Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2801
Views
0
Helpful
2
Replies

Stateful firewall vs reflexive ACL

rj
Level 1
Level 1

‎12-02-2003 08:04 AM - edited ‎02-20-2020 09:23 PM

Is there a substantial security difference between using reflexive ACLs for IP session filtering in IOS and the stateful firewall technology of the PIX?

Thanks,

RJ

Labels:
0 Helpful
2 Replies 2

jsivulka
Level 5
Level 5

‎12-08-2003 08:01 AM

Yes, From what I've read (in bits and pieces), Reflexive ACL's suffer from a number of performance issues. While routers with ACL's (or even better,a router with the firewall feature set) will protect your network to a great degree, I feel a firewall is a must if you are thinking about a strong, long-term security solution.

0 Helpful

rj
Level 1
Level 1
In response to jsivulka

‎12-08-2003 09:11 AM

Thanks for the post. While I know reflexive ACL's will be slower, I still think they are better protection than just regular ACLs. An example is that they will not allow connections started from the outside.

Thanks,

RJ

0 Helpful
Customers Also Viewed These Support Documents