Hi Karyn,
The Cisco pix is a nice piece of equipment, however in my time using it I
must admit to having had both good and bad times with it.
My major complaint with cisco pix was that last time I used it, it only
supported a single PAT address, while you could have multi nat pools, all
nat pools overflowed into the same pat, you could not define a single pat
per nat pool. This I found to be a major problem in certain advanced
configurations.
Also, when buying cisco pix make sure you get an IOS version that is updated
and patched against the state table reset bug (cisco_reset.c) which I
released an advisory for a couple of months ago when I wrote the code.
Other than that its a good product.
To the list, any feedback on the IDS blade for the 6500 would also be
appreciated on my side.
Thanks
Andrew Alston
-----Original Message-----
From: owner-list@inet-access.net [mailto:owner-list@inet-access.net]On
Behalf Of Karyn Ulriksen
Sent: Friday, January 05, 2001 1:57 AM
To: cisco-nsp@puck.nether.net; list@inet-access.net
Subject: Cisco PIX feedback request
Hey all...
I'm looking at Cisco Pix 535/525 as a firewall solution and was looking
for some feedback on things to look for in evaluating the system and any
experience with the product. Please feel free to contact me offline at
kulriksen@publichost.com.
Also, feedback regarding Cisco's IDS solution (blade in a 6500).
Thanx in advance,
K
-
List archives can be found at: <http://www.moongroup.com/inet.php>
Send 'unsubscribe' in the body to 'list-request@inet-access.net' to leave.
Eat sushi frequently. inet@inet-access.net is the human contact address.
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:24 EDT