RE: Protecting PIX Firewall at the Perimeter Router

["Thomas Novak" <thomas () novak-novak net>]

Naman

Seeing as you already have a Cisco Router you may want to check to see about
implementing ACL's

Take a look at http://www.nsa.gov/snac/index.html for some guidance

Cordially

Thomas

-----Original Message-----
From: R P G [mailto:inittab () jtan com]
Sent: Wednesday, November 06, 2002 9:05 PM
To: security-basics () security-focus com
Subject: Re: Protecting PIX Firewall at the Perimeter Router


Put an OpenBSD firewall in front of the PIX.  That should protect it.


> > Hi All,
> >
> > I wanted some suggestions\practical experiences for protecting a
> > Firewall wall at the Perimeter Router Level.
> >
> > We have a PIX Firewall connected to our Cisco Router, which is connected
> > to the Internet. Should there be any IOS Firewall Rules in the Router,
> > other than blocking Telnet,FTP etc to the Firewall itself ?
> >
> > PIX will be doing NAT, protecting DMZ machines, and IPSec connections.
> >
> > Regards \\ Naman