Security

Secure your router with Cisco's SDM Firewall Policy Wizard

Figure A

Last year, I introduced you to Cisco's Security Device Manager (SDM), a free Web-based utility to help manage your routers that comes preinstalled on new Cisco routers ("Learn the benefits of Cisco's Security Device Manager (SDM)"). Since then, Cisco has made a number of improvements to SDM.

One enhancement that you should know about is the Firewall Policy Wizard. You can use this wizard to create a firewall and edit access control lists (ACLs). Here's a closer look at how the Firewall Policy Wizard works.

Any router between a LAN and the Internet needs to have a firewall enabled to protect the network from malicious attacks. On a Linksys (or another less expensive or feature-rich) router, that "firewall" could be as simple as a single radial button. For example, Figure A shows how to enable the firewall on my Linksys home router.

This is pretty simple, but it doesn't offer any customization. And if you think about it, it probably doesn't make you feel too secure either.

7 comments
srjm
srjm

HI, I am trying to set up SDM on a 2801. When I get to Fig D medium and High are grayed out. How do I activate them?

estevaoberri
estevaoberri

How Can I disable firewall for msn and p2p?? I have a Cisco 877 with SDM 2.4

nmalik1664
nmalik1664

Can you download this program, and where would you download it from?

jkawyn
jkawyn

What dns server do i put in if im useing my router at home on roadrunner.

ddavis
ddavis

You would use your ISP's DNS Servers. Your PC or router will get this from DHCP, automatically, from the ISP (or at least you should). If your router does not, you can hook up your PC only, get the IP of the DNS server via DHCP, then connect the router and plug the IP in. I hope that helps! Thanks, David Davis Personal Website: www.HappyRouter.com

bstiff929
bstiff929

I see you did the walk-through on SDM 2.4, which defaults to Zone Firewall in the wizard (provided there's not already an 'ip inspect' firewall configured). Previous SDM versions included a firewall wizard, but they configured the classic FW. (SDM 2.4 was the first version to support the Zone-Based Policy Firewall). Many of the firewall configuration options must be found on the "additional tasks" section at the bottom of the left column. However, it beats configuring the Zone FW through the CLI...