Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

How secure is a PIX?

Unanswered Question
Apr 13th, 2002
User Badges:
  • Cisco Employee,

This might seems a dumb question but I'm wondering about the followings :

- Given a out-of -the-box configuration of a PIX which has been upgraded to 6.11 and that is configured to allow only outgoing traffic , with no statics or access lists allowing incoming traffic, how is secure ? Are there any settings that MUST be done to ensure a proper security ? What are then the "best practice " to have a secure environment?

- Where can I find the list , if any , of security problems regarding PIX ( and their countermeasure )

- Is any IDS functionality included , and if yes how do I enable it


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
s.vidanovic Sun, 04/14/2002 - 23:42
User Badges:

Security of your firewall configuration depends on your security policy. Generally, setup with all outgoing traffic allowed is considered not to be secure. You need to restrict traffic according to your security policy in order to make your setup more secure.

Speaking of PIX itself, PIX software is considered to be secure. This is a software that is written with security in mind. According to Common criteria, PIX software received EAL4 level of certification (only two more firewalls have this level of certification), see www.commoncriteria.org

PIX has limited IDS capability, it is able to recognize 59 common signatures. See more info on http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_61/cmd_ref/gl.htm#36470



This Discussion