I really hope you arent trying to limit outbound traffic with a PIX
alone, because the short answer is YOU CANT. I found this out the hard
way when conducting a security audit on a credit union using only a
Cisco PIX firewall to protect their inside machines and provide NAT.
According to the Cisco techie I tracked down, the PIX wasn't designed to
provide bidirectional access controls, only inbound...
Just my .02...
-HD
http://nlog.ings.com (like nmap? try nlog!)
http://www.secureaustin.com (its coming...)
S Windhausen wrote:
>
> Hi Simon, we got our PIX (520) about 4 months ago, and here is my opinion.
>
> > We have recently purchased a PIX firewall and are in the process of
> > configuring it.
> >
> > What is the use of the GUI configuration tool? Is it worth using?
>
> The GUI install was easy (no gotchas that I can recall). I tried using it,
> but help wasn't that helpful.
>
> > How difficult is the command line language to learn with reasonable
> > experience configuring cisco routers?
>
> I come from Security Admininstration, with no router configuration
> experience. It took me a week
> to sift through the default config and understand how to configure the PIX.
> Depending on your
> requirements, the line command was the easiest and fastest to implement.
>
> Make sure you: 1) save your original config (write floppy) 2) fully
> understand nat; and 3) have a security
> policy in place. Hope this helps.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
