Security Basics mailing list archives
Re: Re: Cisco ASA interface security levels and the state table
From: swim_or_die () hotmail com
Date: 1 Jun 2009 22:12:21 -0000
L, thanks for your response. I had forgotten that in ASA version 7 or later, translation entries are not required by default, and are enabled by the nat-control command. So from a NAT perspective I think we are good. The backbone MPLS-switches all traffic on the client enterprise network. I was more concerned with the state table, but from a logical perspective, the flow should direct according to the tcp session source and destination, regardless of the security levels. I'm still trying to verify via documentation just to be sure... ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- Cisco ASA interface security levels and the state table swim_or_die (Jun 01)
- Re: Cisco ASA interface security levels and the state table Laurens Vets (Jun 01)
- Re: Cisco ASA interface security levels and the state table Soumen Paul (Jun 02)
- <Possible follow-ups>
- Re: Re: Cisco ASA interface security levels and the state table swim_or_die (Jun 02)
- Re: Cisco ASA interface security levels and the state table aaa (Jun 02)
- Re: Cisco ASA interface security levels and the state table Laurens Vets (Jun 01)