You no longer have to upgrade via floppy... As of the 5.1(1) code,
you can do a 'copy tftp flash' much like on a standard ios router. However,
the only way to upgrade the activation key is to load with the floppy image.
Also, the 5.2(3) code supports ssh server support, so you can 3des into your
pix adding another layer of security.
- Jason
> Regarding upgrading the PIX OS via floppy: This is a VERY secure way of
> upgrading software for the PIX. Having to physically touch the PIX as
> opposed to just doing an FTP or TFTP load is better IMHO (where a secure
> firewall is concerned.)
>
> My $.02
>
> At 10:31 PM 1/4/01 -0500, Christopher Neill wrote:
> >On Thu, Jan 04, 2001 at 03:57:11PM -0800, Karyn Ulriksen wrote:
> > > Hey all...
> > >
> > > I'm looking at Cisco Pix 535/525 as a firewall solution and was looking
> > > for some feedback on things to look for in evaluating the system and any
> > > experience with the product. Please feel free to contact me offline at
> > > kulriksen@publichost.com.
> >
> >Here's my opinion.. Cisco PIX is a piece of garbage. It's slow and unweildy,
> >the way it's put together leaves alot to be desired. I'll get into more
> >specifics when TAC can tell me why i get stalled transfers from interface to
> >interface. I've had problems with failover in some cases as well. The defaults
> >are, of course, idiotic. The "fixups" immediately broke my SMTP AUTH on
> >sendmail. One code revision of the OS -- 5.1(1) -- broke every 48-72 hours
> >until I updated it. With a floppy, for chrissake!..
> >
> >I'm told the Nokia Checkpoint system is the top of the line but I haven't had
> >a chance to check it out. I am very dissapointed with the quality of PIX. I
> >could put together a FreeBSD with some quad cards and end up with the same
> >thing but easier to manage.
> >
> >--
> >$Id: .sig,v 1.39 2000/11/21 06:58:32 noise Exp $
> >otopico: fuq 'puree' and 'chop'
> >und1sk0: puree and chop is for pussies without knive skills
>
>
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:24 EDT