RE: [fw-wiz] pix vs. ios firewall feature set

From: avraham shir-el (arthur sherman) (avraham_at_jct.ac.il)
Date: 06/03/03

  • Next message: Bill Royds: "Re: [fw-wiz] Where do firewall Admins Sit in An Company" 
    To: "Noonan, Wesley" <Wesley_Noonan@bmc.com>
Date: Wed, 4 Jun 2003 00:03:34 +0300

    the reason i'm not looking at the entry level pix is that even
    on our small net, there's a handful of subnet which don't trust each
    other, but need limited access to each other. it's hard 4 me
    to justify a 515, so the existing 2600 with fw feature set added on
    looks like the way to go. i've been getting positive feedback
    on this if u've been following this thread. if i've missed any
    assumptions that the list is assuming, please fill me in.
    tnx
    ams
    avraham shir-el
    director of computing center
    jerusalem college of technology - machon lev
    p. 972-2-675-1163

    > FROM - Noonan, Wesley <Wesley_Noonan@bmc.com>
    > WHEN - 2 June 2003, 13:45
    > SUBJ - RE: [fw-wiz] pix vs. ios firewall feature set
    > TO - pauls@nexicom.net, avraham@jct.ac.il, firewall-wizards@icsalabs.com
    >
    > Just curious, but why not throw a PIX 501 or 506 in the small offices?
    > Obviously, needing something other than an Ethernet interface requires a
    > router, but in my experience a lot of small offices are hanging off of DSL,
    > Cable Modem or Ethernet wired BANs (building area networks) so a PIX (or any
    > of the other SOHO firewalls) works really good.
    >
    > Wes Noonan, MCSE/CCNA/CCDA/NNCSS/Security+
    > Senior QA Rep.
    > BMC Software, Inc.
    > (713) 918-2412
    > wnoonan@bmc.com
    > http://www.bmc.com
    >
    >
    > > -----Original Message-----
    > > From: Paul Stewart [mailto:pauls@nexicom.net]
    > > Sent: Monday, June 02, 2003 07:21
    > > To: avraham@jct.ac.il; firewall-wizards@icsalabs.com
    > > Subject: RE: [fw-wiz] pix vs. ios firewall feature set
    > >
    > > I posed this question previously and was told that almost all features at
    > > incorporated into the IOS. The features I use most are in both but I'm
    > > sure
    > > there's features that are not in the IOS FW Feature Set.. Kinda wish
    > > someone
    > > had a list of what's *not* in the IOS... Anyone? :)
    > >
    > > My adoption of using IOS for firewalling has been that of for small
    > > clients
    > > (under 100 workstations).... Anything over 100 or so users I use a PIX box
    > > specifically....
    > >
    > > Take care,
    > >
    > > Paul
    > >
    > >
    > > -----Original Message-----
    > > From: firewall-wizards-admin@honor.icsalabs.com
    > > [mailto:firewall-wizards-admin@honor.icsalabs.com] On Behalf Of avraham
    > > shir-el (arthur sherman)
    > > Sent: Saturday, May 31, 2003 5:33 PM
    > > To: firewall-wizards@icsalabs.com
    > > Subject: [fw-wiz] pix vs. ios firewall feature set
    > >
    > >
    > >
    > > gentlemen:
    > > a cisco engineer recently told me that the plan for the above 2 products
    > > is
    > > %100 feature convergence and that currently, there's about %80 of the
    > > features of pix present in the ios firewall feature set. any comments as
    > > to
    > > the reality of the above?
    > >
    > > tnx
    > > ams
    > > avraham shir-el
    > > director of computing center
    > > jerusalem college of technology - machon lev
    > > p. 972-2-675-1163 _______________________________________________
    > > firewall-wizards mailing list firewall-wizards@honor.icsalabs.com
    > > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    > >
    > > _______________________________________________
    > > firewall-wizards mailing list
    > > firewall-wizards@honor.icsalabs.com
    > > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    > _______________________________________________
    > firewall-wizards mailing list
    > firewall-wizards@honor.icsalabs.com
    > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Bill Royds: "Re: [fw-wiz] Where do firewall Admins Sit in An Company"

    Relevant Pages

    • Re: Trust Requirements -- PDC to PDC Only?
      ... machines into the new subnet a few at a time by shifting the patch cables at ... Then setup the Trust ... As a substitute for Zone Transfers you might be able to use Conditional ...
      (microsoft.public.windows.server.active_directory)
    • Re: connecting 2 windows 2000 domains
      ... > One domain is located in CA, called abc.local and subnet is 10.10.1.0 ... > How can I make both domains see each other and give trust permision. ... Microsoft Windows MVP - Active Directory ...
      (microsoft.public.win2000.active_directory)
    • Re: Trust Relationship between two Windows domain
      ... Add forwarder to DNS Domain on both sides Name and IP ... Add each side two way in trust Applet ... Each site is going to be a different Subnet. ...
      (microsoft.public.windows.server.networking)
    • Re: Windows 2000/Windows 2003 Trust relations
      ... there is only one subnet. ... Any troubleshooting steps where i can not create a trust. ... > that forest require NetBIOS resolution. ... > be WINS clients if you use WINS server. ...
      (microsoft.public.windows.server.migration)
    • Re: BillB anticipating FTP scandal in 2001
      ... me) insisted that player funds needed to be held in a TRUST ACCOUNT... ... In fact, there are only a handful of people on RGP who really understand what that even means, and all the legal ramifications that go along with it. ...
      (rec.gambling.poker)