I have a PIX firewall sitting between market data segment and my LAN. The PIX outside interface is facing to market data segment and inside interface facing LAN.
By default, the outgoing traffic from LAN to the market data segment are permitted. And incoming traffic from market data segment to LAN is blocked. I have some market data application for eg open Bloomberg and Reuters and need to access market data segment. You are informed that only connection need to initiated from inside LAN to market data segment. So, my PIX firewall admin had decide to leave to the configuration as default--> permit outgoing and block incoming. But I doubted that whether this is the way it supposed to be? Shouldn!&t we just open the ports to let the necessary traffic to go out and blocked other ports? Will it creates security holes if we don't control the outgoing traffic? What is the possible attack? _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46432&t=46432 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
