topic Hi karthik,thanks for your in Network Security

same-security-traffic Command

johnlloyd_13 — Tue, 12 Mar 2019 04:32:30 GMT

hi all,

i'm going to configure a new ASA 5525-X from scratch.

several clients will be connected and will be NAT'd on the ASA.

my question is, is it a 'best' practice to have different security levels for my clients or do i

set the same security level (i.e. 100) and configure (or not?) the same-security-traffic permit inter-interface command.

Hi John, I am gonna give you

nkarthikeyan — Sun, 27 Jul 2014 05:34:52 GMT

Hi John,

I am gonna give you the mixed response.... if you have the required ACL's in place, then security level what you define in interface will not have a major value to it.....

But it is good to define a different security levels for different interfaces in order to define a more secured and the less secured network of yours...

But anything you do will not make a major difference...

Regards

Karthik

Hi karthik,thanks for your

johnlloyd_13 — Mon, 28 Jul 2014 05:05:21 GMT

Hi karthik,

thanks for your response!

i realized that ACL matters as compared to the default security provided by the 'security-level' of each interface.