Скачать презентацию
Идет загрузка презентации. Пожалуйста, подождите
Презентация была опубликована 10 лет назад пользователемВладлена Чаадаева
1 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Chapter 18 Enterprise PIX Firewall Maintenance
2 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Objectives
3 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Objectives Upon completion of this chapter, you will be to complete the following tasks: Define key features and concepts of the AUS. Install the AUS. Configure the AUS to perform the following: –Update PIX Firewall configuration files and upgrade images. –Remotely manage dynamically addressed PIX Firewalls.
4 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Introduction to the Auto Update Server
5 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA What Is the AUS? The AUS is a web-based application that facilitates the maintenance of PIX Firewalls. AUS
6 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Supported Devices The AUS supports PIX Firewalls with operating systems running version 6.0 and higher. In addition to software requirements, the AUS supports the following hardware: –PIX Firewall 501 –PIX Firewall 506E –PIX Firewall 515E –PIX Firewall 525 –PIX Firewall 535
7 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Installation Overview CiscoWorks Common Services is required for the AUS. Common Services provides the CiscoWorks with server based components, software libraries, and software packages developed for the AUS.
8 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Installation Requirements Hardware –IBM PC-compatible computer with 1-GHz or faster CPU –Color monitor capable of viewing 256-colors –CD-ROM drive –10-BaseT or faster network connection Memory1 GB of RAM minimum Disk drive space –9 GB minimum –Fat32 or NTFS file system (NTFS recommended for security reasons) –2 GB of virtual memory Software –Windows 2000 Server or Professional, with Service Pack 2 –Open Database Connectivity (ODBC) Driver Manager or later
9 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Client Access Requirements Hardware –IBM PC-compatible computer with 300 MHZ or faster CPU – 10-BaseT or faster network connection Software –Windows 98, or –Windows NT 4.0, or –Windows 2000 Professional with Service Pack 2, or –Windows 2000 Server/Advanced Server with Service Pack 2, or –Windows XP Professional Memory256 MB of RAM minimum Disk drive space400 MB virtual memory BrowserInternet Explorer 5.5 or later
10 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Installation Process
11 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Installation Process (cont.)
12 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA PIX Firewall Preparation and AUS Communication Settings
13 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA PIX MC and AUS Communication PIX MC AUS Config file
14 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA AUS Activation To activate AUS, you need to configure the following settings for the PIX Firewall on the PIX MC: Bootstrap the PIX Firewall. Import the PIX Firewall into the PIX MC. Configure the settings that the PIX Firewall will use to contact the AUS. Configure the method of identification to be used between the PIX Firewall and the AUS. Configure the information that PIX MC will use to contact the AUS for the selected group or device. Configure deployment of configuration files to the AUS for the selected group or device.
15 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA AUS and PIX Firewall Communications Choose Configure>Settings>Servers and Services>Auto Update Server.
16 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA PIX Firewall Unique Identity Choose Configure>Settings>PIX Firewall Administration>Unique Identity.
17 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA AUS Contact Information Choose Configure>Settings>PIX MC Controls>Auto Update Server Contact.
18 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA PIX Firewall Configuration Deployment Choose Configure>Settings>PIX MC Controls>Deployment.
19 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Getting Started
20 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA CiscoWorks Login
21 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA AUS Interface Object Bar Page Instructions Path BarOptions BarTabsTools
22 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Devices, Images, and Assignments
23 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA AUSDevices
24 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA AUSImages
25 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA AUSAssignments
26 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA AssignmentsImages to a Device Choose Assignments>Images to a Device.
27 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA AssignmentsImages to a Device (cont.)
28 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA AssignmentsAn Image to Devices Choose Assignments>Assign an Image to Devices.
29 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Reports and Administration
30 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA ReportsSystem Information Choose Reports>System Info Report.
31 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA ReportsEvent Report Choose Reports>Event Report.
32 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA AdminNAT Settings Choose Admin>NAT Settings.
33 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA AdminAUS Database Password Change Choose Admin>AUS Database Password Change.
34 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Summary
35 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Summary The AUS provides a web-based interface for: Upgrading PIX Firewall software images. Upgrading PIX Device Manager images. Managing and deploying PIX Firewall configuration files.
36 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Lab Exercise
37 © 2003, Cisco Systems, Inc. All rights reserved. CSPFA Q P.0 Lab Visual Objective.2.1 Student PC Syslog server PIX Firewall Web/FTP PIX Firewall.1 Remote : 10.1.P.11 Local: 10.0.P.11 Remote: 10.1.Q.11 Local: 10.0.Q P Q.0 RTS.100 RTS.100 Pods 1–5 Pods 6– Web/FTP RBB.2 bastion host: Web FTP P Q.0 bastionhost: Web FTP.1 Student PC Syslog server
Еще похожие презентации в нашем архиве:
© 2024 MyShared Inc.
All rights reserved.