07-23-2003 10:45 PM - edited 02-20-2020 09:22 PM
What is the main benefit of using IOS firewall (CBAC) over reflexive ACLs? Speed? Both are opening holes as they are needed and closing them afterwards.
Is it CBAC's application layer awareness?
Thx
07-24-2003 09:41 AM
Hi,
CBAC has the DOS protection unlike Reflexive ACL. Inrecept feature is built into CBAC.
I hope this helps.
Regards,
Mynul
07-28-2003 04:43 PM
Yes, CBAC has application awareness/inspection and reflexive ACLs don't. CBAC also has more features like traffic filtering, java blocking, alerts, audit trails, & intrusion detection. I believe IDS and stuff requires a 2600 or better. Use CBAC.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide