Support User Manuals

Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

45-23

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 45 Managing Firewall Devices

Configuring Firewall Device Interfaces

Name Provide an identifier for this interface of up to 48 characters in length. The

name should be a memorable name for the interface that relates to its use.

However, if you are using failover, do not name interfaces that you are

reserving for failover communications; this includes an EtherChannel

intended for failover, as well as its member interfaces. Also, do not name

interfaces intended for use as a member of a redundant-interface pair.

Certain names are reserved for specific interfaces, in accordance with the

interface naming conventions of the security appliance. As such, these

reserved names enforce default, reserved security levels, as follows:

• Inside – Connects to your internal network. Must be the most secure

interface.

• DMZ – “Demilitarized zone” attached to an intermediate interface.

DMZ is also known as a perimeter network. You can name a DMZ

interface any name you choose. Typically, DMZ interfaces are prefixed

with “DMZ” to identify the interface type.

• Outside – Connects to an external network or the Internet. Must be the

least secure interface.

Similarly, a subinterface name typically identifies its associated interface, in

addition to its own unique identifier. For example, DMZoobmgmt could

represent an out-of-band management network attached to the DMZ

interface.

Note Again, do not name the interface if you intend to use it for

failover, or as a member of a redundant interface. See Chapter 49,

“Configuring Failover” and Configuring Redundant Interfaces,

page 45-7 for more information.

Security Level Specify the security level of the interface: enter a value between 0 (least

secure) and 100 (most secure). The security appliance lets traffic flow freely

from an inside network to an outside network (lower security level). Many

other security features are affected by the relative security level of two

interfaces.

• The outside interface is always 0.

• The inside interface is always 100.

• DMZ interfaces are between 1 and 99.

Table 45-3 General tab: Add/Edit Interface Dialog Box (Continued)

Element Description

previous next