I'm using CSPM 3.1 to manage a PIX 525.
I've built a fairly complex policy using CSPM and at the end I've got a rule that will block access from the inside to the internet on port 80. The next rule allows access from the inside to the internet on all ports.
I was expecting this to simply block port 80 as the block rule is first, but this doesn't happen. The hosts have full access on port 80 to the internet.
I need to disallow port 80 and allow all other ports.
CSPM doesn't build the ACL's as I would expect, any suggestions for getting around this problem?
Thanks