External port view

- [Instructor] Here's a picture of a Cisco Next Generation Firewall in the 1000 series. There's many different models that you can get this particular firewall in, and they differ basically in the amount of ports that they have on them, as well as the processor speed, throughput capability, and many others. However, they all have the same types of security features, no matter which model you get, and they all have similar ports that you see here. So let's take a look at what each of these ports does. The first port that we see is going to be the power port. This is where you plug in your AC adapter in order to fire up your Cisco Next Generation Firewall. After that, we have Port 1. This is your outside port. The outside port is going to connect into your ISPs modem or their router. This port has the most security on it because it's going to be connected out to the internet. Now, ports 2 through 8, these are all switch ports. They're all part of the same group, and they all operate by default on the 192.168.95 subnet. Although you can certainly change that to be whatever your particular subnet is. You can also remove each of these ports from the switch port group and make them an individual subnet with their own security on them. This is an option I've used many times when I needed to connect a different subnet from another VLAN and I just wanted it to have internet access. You may have multiple subnets and VLANs you would like to segment out to go out to the internet, such as wifi access, among others. Then we have the management port. The management port is an excellent way to communicate with the firewall, and by default, its subnet will be on the 192.168.45.45/24. So if you need to communicate using the management port, just go ahead and set your computer to any IP address in that subnet other than 45. And the reason for this particular port is if you cannot communicate with any of the switch ports, or you need to change the IP address of one of the switch ports or the public IP address and you don't want to lose communication with the device. Another option in case you lose communication using the IP ethernet connectivity is going to be the console port. The console port gives you full access right into the firewall, and it doesn't require an IP address to do so. You do need a program, such as PuTTY, to be able to connect into it. Now you see two different ports here. One is an RJ45 connection. This is the older type of Cisco cable and it no longer comes with the next generation firewalls. However, you can still purchase this cable from Cisco and other vendors. The port to the right is the newer type of connection, and it is a USB Type B port. And you can plug in the included cable into the next generation firewall, and then plug the other end into your computer. The other end is a USB Type A connection, which all standard computers have. The port to the right of this is going to be a USB Type A 3 connection. That basically means that USB 3 is a higher speed than the old fashioned USB 2 or 1, and you can connect an external hard drive using this connection. Now, if your external hard drive is only USB 2, it will still work, it will just step down to the slower speed. The reason for this port is so you can upload a newer iOS configuration, or add any other software or files, or copy files down to the external drive. This is particularly useful if you can no longer communicate with your device due to some sort of corruption and you need to get a new operating system and configuration onto your Cisco firewall. After that, we have the Kensington Lock Port you can use to lock up and secure your device if needed. And after that you see the Reset button. The Reset button can be used in case you need to erase the configuration and start back to its original configuration. This, of course, is a last resort and should not be used unless you're fine with being able to erase it and possibly rebuild or restore your operating system if needed. You may want to write down what each of these ports do and label the ports in case you need to connect to your firewall due to being unable to communicate with the switch ports at a future time.