Understanding Authentication Proxy

Authentication proxy is one of the core components of the Cisco IOS Firewall feature set. Prior to the implementation of authentication proxy, access to a resource was normally restricted by the IP address of the requesting source, and a single policy was applied to that source or network using an access control list (ACL). There was no way to ensure that only authorized users had physical access to the workstation or that unauthorized users were not attempting to access a resource outside of their privilege level.

Authentication proxy enables administrators to restrict access to resources on a per-user basis and tailor the privileges of each individual instead of applying a generic policy to all users.

It is difficult to determine how authentication proxy will be addressed on the SNRS exam. At the time this writing, Cisco emphasized the importance of understanding "how" authentication proxy works. This does not mean that you should not be familiar with the commands used to configure authentication proxy, but you should certainly be very familiar with the mechanics of how authentication proxy functions and the steps required to implement it.

0 0

Post a comment