doe Pix 501 scan application layer re osi model?

Discussion in 'Cisco' started by Kerry, Jan 19, 2004.

  1. Kerry

    Kerry Guest

    greetings. just bought 2 pix 501s for playing...

    A friend told me that the pix doesn't do application layer scanning like
    checkpoint or raptor.

    is this true? How do I verify?

    thanks, Kerry

    --
    please remove x0x0 when replying
    thanks
    Kerry, Jan 19, 2004
    #1
    1. Advertising

  2. In article <yNXOb.86659$5V2.118938@attbi_s53>,
    Kerry <> wrote:
    :greetings. just bought 2 pix 501s for playing...

    :A friend told me that the pix doesn't do application layer scanning like
    :checkpoint or raptor.

    :is this true? How do I verify?

    The PIX doesn't do virus checking, if that's what you mean; it also
    does not provide user-programmable checking.

    For information on the kind of application-level checking that the PIX
    does do, see the Command Reference description of the 'fixup' command.
    --
    "Mathematics? I speak it like a native." -- Spike Milligan
    Walter Roberson, Jan 19, 2004
    #2
    1. Advertising

  3. Kerry

    Jason Kau Guest

    Walter Roberson <-cnrc.gc.ca> wrote:
    > In article <yNXOb.86659$5V2.118938@attbi_s53>,
    > Kerry <> wrote:
    > :greetings. just bought 2 pix 501s for playing...
    >
    > :A friend told me that the pix doesn't do application layer scanning like
    > :checkpoint or raptor.
    >
    > :is this true? How do I verify?
    >
    > The PIX doesn't do virus checking, if that's what you mean; it also
    > does not provide user-programmable checking.
    >
    > For information on the kind of application-level checking that the PIX
    > does do, see the Command Reference description of the 'fixup' command.


    I believe the original poster is talking about "deep packet inspection" or
    "application inspection" which means doing things similar to what the PIX
    "fixup" and "ip audit" (IDS) commands currently offer, but doing a lot more
    stuff along those lines. In other words, trying to do as much
    application-level inspection/checking/mangling as a application-proxy
    firewall (e.g. Raptor or Sidewinder/Gauntlet) without actually having to
    intercept the connection and incurring the associated performance hit.

    CheckPoint's application inspection (SmartDefense + some stuff specified in
    the security rule base) is considerably more feature rich than the PIX's
    "fixup" and "ip audit" commands.

    For a list of stuff CheckPoint firewalls can block check out:

    http://www.checkpoint.com/appint/appint_application_layer.html

    SmartDefense also supports automatic signature updates. However, I don't
    believe CheckPoint supports the creation of customized signatures like you
    can do with say a NetScreen IDP appliance or IOS NBAR.

    --
    Jason Kau
    http://www.cnd.gatech.edu/~jkau
    Jason Kau, Jan 20, 2004
    #3
  4. Kerry

    Kerry Guest

    thanks for the info...sounds like the Pix does some app scanning but not as
    deep as others...

    I'll start another post on a question of Pix firewalls versus others as in
    preference

    thanks again, Kerry

    --
    please remove x0x0 when replying
    thanks
    "Jason Kau" <> wrote in message
    news:buipt4$h21$...
    > Walter Roberson <-cnrc.gc.ca> wrote:
    > > In article <yNXOb.86659$5V2.118938@attbi_s53>,
    > > Kerry <> wrote:
    > > :greetings. just bought 2 pix 501s for playing...
    > >
    > > :A friend told me that the pix doesn't do application layer scanning

    like
    > > :checkpoint or raptor.
    > >
    > > :is this true? How do I verify?
    > >
    > > The PIX doesn't do virus checking, if that's what you mean; it also
    > > does not provide user-programmable checking.
    > >
    > > For information on the kind of application-level checking that the PIX
    > > does do, see the Command Reference description of the 'fixup' command.

    >
    > I believe the original poster is talking about "deep packet inspection" or
    > "application inspection" which means doing things similar to what the PIX
    > "fixup" and "ip audit" (IDS) commands currently offer, but doing a lot

    more
    > stuff along those lines. In other words, trying to do as much
    > application-level inspection/checking/mangling as a application-proxy
    > firewall (e.g. Raptor or Sidewinder/Gauntlet) without actually having to
    > intercept the connection and incurring the associated performance hit.
    >
    > CheckPoint's application inspection (SmartDefense + some stuff specified

    in
    > the security rule base) is considerably more feature rich than the PIX's
    > "fixup" and "ip audit" commands.
    >
    > For a list of stuff CheckPoint firewalls can block check out:
    >
    > http://www.checkpoint.com/appint/appint_application_layer.html
    >
    > SmartDefense also supports automatic signature updates. However, I don't
    > believe CheckPoint supports the creation of customized signatures like you
    > can do with say a NetScreen IDP appliance or IOS NBAR.
    >
    > --
    > Jason Kau
    > http://www.cnd.gatech.edu/~jkau
    Kerry, Jan 20, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Raimond Alpers

    OSI-Model

    Raimond Alpers, Dec 17, 2003, in forum: Cisco
    Replies:
    5
    Views:
    966
    Kirk Goins
    Dec 19, 2003
  2. Joe Plowman

    OSI model and SSH, TCP, etc

    Joe Plowman, Jan 13, 2005, in forum: Computer Security
    Replies:
    8
    Views:
    9,728
    Anne & Lynn Wheeler
    Jan 17, 2005
  3. OSI model question

    , Mar 21, 2006, in forum: Computer Support
    Replies:
    3
    Views:
    383
  4. AlejandroArias

    Model OSI

    AlejandroArias, Aug 28, 2007, in forum: Computer Security
    Replies:
    1
    Views:
    529
    Todd H.
    Aug 28, 2007
  5. J. Q. Etuo,  MSCE 2003,  A+ 2003

    DoD model Vs OSI

    J. Q. Etuo, MSCE 2003, A+ 2003, May 19, 2004, in forum: A+ Certification
    Replies:
    1
    Views:
    1,847
    Chris E
    May 20, 2004
Loading...

Share This Page