Considering upgrading the cisco routers outside our firewalls to IOS firewall to provide an extra layer of security. Existing firewalls - Gauntlet 4.2 BSD fully patched, Gauntlet 5.5 Solaris patched, Sun EFS 3.1 Existing outside routers - 2 x Cisco 7206 (NPE200) IOS version 11.1(36)CC1, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) FE inside, ATM outside Pros and cons of upgrade: Pro Enhanced security ??? - exactly what do I gain? Con Decreased performance ??? - how much? It depends on the configuration. The only inbound services are SMTP, NNTP, HTTP, SSL, DNS?, The outbound services are varied, I guess we could allow everything out from the firewalls through the outside IOS firewalls, to reduce the performance hit from lots of filter rules. Comments? Is this worth doing? What do we gaing? What do we lose? Find the best deals on the web at AltaVista Shopping! http://www.shopping.altavista.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
