Firewall Wizards mailing list archives

PIX software release 5.2

From: shewitt () cdw com
Date: Mon, 18 Sep 2000 10:54:53 -0500

I'm planning on upgrading to 5.2(1) of the PIX software on my dual 520's.
I'm currently running 5.1.2 with no noticable problems.  I'm specifically
interested in the new functionality in regards to WebSense.

According to the release notes
(http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/pixrn521.
htm)
the url-server command now supports protocol version 4, which allows
username lookups and UDP traffic with the WebSense server instead of TCP.  
TCP is a pain, because for every lookup, it uses a unique TCP session.  This
creates tons of overhead because of the extra 7 packets (3 for handshake, 4
for close).  It would be fine if the TCP session stayed open, but it doesn't
seem to be doing that according to my traces.

Anybody have any good / bad experiences with PIX 5.2(1)?


-------------------------------
Scott Hewitt

_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards

Current thread:

PIX software release 5.2 shewitt (Sep 18)
- Re: PIX software release 5.2 Carson Gaspar (Sep 19)
  - Re: PIX software release 5.2 Jian Zhen (Sep 20)
  - OpenSSH question / Re: PIX software release 5.2 John Adams (Sep 20)
- <Possible follow-ups>
- Re: PIX software release 5.2 Daniel Linder (Sep 20)
- PIX software release 5.2 Christopher J. Wargaski (Sep 22)