This might seems a dumb question but I'm wondering about the followings :
- Given a out-of -the-box configuration of a PIX which has been upgraded to 6.11 and that is configured to allow only outgoing traffic , with no statics or access lists allowing incoming traffic, how is secure ? Are there any settings that MUST be done to ensure a proper security ? What are then the "best practice " to have a secure environment?
- Where can I find the list , if any , of security problems regarding PIX ( and their countermeasure )
- Is any IDS functionality included , and if yes how do I enable it
Security of your firewall configuration depends on your security policy. Generally, setup with all outgoing traffic allowed is considered not to be secure. You need to restrict traffic according to your security policy in order to make your setup more secure.
Speaking of PIX itself, PIX software is considered to be secure. This is a software that is written with security in mind. According to Common criteria, PIX software received EAL4 level of certification (only two more firewalls have this level of certification), see www.commoncriteria.org
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...