Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

default security of pix ?

Hi

I have installed 515 pix firewall.

I just configure it. but my question is

by defult which of attack are protect by pix ?.we found many network attack.

so how pix protect this attack.

Thanks

Biplob

3 REPLIES

Re: default security of pix ?

Hi

AFAIK Security Applicance such PIX and ASA doesnt allow any outbound connections on any port by default, if you need to open up any port related to any application then you need to manually open it up.

Second thing is the access to the inside network from the outside world which is also blocked by default which u need to open it up using Access control lists.

Again in routers all the ports are opened up and you need to manuall block the unwanted ports and access to the router or the internal networks using ACLs.

regds

New Member

Re: default security of pix ?

Hi

Thanks for your information.

Biplob

Gold

Re: default security of pix ?

assuming nat/pat/static, as well as the security level on each interface are configured properly, pix will permit any traffic from higher security level to lower security.

for instance, the outside interface is the one connected to the internet, which has security level as 0; whereas the inside interface has security level as 100.

in other words, without any acl, pix inside host should be able to initiate outbound connection such as internet broswing. but no host from the outside (i.e. the internet) is able to initiate inbound connection to the inside host.

just wondering what exactly you are referring to as network attack. and whether these attacks are captured on the pix log or another device behind the pix.

95
Views
0
Helpful
3
Replies
CreatePlease to create content