From the course: Cisco CCNP SCOR Security (350-701) Cert Prep: 1 Security Concepts and Network Security

Unlock this course with a free trial

Join today to access over 22,400 courses taught by industry experts.

Deployment models and architectures

Deployment models and architectures

- [Instructor] Now that we've taken a look at some security solutions for firewall and IPS capability, let's discuss some different deployment models available, starting with the Cisco ASA. With the ASA we have two basic modes of deployment which are Routed Firewall Mode and Transparent Firewall Mode. Traditionally, we think of a firewall in routed mode and that means that the ASA is seen as a router hop in the network. This is the default mode with a Cisco ASA. Each interface on the firewall would be a different subnet that you would route between. Because the ASA is acting as an extra hop between these networks, this is a way that we can separate and protect those individual subnets. Commonly, we also use network address translation here to protect the original IP addressing scheme used in the network. Routed mode firewalls take a little more planning and configuration to deploy, which is why we sometimes use transparent firewall mode. A firewall in transparent mode is not seen as a…

Contents