Hello Mike,
The PIX currently performs network layer protection and RFC-1631 Network
Address Translation. As someone mentioned in a later post, there will be
many new features in the upcoming release and many more in the future.
Without knowing the specifics of your case, I can only give you some very
general rules about how it can be used. The PIX has been implemented as a
stand alone security device between a sensitive area of a network (i.e. -
financial dept.) and the rest of a network. It's also been implemented as
part of a firewall system, between the Internet and a private network.
Rather than go into a lot of detail here, please look at
http://www.cisco.com/univ-src/3.9/data/doc/cintrnet/ics/icssecur.htm#HDR10
- a Security white paper (see Fig. 3.1) and
http://www.cisco.com/warp/public/751/pix/pie_ds.htm
- a PIX spec sheet (see Fig. 2).
As with anything, I urge you to fully define your expectations and then find
a security device which can meet them.
Thanks,
Chris Lonvick
Cisco Systems
Consulting Engineering
+1-713-778-5663
>I'm looking for information on why (or why not) a Cisco PIX box is
>adequate as a firewall. My gut feeling is that it does part of the job,
>but that it's not something you should rely on as a complete solution.
>
> Mike Jones
> Unified Technologies
>
>
|
|
