Security Policy Overview - Cisco 7604 Configuration Manual

Chapter 1 Introduction to the Firewall Services Module
Table 1-1 New Features for FWSM Version 4.1(1) (continued)
Feature
Turning on/off names in
Syslog messages
Shared Management
Interface in Transparent
Mode
Teardown Syslog
Enhancement
SNMP Buffer
enhancement
Troubleshooting Features
Crashinfo enhancement

Security Policy Overview

A security policy determines which traffic is allowed to pass through the firewall to access another
network. The FWSM does not allow any traffic to pass through unless explicitly allowed by an access
list. You can apply actions to traffic to customize the security policy. This section discusses some
commonly-used features; not all features are listed here. This section includes the following topics:
•
•
•
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
OL-20748-01
Description
This feature enables users to choose whether or not to apply name translation while generating
syslogs to the console, syslog server, and FTP syslog server.
The following command was introduced: logging names.
You can now add a management VLAN that is not part of any bridge group. This VLAN is
especially useful in multiple context mode where you can share a single management VLAN across
multiple contexts.
The following command was introduced for transparent mode: management-only
New syslogs were added for when a connection is torn down.
The following syslog messages were introduced: 302030 through 33.
With this enhancement, SNMP requests will be handled more efficiently, so that the allocated
blocks for SNMP are freed up quickly, thus leaving enough blocks for other processes.
No commands were modified.
The crashinfo enhancement improves the reliability of generating crash information.
No commands were modified.
Permitting or Denying Traffic with Access Lists, page 1-4
Applying NAT, page 1-4
Protecting from IP Fragments, page 1-4
Security Policy Overview
1-3