RE: Protecting PIX Firewall at the Perimeter Router

["Ben Duncan" <ben () cpp co uk>]

The Cisco way to do it would be to run the IOS Firewall Feature Set on the
perimeter router and use CBACS.

Ben.

-----Original Message-----
From: R P G [mailto:inittab () jtan com] 
Sent: 07 November 2002 02:05
To: security-basics () security-focus com
Subject: Re: Protecting PIX Firewall at the Perimeter Router

Put an OpenBSD firewall in front of the PIX.  That should protect it.


> > Hi All,
> >
> > I wanted some suggestions\practical experiences for protecting a
> > Firewall wall at the Perimeter Router Level.
> >
> > We have a PIX Firewall connected to our Cisco Router, which is connected
> > to the Internet. Should there be any IOS Firewall Rules in the Router,
> > other than blocking Telnet,FTP etc to the Firewall itself ?
> >
> > PIX will be doing NAT, protecting DMZ machines, and IPSec connections.
> >
> > Regards \\ Naman

This is an email from The CPP Group, Holgate Park, York, YO26 4GA; telephone 01904 544500. This message may contain 
information that is confidential. If you are not the intended recipient, you may not peruse, use, disseminate, 
distribute or copy this message. If you have received this message in error, please notify the sender immediately by 
email, facsimile or telephone and either return or destroy the original message. The CPP Group accept no responsibility 
for any changes made to this message after it has been sent by the original author.