firewall-wizards@listserv.icsalabs.com
To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com
You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."
Today's Topics:
1. Re: Odd Cisco ASA question. . . (Craig Van Tassle)
2. I&AM Training (Mike LeBlanc)
----------------------------------------------------------------------
Message: 1
Date: Tue, 12 Jun 2007 15:09:59 -0500
From: Craig Van Tassle <craig@codestorm.org>
Subject: Re: [fw-wiz] Odd Cisco ASA question. . .
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <466EFD97.6060302@codestorm.org>
Content-Type: text/plain; charset=us-ascii
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The ASA can do that, but I've done it more with van's. It would be helpfully if you could give a bit more detail on your
layout and what exactly you are looking at. Also Logs could help quite a bit.
lordchariot@embarqmail.com wrote:
>>> Problem is, it appears a LOT of my filtering is over a single interface.
> Don't understand. What does this mean? Are you seeing inbound traffic going
> back out through the same interface?
> KS1500s could handle that with ease (although not recommended), don't know
> about the ASA.
>
> -----Original Message-----
> From: firewall-wizards-bounces@listserv.icsalabs.com
> [mailto:firewall-wizards-bounces@listserv.icsalabs.com] On Behalf Of Keith
> A. Glass
> Sent: Friday, June 08, 2007 6:10 PM
> To: firewall-wizards@listserv.icsalabs.com
> Subject: [fw-wiz] Odd Cisco ASA question. . .
>
> Here's my situation: I'm having to replace several old Cyberguard KS-1500s
> with new Cisco ASA 5500's. Problem is, it appears a LOT of my filtering is
> over a single interface.
>
> It doesn't help that we're on an entirely private network, and subnets have
> been added willy-nilly.
>
> And re-organizing the network is NOT a player.
>
> Suggestions ? Other than "Down, not across", that is. . . .
>
>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@listserv.icsalabs.com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@listserv.icsalabs.com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGbv2Wv8bO71D0xskRAsW2AKC67oZTJgyrn2sF+NO4wbwVDWqIZwCdFkyv
+lcgnM2XQbUzS66YMwERs88=
=0TGD
-----END PGP SIGNATURE-----
------------------------------
Message: 2
Date: Tue, 12 Jun 2007 12:08:03 -0400
From: "Mike LeBlanc" <mlinfosec@comcast.net>
Subject: [fw-wiz] I&AM Training
To: "Firewall Wizards Security Mailing List"
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <003101c7ad0b$db0fcdc0$321919ac@powerup64>
Content-Type: text/plain; charset="iso-8859-1"
Not sure if this is off topic or not, but I am trying to get an Identity
(and Access) Management
project off the ground and am looking for generic (non-vendor specific)
training to get staff members
up to speed on concepts and project structure.
An aside, I would also be interesting in hearing from those that have rolled
out such a project,
including vendor used (and why) and project lesson learned. I am given to
understand the
software is only a small part of the cost of the project, with the
consulting for "connector" work,
directory work, SSO, and role planning and implementation being where the
bulk of the work happens.
Another aside, is SSO a wise idea given the fact of keylogging, without
using some two-factor/biometric
method of authenication? If you rolled out SSO, what authentication did you
use? (I hope it was stronger
than just passwords).
Thnaks in advance for your response.
Mike LeBlanc
VP, Infosec
------------------------------
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
End of firewall-wizards Digest, Vol 14, Issue 7
***********************************************
No comments:
Post a Comment