[c-nsp] 6500 with IOS Firewall - Any experiences?
Brian Stiff (bstiff)
bstiff at cisco.com
Wed Jun 6 10:36:22 EDT 2007
Hi Gustavo-
As you've seen, there's no SDM support, and I'm not aware of a similar
element-based tool for that platform. Cisco Security Manager might
offer an option for dealing with the Firewall config if your customer
has enough boxes to make the investment worthwhile. Sorry I missed
responding to the management questions on the first go-round.
I can't help you much answering questions comparing the Sup32 and
Sup720, I spend most of my time dealing with access routers where most
IOS Firewall discussion happens.
I'll second Roland's comments on the PISA acceleration of FPM, and I'll
point out that the PISA doesn't add anything for stateful inspection.
Regards,
Brian
> -----Original Message-----
> From: Gustavo Novais [mailto:gustavo.novais at novabase.pt]
> Sent: Tuesday, June 05, 2007 3:33 PM
> To: Brian Stiff (bstiff)
> Cc: cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] 6500 with IOS Firewall - Any experiences?
>
> Thanks Brian,
>
> By any chance do you know if in case he'd choose the IOS
> firewall, there would be anything like SDM to manage it? I
> didn't find anything like it.
>
> Anyway, you've convinced me. I'll suggest him to continue
> using its current pix525 cluster, although I still think he'd
> be better suited with a sup32 than with a sup720.
>
> Do you know if the sup32-PISA brings any improvement on the
> IOS firewall area?
>
> Thank you very much.
>
> Gustavo Novais
>
BS> Trimmed all following....
More information about the cisco-nsp
mailing list