[geeks] Firewall recommendation?
Mike Meredith
very at zonky.org
Tue Dec 6 15:30:23 CST 2005
On Tue, 06 Dec 2005 16:23:27 -0500, Sridhar Ayengar wrote:
> I'm not sure what you mean by "low maintenance", but I've found that
> the firewall functionality in recent Cisco IOS is pretty nice. It's
> not quite at the same level as PIX, but I've found it satisfactory so
> far.
The more I learn about Cisco, the less impressed I get. Ignoring their
academic support which is abysmal, you can come across some more serious
issues. Latest I've discovered is that Cisco switches sometimes seem to
misdirect (actually it gets delivered to multiple places) unicast
traffic on a VLAN.
And for amusement, ask someone from Cisco about stateful inspection of
ICMP applications. At least the people we've asked can't understand the
question.
More information about the geeks
mailing list