Friday, June 22, 2012

Configuring Cisco ZFW - Cisco Zone Based Firewall

The concept of Cisco Zone Based Firewall (ZFW) is very simple yet can quickly turn into a giant two headed dog if you don't understand how to design it. ZFW basically classifies interfaces into security zones and Intra-zone interfaces can pass traffic freely between each other however traffic between Inter-zone interfaces is restricted by default. A quick example can shed more light on this concept.

Consider the simple topology below and let's get started.