About johnkelley

johnkelley · 01-18-2012

We are solving this by having multiple nac managers and nac appliances. The NAC appliance line doesn't seem to have the granularity or flexibility to handle these use cases.Another thought would be to take this off the NAC appliance some how and do ...

johnkelley · 08-02-2004

There are subtle differences, to those who are very familiar with the PIX. Such as, the lower to higher security interfaces (ASA) model is configurable. You can turn it on or off, when it’s off any interfaces that doesn't have an ACL traffic is autom...

johnkelley · 08-02-2004

Operationally, I think you will find challenges in managing the policies depending on your size. Allowing connectivity between interfaces can be tricky even though they have disabled ASA for the most part. I think you should look into the possibili...

johnkelley · 08-02-2004

If you execute a show timeouts it will show you the default timers. The max time depends on your code level, the maximum for us is 18:00 h. We have seen very little impact from making this change. This is for both Xlates and Conn's. I am sure there...

Member Since	‎07-28-2004 11:58 AM
Date Last Visited	‎02-16-2021 04:04 AM
Posts	5

User Statistics

User Activity

Deployment of NAC Solution with NAC Guest Server

Re: Firewall Replacement IBM AIX to CISCO pix/FWSM

Re: Firewall Replacement IBM AIX to CISCO pix/FWSM

Re: FWSM Connection Timeouts