-----Original Message-----
From: Bruno Fernandes
Sent: sexta-feira, 12 de Outubro de 2001 12:25
To: '[EMAIL PROTECTED]'
Subject: RE: PIX features
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: sexta-feira, 12 de Outubro de 2001 9:54
To: [EMAIL PROTECTED]
Subject: PIX features
Hi Cisco "CCXX"-Whizbangs!
I need to get some distinct info on the CISCO PIX, and my colleague who
had
just
finished the advanced PIX training wasnt�t able to answer them:
(problem is, CP FW-1 should be, but we try to get PIX doing it ;-) )
-is Pix able to identify/block IP-spoofing?
Yes
-IP-fragmentation attacks
Yes
-monitor dynamic sessions with (changing ports,, FTP, RPC, portmapper)
-identify different ICMP (block "echo request", pass on "host
unreachable")
Yes
-time depending rules, like allow between 8am-5pm, deny all other time
Nop
-support access to Citrix Metaframe
??
-is there a third party GUI for management?
No but the latest version 6.x.x has pdm which is a applet downloaded
from the pix you need ipsec activation key, or you can use cspm (from
cisco also) this for config. In matters of logging there are some such
as Privateye
-managemnet of a single device by multiple management stations?
????
-apply new rule/config to multiple PIXen at once?
I think cspm may do this
-group different objects independent from different IP-addresses
????
-send logging info to central mgmnt station BUT KEEPING ALSO available
on
site?????
You will need a third party application to do this, you need an
application to work on the logs.
-which is teh best tool to analyze the PIX logs? MUST NOT BE FREE!!
This is a dificult questions because it depends on you, i like privateI.
I also like the good old cut, grep tools from the nixes.
-does PIX log changes to config?
i don't understand the question
OK, thats it for now!
I REALLY look forward to your answers/further detailed questions!
Sebastian
--
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
