In article <[EMAIL PROTECTED]>,
David B McGlumphy <[EMAIL PROTECTED]> wrote:
>I like the flexibility of the IBM
>firewall, but I know PIX's have a reputation for being (almost)
>Impenetrable. Any suggestions?
Impenetrable? As in, "PIXes have a really weird coonfiguration syntax and
it's almost impossible to get them properly configured to allow protocols
through, especially if you go to a dual-redundant system with failover"?
Well, yeh.
Plus, it's like a dumb "port proxy". There's no application level smarts
involved... you will still have to have a bastion host for things like mail.
--
In hoc signo hack, Peter da Silva <[EMAIL PROTECTED]>
`-_-' Ar rug t� barr�g ar do mhact�re inniu?
'U` << <KH> you did technical support for Hell ?
<susan> Didn't we all, in our youth? >:) >>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
