----- Original Message ----- From: "Richard Tufaro" To: Sent: 21 June 2002 3:08 pm Subject: Access-list or Conduit [7:47146]
> Hey all, I was wondering when configuring rules in a Cisco PIX running > (6.2), when making your rules, is it better to do access-lists or conduits? > Which way is Cisco going on those? In general, at least for enterprise-class products, anytime cisco borgs a product line such as catalyst or pix, they expend a great deal of time, resources & computer programming firepower on rendering the process of interacting with the underlying operating system as close as possible to the analogous process involving IOS, for all of the traditional mba-type reasons. Apparently, this is not well-known, based upon some extremely contemptuous looks I received during a not-so-long ago set of interviews. Are people not aware of the driving forces behind cisco's behavior? Anyway, it seems like conduits have slightly more advanced functionality than access-lists, possibly closer to the route-map & prefix-list mechanisms, presumably to compete with functionality by vendors who boast of stateful inspection mechanisms (disclosure: my ability to meet financial obligations depends partially on the success of a competitor of those who most blatantly leverage that phrase). Does anyone have some real-world experience that they might use to clarify this issue? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=47198&t=47146 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
