|
Thread Index Re: Cisco Firewall
Bryan, the IP/FW feature pack is basically a version of IOS that includes Content Based Access Control (Dynamic Access Lists), DoS filtering tools, and Intrusion Detection Capabilities. You can apply the DoS tools globally, so the router will monitor all traffic passing through against these rulesets. The IDS signatures can be applied globally or against certain interfaces. The access-lists are a standard feature of IOS and you can apply them to any interface. The Dynamic filtering capabilities are triggered by making some entries in the specific access-list itself which is then applied to the appropriate interface. I can forward you offline some standard setups to use for the access-lists and DoS filters. Of course, every network has different requirements for access, so you'll have to modify as necessary for your situation. Does Cisco state any limits on the operation on a 1700 with this software? i.e. Is there enough CPU to support the level of traffic you are pushing? --Scott Clay Bryan <CBryan@WERCS.COM> on 05/31/2001 12:40:36 PM Please respond to isp-security@isp-security.com To: isp-security@isp-security.com cc: Subject: Cisco Firewall Hi, We recently purchased Cisco 1700 IP/FW Feature Pack for our Cisco 1750. We haven't put it on yet . My Goals are to protect the Corporate Network as well as the ISP Network. What should I block on the isp side or should I leave it open ? Or will I even be able to seperate the 2 networks (Meaning does this firewall only work on the one interface) . Thanks for anyhelp in advance. Clay Bryan Cbryan@Wercs.Com ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Today on ISP-Planet Hot business, marketing & tech tips for the ISP community http://www.isp-planet.com/ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Today on ISP-Planet Hot business, marketing & tech tips for the ISP community http://www.isp-planet.com/
Thread Index |
|
