Table of Contents

A
C
D
E
F
G
I
N
P
R
S
T
U
W

index

A

approving command sets   11-23

C

checklist   11-2

generating and publishing command sets   11-2

security policy   1-10

Command Console panel

epilogue commands   11-21

prologue commands   11-21

tasks   11-23

approving command sets   11-23

entering epilogue commands   11-22

entering prologue commands   11-22

reviewing generated command sets   11-19

specifying command approval method   11-16

verifying the publishing status   11-24

command sets

generating   11-1, 11-17

publishing   11-1, 11-23

composite decision trees   9-7

consistency check   11-17

setting   11-17

D

decision trees   9-3

components of   1-2

understanding   9-3

Default Policies folder   8-3

documentation

feedback   xiv

E

epilogue commands   11-22

entering   11-22

Example Policies folder   8-2

F

folders   7-1

about   7-1

Default Policies   8-3

Example Policies   8-2

System Policies   8-3

tasks   7-2

creating   7-3

moving an object to or from   7-4

G

generating command sets   11-1

I

inheritance   10-4

N

network object groups   5-1

about   5-1

organizing   7-1

tasks   5-4

creating   5-4

modifying   5-6

Network Object Groups branch   5-1

network policy   11-17

updating   11-17

network service bundles   4-1

about   4-1

tasks

creating   4-2

modifying   4-4

organizing   7-1

Network Service Bundles branch   4-1

tasks

creating   4-2

modifying   4-4

Network Service Installation Wizard   3-3

network services   3-1

about   3-1

Network Services Library   3-2

Service Wizard   3-3

tasks

adding a service   3-4

defining a new service   3-5

modifying service settings   3-7

Network Services branch   3-1

tasks   3-4

defining a new service   3-5

modifying service settings   3-7

Network Services Library   3-2, 3-4

about   3-2

P

PIX Firewall

command support status   A-1

aaa command   A-1

alias command   A-1

arp command   A-1

auth-prompt command   A-1

conduit command   A-2

configure command   A-2

debug command   A-2

disable command   A-2

enable command   A-2

enable password command   A-2

established command   A-2

exit/quit command   A-2

failover command   A-3

filter command   A-3

fixup protocol command   A-3

floodguard command   A-3

global command   A-3

groom command   A-3

help command   A-3

hostname command   A-4

interface command   A-4

ip address command   A-4

kill command   A-4

link/linkpath/age command   A-4

logging command   A-4

mtu command   A-4

name/names command   A-4

nameif command   A-5

nat command   A-5

outbound/apply command   A-5

pager command   A-5

passwd command   A-5

ping command   A-5

radius-server command   A-5

reload command   A-5

rip command   A-6

route command   A-6

service command   A-6

session command   A-6

show command   A-6

snmp-server command   A-6

static command   A-6

syslog command   A-6

tacacs-server command   A-7

telnet command   A-7

terminal command   A-7

tftp-server command   A-7

timeout command   A-7

uauth command   A-7

url-cache command   A-8

url-server command   A-7

virtual command   A-8

who command   A-8

write command   A-8

xlate command   A-8

Policy Builder

about   9-1

components of the decision tree   1-2

destination-based policies   9-10

simple decision trees   9-7

source-based policies   9-10

strategies for creating policy   9-11

tasks   9-12

adding a node   9-12

changing node type   9-15

changing text color   9-28

copying fragments of policy   9-25

cutting fragments of policy   9-25

deleting a node   9-25

modifying node properties   9-16

pasting fragments of policy   9-25

specifying a service condition   9-21

specifying a source condition   9-17

specifying destination condition   9-17

specifying tunnel   9-23

understanding decision trees   9-3

Policy Distribution panel

definition of   11-5

deployment guidelines   11-6

selecting control for a Policy Enforcement Point   11-7

troubleshooting   11-8, 11-12

avoid loss of connectivity   11-10

crossover traffic examples   11-8

distribution ordering   11-12

policy domains   6-1

about   6-1

tasks   6-5

creating   6-5

moving a perimeter between   6-6

Policy Domains branch   6-1

Trusted policy domain   6-5

Unassigned policy domain   6-4

Untrusted policy domain   6-5

policy enforcement   10-1, 10-8

about   10-1

inheritance   10-4

policy evaluation rules   10-2

strategies   10-8

tasks

adding a network object   10-10

creating a folder   10-11

enforcing policy   10-12

Policy Enforcement branch   10-1, 10-10

inheritance   10-4

policy evaluation rules   10-2

tasks   10-10

adding a network object   10-10

enforcing policy   10-12

removing a policy   10-14

what to add   10-6

policy evaluation rules   10-2

Policy Update   11-17

automatic   11-15

changing the default   11-15

manual   11-15

Policy Update default   11-15

prerequisites   viii

prologue commands   11-22

entering   11-22

protocol definitions   2-1

about   2-1

configuring   2-3

protocol layers   2-2

protocol layers   2-2

publishing command sets   11-1

R

reviewing generated command sets   11-19

S

security policies   8-1

about   8-1

scope of   1-8

understanding   1-1

security policy abstracts   8-1

tasks

creating   8-4

modifying   8-5

organizing   7-1

Security Policy Abstracts branch   8-1

Default Policies folder   8-3

Example Policies folder   8-2

System Policies folder   8-3

tasks   8-4

creating a security policy abstract   8-4

modifying a security policy abstract   8-5

organizing security policy abstracts   7-1

service and support   xii

services   3-1

about   3-1

modifying service settings   3-7

Service Wizard   3-3

specifying a tunnel   9-23

System Policies folder   8-3

T

Technical Assistance Center

warranty or maintenance contract   xiii

U

updating policy   11-17

Use Tunnel node   9-23

specifying a tunnel   9-23

W

warranty   xiii

wizards

Network Services Library   3-2

Service Wizard   3-3

Posted: Mon Jun 5 19:56:17 PDT 2000
Copyright 1989 - 2000©Cisco Systems Inc.