SECURING A NETWORK WITH ACL or FW

rcasta · Aug 23, 2003

Hello,

My boss asked me if buying a Firewall worth it. After all, our network is currently "protected" by access lists preventing unwanted traffic to cross our network.

Let's forget about how much CPU ACLs use up (a powerful Cisco 7200 is the edge router). What about if the only traffic allowed (since this VPN network has only one exit to the Internet) is voice traffic (H.323, allowing ports 1720 and the like).

Would it be secure?
What would be the caveats?
Would it be worth buying a Firewall box?

best regards,

themut · Aug 26, 2003

Hi,

Read the following link it explains the difference between packet filters (ACLs) proxys and stateful inspection (PIX firewall):

http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/tech/nat_wp.htm

If you do not want to invest in a firewall you may consider upgrading the IOS feature set on your router to IOS firewall (CBAC). Search Cisco's web site for CBAC and you will find plenty of information on this subject. Hope this helps.

rcasta · Aug 26, 2003

Thank you ! I will.

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

SECURING A NETWORK WITH ACL or FW

rcasta

Technical User

themut

Technical User

rcasta

Technical User

Similar threads

Part and Inventory Search

Sponsor