The Cisco way to do it would be to run the IOS Firewall Feature Set on the
perimeter router and use CBACS.
Ben.
-Original Message-
From: R P G [mailto:inittab@;jtan.com]
Sent: 07 November 2002 02:05
To: [EMAIL PROTECTED]
Subject: Re: Protecting PIX Firewall at the Perimeter Router
Put a
IDS should be placed in all three + servers/host agents.
In front of firewall to detect external attempts
Behind firewall to detect internal attempts and successful external attacks
(useful to compare info from Ext + int sensors)
In DMZ to monitor activity to mailer/FTP/web whatever.
Hope this h