASR 1000 Series feature set comparison)
- Cisco SD-WAN: Underlay Network vs Overlay Fabric
- Cisco SDWAN: TLOC & TLOC Carrier
- Cisco SDWAN: Breaking Down Communication Between TLOC Colors
- Cisco Viptela SDWAN: Packet Duplication
- Unify Your Remote Access with Cisco SD-WAN
- Port Channel on Cisco Catalyst 8300 SDWAN devices
- Cisco Viptela SDWAN: Part 1 Migration from vEdges to Catalyst 8500/8300 Routers
- Cisco SDWAN: Reset IOS-XE SDWAN router
- Finding the Right SD-WAN Vendor for Your Business