Anyone out there have some experience using the Cisco PIX firewalls for Corporate/Production networks? I'd like to try one of these little buggers out, but I'd like to get some do's and dont's from other admins with Cisco PIX experiences. As I understand, these things don't just filter packets based on addresses/ports but actually look at packet content like a proxy or IDS. Is this true? I've also heard that it will only scan content of the first packet when a new connection/session begins, and then it uses keep-state tables to auto-pass the rest of the packets in the session. I remember the ipf package taking that approach as well and having security problems with that because you can confuse the state table cache. Any comments would be helpful.
Miles Stevenson QuickHire Network Support Specialist
