- Original Message -
From: Richard Tufaro
To:
Sent: 21 June 2002 3:08 pm
Subject: Access-list or Conduit [7:47146]
Hey all, I was wondering when configuring rules in a Cisco PIX running
(6.2), when making your rules, is it better to do access-lists or
conduits?
Which way is Cisco going on those?
In general, at least for enterprise-class products, anytime cisco borgs a
product line such as catalyst or pix, they expend a great deal of time,
resources computer programming firepower on rendering the process of
interacting with the underlying operating system as close as possible to the
analogous process involving IOS, for all of the traditional mba-type
reasons.
Apparently, this is not well-known, based upon some extremely contemptuous
looks I received during a not-so-long ago set of interviews. Are people not
aware of the driving forces behind cisco's behavior?
Anyway, it seems like conduits have slightly more advanced functionality
than access-lists, possibly closer to the route-map prefix-list
mechanisms, presumably to compete with functionality by vendors who boast of
stateful inspection mechanisms (disclosure: my ability to meet financial
obligations depends partially on the success of a competitor of those who
most blatantly leverage that phrase). Does anyone have some real-world
experience that they might use to clarify this issue?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=47198t=47146
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
