Ivan Martinon Mon, 03/02/2009 - 15:13
User Badges:
  • Cisco Employee,

Transparent Firewall is a feature that was introduced on 7.X, so if you need to have this feature you might want to get your firewall to 7.X version, be sure to read all the 7.X release notes prior to making the decision to upgrade it. As for DDOS the PIX within it's 6.X 7.X and 8.X has some built in features like tcp intercept syn flood protection and so on, you might want to be more specific as to what exactly you need.

denaumcisco Mon, 03/02/2009 - 15:15
User Badges:

imartino,


I need to block DDOS on my servers, and how do I do the IOS upgrade?

Ivan Martinon Mon, 03/02/2009 - 15:19
User Badges:
  • Cisco Employee,

with 6.X you have the feature to limit the embryonic connections and the max connections your server will receive at a given time, check the command reference for the static translation:


http://www.cisco.com/en/US/docs/security/pix/pix61/command/reference/s.html#wp1026694


This for example will help you block syn floods and some other attacks. As far as the upgrade goes please check the release notes of version 7.X to review what you need.

denaumcisco Mon, 03/02/2009 - 15:23
User Badges:

thanks abou the DDOS,

but how can I upgrade a IOS? I never did that

Ivan Martinon Mon, 03/02/2009 - 15:28
User Badges:
  • Cisco Employee,

First you need to check on the release notes if you have the needed RAM to upgrade, then you need to be aware that changing from 6.X to 7.X is a major change commands are used differently, after you have decided whether you will upgrade or not, you need to set a tftp server with the image of the 7.X and perform the command "copy tftp flash" following the lead of the command. I strongly advise you to read the release notes prior to doing this.

Actions

This Discussion