<div>
I guess my question is, is it typical to create FW rules for /30 links or is it not necessary since the source IP will be from /24 subnet? &nbsp;Has anyone experienced issues where there weren't rules in place for their PER/CER subnet?
</div>


I guess my question is, is it typical to create FW rules for /30 links or is it not necessary since the source IP will be from /24 subnet?  Has anyone experienced issues where there weren't rules in place for their PER/CER subnet?

<div>
how about is there any scenario anyone can think of that needs the per/cer p2p /30 &nbsp;through a firewall?
</div>


how about is there any scenario anyone can think of that needs the per/cer p2p /30  through a firewall?

<div>
<div class="content wysiwyg-content">
We use FireMON(pretty much a firewall policy ticket application) where I work. &nbsp;<br />
<br />
Remote site network: 10.0.1.0/24<br />
PER/CER: 172.16.1.0/30<br />
<br />
If I've submitted a ticket to allow 10.0.1.0/24, but didn't for 172.16.1.0/30, am I going to have FW issues? &nbsp;Let's say the /24 covers everything I need at this remote site (workstations, core-router /30, L0), its just 172.16.1.0/30 that doesn't have routes/rules.<br />
<br />
We use checkpoint.
</div>
</div>


We use FireMON(pretty much a firewall policy ticket application) where I work.  

Remote site network: 10.0.1.0/24
PER/CER: 172.16.1.0/30

If I've submitted a ticket to allow 10.0.1.0/24, but didn't for 172.16.1.0/30, am I going to have FW issues?  Let's say the /24 covers everything I need at this remote site (workstations, core-router /30, L0), its just 172.16.1.0/30 that doesn't have routes/rules.

We use checkpoint.

Firewall question

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

Routers

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.