Solved

Installing a new ethernet card for dmz

Posted on 2006-11-13
3
200 Views
Last Modified: 2010-04-09
what is the security setting i should use? 0-100?
0
Comment
Question by:jaysonfranklin
  • 2
3 Comments
 
LVL 3

Expert Comment

by:bugsaif
ID: 17931187
Outside = 0
DMZ = 50 (actually any value between 1 and 99 will do... 50 give you room to play :)
Inside = 100

Saif
0
 
LVL 1

Author Comment

by:jaysonfranklin
ID: 17931809
I probably should have put this in the initial question so i apoligize. What does this number 0-100 represent? I want the dmz to be as secure as possible, only a few people will actually be accessing the box in the dmz by way of vpn. So if i put it at 50, what does it mean that i have room to play?
0
 
LVL 3

Accepted Solution

by:
bugsaif earned 125 total points
ID: 17932863
the number 0-100 represents the trust-worthiness of the interface... 0 being least trusted and 100 being most trusted. These security levels are used by the PIX's ASA to determin what traffic can go where.

Read up here... these will explain it much better than I can...

http://www.examcram2.com/articles/article.asp?p=101741&seqNum=5&rl=1
http://www.enterastream.com/whitepapers/cisco/pix/pix-practical-guide.html

Saif
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now