Results 1 to 6 of 6
  1. #1
    Join Date
    May 2006
    Posts
    249

    Regarding CISCO PIX...

    Hello,

    I am kind of confused about CISCO PIX..

    I am trying to purchase

    http://www.newegg.com/Product/Produc...82E16833120315

    Whatelse it can do expect open and close ports and VPN? what kind of firewall features does it have? does it provide any DOS/DDOS protection?

    also it said "Intrusion prevention".. so what kind of?

    anyone can help me if you have any idea on this?

    thanks

  2. #2
    Join Date
    Apr 2004
    Location
    SF Bay Area
    Posts
    877
    Quote Originally Posted by LowAsYou
    Whatelse it can do expect open and close ports and VPN? what kind of firewall features does it have? does it provide any DOS/DDOS protection?

    also it said "Intrusion prevention".. so what kind of?
    A PIX can do a lot of stuff.

    Why don't you read the PIX spec sheet ?

    http://www.cisco.com/en/US/products/...d80225ae1.html

  3. #3
    Join Date
    Nov 2005
    Location
    Minneapolis, MN
    Posts
    1,648
    Quote Originally Posted by LowAsYou
    Whatelse it can do expect open and close ports and VPN? what kind of firewall features does it have? does it provide any DOS/DDOS protection?
    The PIX 506 only has 10/100 ports, so it's really only going to be good for protecting small DoS attempts that wouldn't overwhelm your server anyway. Generally it should have some type of content based access controls, so it should be able to dynamically open ports as required for FTP and similar protocols. Otherwise it's just going to do what firewalls do best: block or allow traffic and log the connection for either case.
    Quote Originally Posted by LowAsYou
    also it said "Intrusion prevention".. so what kind of?
    Generally intrusion prevention just covers basic signatures and blocking IPs that initiate port scans or brute force port connections. It should pretty much cover the same things BFD would do running on a Linux box.
    Eric Spaeth
    Enterprise Network Engineer :: Hosting Hobbyist :: Master of Procrastination
    "The really cool thing about facts is they remain true regardless of who states them."

  4. #4
    Join Date
    Jul 2006
    Location
    San Diego, CA, USA
    Posts
    690
    Do you recommand PIX 506 to use under shared hosting server? or is there better one? any recommanded PIX for shared hosting servers?

    thanks

  5. #5
    Join Date
    Apr 2003
    Location
    NC
    Posts
    3,080
    For most setups is it overkill however there is no problem with using one if you would like it. It can help eliminate some of the load on the servers. If you only have a few users with ssh access you can also place ssh behind the VPN which will stop all of the brute force attacks very quickly and will also help reduce the load.

    Note that things like BFD and any other similar script that bans users after guessing a password will not ban them in the PIX firewall, only in a local firewall which you would still need to be running if you wanted that functionality.

    As others have said it can help some in a DDOS but at only 100Mbps many, not all types, of DDos can be stopped by the server itself. It is not going to be able to mitigate a DDoS as well as some of the systems a large datacenter has so do not think it is the solution to all DDoS issues.
    John W, CISSP, C|EH
    MS Information Security and Assurance
    ITEagleEye.com - Server Administration and Security
    Yawig.com - Managed VPS and Dedicated Servers with VIP Service

  6. #6
    Join Date
    Mar 2005
    Location
    Sri Lanka\Colombo
    Posts
    357
    if your going to use Cisco PIX go with some thing like 515E if you have a 100Mbps pot or many servers, also think about a setup like

    Pix ---> iptables (apt) ---> snort ---> snortsam with pix module

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •