Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
746
Views
5
Helpful
3
Replies

Benefits of using a ASA and a IOS Firewall?

Tom101
Level 1
Level 1

‎11-16-2022 11:17 AM

My college professor has asked me to design a network (on packet tracer) that uses a ASA firewall, as well as a IOS Router Firewall to protect the DMZ. As shown in the screenshot.

I'm struggling to understand why we would need a combination of different firewalls to protect the DMZ.

Can anybody be helpful enough to explain why? Thank you. 

 

Labels:
Preview file
98 KB
0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎11-16-2022 01:08 PM

High level :

As per the diagram, your IOS router does the basic feature of ACL to stop the traffic and do NAT from inside to outside.

Always having more layers in the network is the best security to protect the network. DMZ is exposed to the internet and FW is stateful (compared to IOS Router FW is just ACL).

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Tom101
Level 1
Level 1
In response to balaji.bandi

‎11-16-2022 03:50 PM

Thank you for your reply. I think my professor wants us to use a zone based firewall on the IOS router, as well as ACLs. 

From my limited experience with networking, it's not making much sense by having two different firewalls set up right next to each other.

The layers of security makes sense but this seems like an odd setup, unless i'm missing something.

MHM Cisco World
VIP
VIP
In response to Tom101

‎11-17-2022 01:08 PM

Hi Friend, 
the Zone Firewall will drop the  a lot of DDoS toward your network.
ASA will only filter trraffic and Op can use for VPN. 

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card