Reporting connections is possible with SNMP. I'm about to pursue that myself soon. I plan to use snmpwalk / snmpget along with MRTG or rrdtool. You can get the MIB from Cisco.
I'm currrently able to use MRTG to get basic interface statistics on the PIX.
I believe CSPM from Cisco can create complicated rulesets for the PIX. The product itself is complicated (nice GUI though) and is expensive. I've heard that it is available from Cisco's site (with CCO account) and has a 90 day trial.
Failover link - I would GUESS that it can be a slower speed. Connection tables should be transfered across the link - not every data packet.
I have gotten ssh to work with the PIX using DES. You need to ask for the license for this though (and therefore re-load the IOS) and it is free (regular 56 bit DES). The only ssh client I got to work with pure 56 bit DES, however is called putty.exe (www.openssh.com - link to putty). I'm pursuing 3DES at a cost.
-Andy
-----Original Message-----
From: Pere Camps [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 20, 2001 12:33 PM
To: [EMAIL PROTECTED]
Subject: Cisco PIX: questions
Hello!
Some questions for the PIX guru's on the list.
a) Reporting: is there any way to get decent reporting on the PIX?
Stuff like: accepted so many connections from that ip to that ip/port,
etc. I'm looking for something like webtrends but for the PIX.
I'm worried because it looks like the reporting is all done via syslog
and I don't see how syslog can keep if there are 3000 new connections
per second.
b) Managing access-list. Is there any way to group IPs other than
via subnets? Is there any *good* product to manage them? Or should
I better stick with very simple configurations.
c) For statefull failover on Gigabit enviorment (and working also
with very high bandwith requirements), does the "link" between the
PIXes need to be gigabit too? Can the statefull failover keep up
with high bandwith?
d) SSH. Can I use ssh to log into the PIXes?
That's it for today. :)
Thanks a lot!
Pere.
-- p.
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
The sender believes that this E-mail and any attachments were free of any virus, worm, Trojan horse, and/or malicious code when sent. This message and its attachments could have been infected during transmission. By reading the message and opening any attachments, the recipient accepts full responsibility for taking protective and remedial action about viruses and other defects. The sender's employer is not liable for any loss or damage arising in any way from this message or its attachments.
