-
March 12th, 2006, 09:35 PM
#11
Junior Member
Originally posted here by Nokia
So you now have one port secure!
Only another 65535 acl's to write and you can have all your ports filtered!
Not really. You can go the opposite direction and create access-lists to opening up the type of traffic you want and allow the implicit deny all to block everything else you don't want. This is much more secure than writing access-lists to block everything you don't want.
-
March 12th, 2006, 11:00 PM
#12
I was making a comparison to using ACL's vs Firewall. Not telling him how to secure a network with ACL's.
-
March 17th, 2006, 07:20 PM
#13
Junior Member
As a matter of interest Zillah you can also get the IOS version for routers that has a security feature set and turns your Cisco router into a stateful firewall with limited IDS functionality, IPSEC VPN and some other security features.
-
March 17th, 2006, 08:33 PM
#14
Senior Member
As a matter of interest Zillah you can also get the IOS version for routers that has a security
Is it new version of IOS ?
"Reflexive access-lists and content based access-control (CBAC) can be used to turn the router into a stateful firewall. A stateful firewall means that when traffic leaves the network it is noted in a state table. When traffic tries to come in back into the network it is only allowed in if there is a previously created entry the state table. A reflexive access-list uses the same principle".
-
May 16th, 2006, 09:30 PM
#15
Senior Member
FYI , I found this :
IOS FW vs. PIX
Code:
http://www.fredshack.com/docs/cisco_ios_firewall.html
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|