Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)

same-security-traffic Command

hi all,

i'm going to configure a new ASA 5525-X from scratch.

several clients will be connected and will be NAT'd on the ASA.

my question is, is it a 'best' practice to have different security levels for my clients or do i

set the same security level (i.e. 100) and configure (or not?) the same-security-traffic permit inter-interface command.

 

1 ACCEPTED SOLUTION

Accepted Solutions

Hi John, I am gonna give you

Hi John,

 

I am gonna give you the mixed response.... if you have the required ACL's in place, then security level what you define in interface will not have a major value to it.....

But it is good to define a different security levels for different interfaces in order to define a more secured and the less secured network of yours...

 

But anything you do will not make a major difference...

 

Regards

Karthik

2 REPLIES

Hi John, I am gonna give you

Hi John,

 

I am gonna give you the mixed response.... if you have the required ACL's in place, then security level what you define in interface will not have a major value to it.....

But it is good to define a different security levels for different interfaces in order to define a more secured and the less secured network of yours...

 

But anything you do will not make a major difference...

 

Regards

Karthik

Hi karthik,thanks for your

Hi karthik,

thanks for your response!

i realized that ACL matters as compared to the default security provided by the 'security-level' of each interface.

37
Views
0
Helpful
2
Replies
CreatePlease to create content