I was tasked with writing a firewall hardening procedure without access to any hardware for testing/development. So I went googling and found AO.
Unfortunately the firewall document is no longer accessible.. sooo... I ended up writing a configuration procedure while documenting the security features of the PIX/ASA and made some recommendations instead.
It's kinda funny now that I think about it. I've never considered configuring a firewall as "hardening" it. :D but I suppose you could look at it that way.
I've been in the security field for about 3 years - working mainly in hosting - I did do some corporate IDS for a while (with an outsourcing giant) and got tired of IT being a cost center. With hosting, it's a little different :) Hosting industry workers get spoiled.
Anywho, I've still got to look around this site and see what wonderful tidbits of info there is. Where I can I'll add my own experiences and information for you to glean what you will from as well.
