See notes below. -----Original Message----- From: Bruno Fernandes [mailto:[EMAIL PROTECTED]] Sent: Friday, October 12, 2001 6:25 AM To: [EMAIL PROTECTED] Subject: FW: PIX features
-----Original Message----- From: Bruno Fernandes Sent: sexta-feira, 12 de Outubro de 2001 12:25 To: '[EMAIL PROTECTED]' Subject: RE: PIX features -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: sexta-feira, 12 de Outubro de 2001 9:54 To: [EMAIL PROTECTED] Subject: PIX features Hi Cisco "CCXX"-Whizbangs! I need to get some distinct info on the CISCO PIX, and my colleague who had just finished the advanced PIX training wasnt�t able to answer them: (problem is, CP FW-1 should be, but we try to get PIX doing it ;-) ) -is Pix able to identify/block IP-spoofing? Yes -IP-fragmentation attacks Yes -monitor dynamic sessions with (changing ports,, FTP, RPC, portmapper) -identify different ICMP (block "echo request", pass on "host unreachable") Yes -time depending rules, like allow between 8am-5pm, deny all other time Nop -support access to Citrix Metaframe Yes, no problem -is there a third party GUI for management? No but the latest version 6.x.x has pdm which is a applet downloaded from the pix you need ipsec activation key, or you can use cspm (from cisco also) this for config. In matters of logging there are some such as Privateye -managemnet of a single device by multiple management stations? Yes -apply new rule/config to multiple PIXen at once? I think cspm may do this -group different objects independent from different IP-addresses ???? -send logging info to central mgmnt station BUT KEEPING ALSO available on site Yes You will need a third party application to do this, you need an application to work on the logs. -which is teh best tool to analyze the PIX logs? MUST NOT BE FREE!! This is a dificult questions because it depends on you, i like privateI. I also like the good old cut, grep tools from the nixes. Private I -does PIX log changes to config? In its syslog files OK, thats it for now! I REALLY look forward to your answers/further detailed questions! Sebastian -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
