Cisco Security appliance

Unanswered Question
Mar 3rd, 2008

I get a good laugh from reading this article regarding Cisco Pix/ASA devices and Cisco Securirty Manager.

"With its heritage as a NAT device, the ASA carries a fair amount of configuration baggage.

Cisco has not done a good job of bringing the NAT policy and firewall policy together.

Indeed, the complexity of this issue is such that the Cisco engineers who helped install our

system didn't get the NAT policy right the first time around. "

"In some cases, that's good; in others, it's not as good, because

some of the ugliness of the structure of the old PIX code is being carried forward. Take NAT

management, for example. It is disconnected from firewall policy and is so confusing that

even the gurus from Cisco who helped us with our installation got it wrong."

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion