Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15

Thread: Router ACL vs PIX Firewall

  1. #11
    Junior Member
    Join Date
    Feb 2006
    Posts
    8
    Originally posted here by Nokia

    So you now have one port secure!
    Only another 65535 acl's to write and you can have all your ports filtered!
    Not really. You can go the opposite direction and create access-lists to opening up the type of traffic you want and allow the implicit deny all to block everything else you don't want. This is much more secure than writing access-lists to block everything you don't want.

  2. #12
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    I was making a comparison to using ACL's vs Firewall. Not telling him how to secure a network with ACL's.

  3. #13
    Junior Member
    Join Date
    Feb 2005
    Posts
    26
    As a matter of interest Zillah you can also get the IOS version for routers that has a security feature set and turns your Cisco router into a stateful firewall with limited IDS functionality, IPSEC VPN and some other security features.

  4. #14
    Senior Member
    Join Date
    Dec 2004
    Posts
    140
    As a matter of interest Zillah you can also get the IOS version for routers that has a security
    Is it new version of IOS ?

    into a stateful firewall
    "Reflexive access-lists and content based access-control (CBAC) can be used to turn the router into a stateful firewall. A stateful firewall means that when traffic leaves the network it is noted in a state table. When traffic tries to come in back into the network it is only allowed in if there is a previously created entry the state table. A reflexive access-list uses the same principle".

  5. #15
    Senior Member
    Join Date
    Dec 2004
    Posts
    140
    FYI , I found this :

    IOS FW vs. PIX

    Code:
    http://www.fredshack.com/docs/cisco_ios_firewall.html

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •