Again, Pix 506 5.2(6):
To this point I will need to manually enter my DENY access-list statements on my 506 as we do not currently utilize any type of IDS.
In my initial config, I had 1 DENY rule, followed by 5 PERMIT rules and then of course bound to the access-group.
If I need to add a new IP to block, do I really need to completely blow away my pix config and reconfig to add a new DENY rule?
Or since I have a deny rule (first on the list, of course)already in place, will the PIX automatically add it to the beginning of the rules with my other DENY rule(s).