topic Hi Mike, Security-level will in Network Security https://community.cisco.com/t5/network-security/fw-best-practices/m-p/2527260#M235215 <P>Hi Mike,</P><P>&nbsp;</P><P>Security-level will not play a crucial role, when you have other filtering mechanisms in place..... if you have ACL allowed for certain access in the respective interfaces.... asa will allow by looking at the acl,nat, inspection..... So security-level is not a big challenge.... more over inside interface requires more sec-level than anything...... that is for protecting the outside hackers to get in to internal system.....</P><P>&nbsp;</P><P>But that makes nothing when you have other security configurations in place to filter for permit/deny access.....</P><P>&nbsp;</P><P>Regards</P><P>Karthik</P> Fri, 29 Aug 2014 06:36:50 GMT nkarthikeyan 2014-08-29T06:36:50Z FW Best Practices https://community.cisco.com/t5/network-security/fw-best-practices/m-p/2527259#M235214 <P>This&nbsp;question is about best practices regarding firewalling personal identifiable information such as health records (please see attached image). This scenario assumes the use of Cisco ASA 5500 firewalls.</P><P>If the majority of cyber attacks happen from within an organization is it more important to give the "internal" interface a higher security&nbsp;level (higher level of trust)&nbsp;than the DMZ interface that connects to customer information or should the internal interface have a lower security level? I have included a visual depiction of this scenario in my attached document. I would like to know what others are doing to firewall critical information. Would an organization be remiss in not assigning the data servers the highest level of security while assuming that the internal network should be the most secure? Any insight into this question would be appreciated. Thanks!</P> Tue, 12 Mar 2019 04:41:29 GMT https://community.cisco.com/t5/network-security/fw-best-practices/m-p/2527259#M235214 Mike Keenan 2019-03-12T04:41:29Z Hi Mike, Security-level will https://community.cisco.com/t5/network-security/fw-best-practices/m-p/2527260#M235215 <P>Hi Mike,</P><P>&nbsp;</P><P>Security-level will not play a crucial role, when you have other filtering mechanisms in place..... if you have ACL allowed for certain access in the respective interfaces.... asa will allow by looking at the acl,nat, inspection..... So security-level is not a big challenge.... more over inside interface requires more sec-level than anything...... that is for protecting the outside hackers to get in to internal system.....</P><P>&nbsp;</P><P>But that makes nothing when you have other security configurations in place to filter for permit/deny access.....</P><P>&nbsp;</P><P>Regards</P><P>Karthik</P> Fri, 29 Aug 2014 06:36:50 GMT https://community.cisco.com/t5/network-security/fw-best-practices/m-p/2527260#M235215 nkarthikeyan 2014-08-29T06:36:50Z