cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
288
Views
0
Helpful
1
Replies

group policies with pix 515e

cmiller
Level 1
Level 1

How are group policies usually put in place with pix? For example, let's say I'm a software company. I've got 14 devolopers who need access to things in the DMZ that no one else would (such as SQL, and who knows what else). Also, Finanace uses a special program which runs on port 5325 (totally random). How do I give them access to it but no one else? Admins should also be in a special group that have access to services such as SSH.

My quetion is how do I define members? Do I have to give everyone a static IP address and do it based on IP? What happens when a devoloper logs onto a box of someone in finance? He/she should have devoloper access then, not finance access. How do I control that?

1 Reply 1

mostiguy
Level 6
Level 6

Read up on the AAA features of the PIX. You can force users to need to login to be able to make outbound connections. You probably also want to read on up Cisco Secure Access Control Server, a software product that works with cisco hardware to provide grouping, dynamic access lists, authentication authorization and accounting (AAA), etc.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: