Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
736
Views
0
Helpful
1
Replies

Traditional ACL vs Zone Based FW

BHPCI_2
Level 1
Level 1

‎09-29-2011 11:47 AM

I have a 3845 ISR that I have been managing for a couple years that has a traditional ACL based config.  We just purchased a new 3845 for redundancy and it arrived with the zone based config from Cisco.  Any opinions on whether I should take the existing router to a zone based config or should I configure the new router with traditional ACL config that I am more comforatable with? 

Labels:
0 Helpful
1 Reply 1

ccube
Level 1
Level 1

‎10-01-2011 12:54 AM

If there was the option to use a Zone based FW or just straight access lists then surely the Zone based FW would be considered a better option as it has more features than just permit or deny. The Zoned based FW will also inspect traffic and block any traffic with malicous code for example. I am not an expert in this arena, but based on Security exam topics and other publications, the FW approach seems to be gaining traction versus managing ACLs alone. Although, ACLs will always have their place in the network...

The choice is based on your comfort level, but both are viable options...

BR,

Cary

Sent from Cisco Technical Support iPad App

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents