FIREWALL Cisco PIX525

5 pts.
Tags:
Cisco Firewall
Cisco PIX 525
Firewall security
Firewalls
I'm thinking about using a CISCO PIX525(replacing the present PIX515) as a device for my firewall protection. What is the best common practice in the industry for setting up this device and publishing my VPN IP range?
ASKED: May 12, 2009  1:59 PM
UPDATED: May 13, 2009  3:18 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

I don’t know that there’s best common practice for this device…It really just depends on your business needs. I wrote some <a href=”www.principlelogic.com/docs/Firewall_Best_Practices.pdf”>general firewall best practices</a> that may help. Let us know if you have any specific questions.

====================
For some general best practice documents always consider <a href=”http://csrc.nist.gov/publications/PubsSPs.html”>NIST publications</a>. Check out the Special Publication 800-41 Guidelines on Firewalls and Firewall Policy and it’s proposed revision.

In the IT trenches? So am I – read my <a href=”http://itknowledgeexchange.techtarget.com/it-trenches”>IT-Trenches blog</a>
====================

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • BlankReg
    First I would ask why are you wanting to do this. The PIX515 you have is a good device for almost all sites up to a big medium sized business. The 525 is really for large corporate business. It is considerably noisier as well. The only advantage is that it is faster and allows Gigabit Ethernet interfaces (although they can not pass traffic at this rate due to hardware limitations in the PIX itself). Both run exactly the same operating system, so anything you can do on the 525 you can already do on the 515. If you want to change the config, to make it more robust, or to add new features, you can already do this with the PIX515, no need to change. If you are looking to replace it anyway, then you should really look at the Cisco ASA5500 series, as these do everything that the PIX will do, but are MUCH faster, and have more interfaces and features as standard. Plus thay have additional modules available for virus filtering, IPS function etc.
    12,325 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following