each company
must build it's own framework (standards, guidelines, SOPs) to address
their specific needs.
Bottom line: There is a one-size-fits-all, yet unless you enjoy wearing
really loose underwear, you probably ought to have your
one-size-fits-all tailored
Tate
--
C. Tate Baumru
Upon labeling the inside and outside interface on a PIX (via setup
routine), rules prohibiting external -> internal traffic are enabled
(due to default security levels).
I believe FW1 also, by default, denies all traffic via default kernel
rules and the implicit drop rule.
-Tate
[EMAIL PROT