09-19-2007 07:14 AM - edited 03-11-2019 04:13 AM
Installed a new PIX and want to secure both outside and inside using ACL's, etc.
Anyone know of a good doc, perhaps on the Safe site?
09-19-2007 07:27 AM
I am unaware of a document like that I cna however give you some pointers from my experience.
1. Remember the implicit deny all
2. Be as granular in permitting traffic as you can be
3. Sometimes the best engineered solution has to bend to business needs
4. Use object groups to group subnets / hosts
5. Use the remark feature so 2 months from now you can recall why something is there
Thats my .05 hope it helps.
09-19-2007 07:31 AM
thanks, yes, I'll add those to my list of to-do's.
09-19-2007 11:29 AM
SANS offers a course called "Working with Firewall Rule Bases". If you've been working with firewalls a long time, you may or may not find it useful, but it deals with just this sort of thing, and I think it would be very good for someone relatively inexperienced with working with firewalls. Here's a url:
http://www.sans.org/training/description.php?mid=130&portal=6239c11a87ccaa2cc1cc4e1010fe7065
Larry Owen
09-19-2007 11:33 AM
read rfc 2827.
and block everything from china, unless that's where you live.
google 'bogon filtering'
09-20-2007 06:10 AM
thanks, srue. I need to go there to read up on my BGP rfc's anyway, I'll check this one as well. I'm new to mid to PIX so if I have questions, I'll post em here.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide