Pix Firewall Security Level

What is the Pix firewall Security Levels every interface of the Pix firewall have different security level for his some specific reason. Pix firewall has the rule that any low security level can not enter in high security level therefore it can be configurable for demand of network and but it is recommended that always set high security inside of network.

Application stops convenience from the un-trusted system to the effective system. A system of the application may fit in with the un-trusted or the effective. The system that is supposed to be to the effective system is often called the inside network and the un-trusted one is the outside network. Security-levels from 0-100 indicate the stage of trust for a system. The rule in security-level is that an improved protection stage can have convenience a reduced protection stage; the reduced protection stage doesn’t have convenience an improved protection stage and is clogged by standard.

What is Security Level of interfaces?

Ethernet0 Security Level

It is also called outside of the Pix firewall by default it Security level is 0 Now what is the reason to set 0 SL (security level) because we know this site network are the un-trusted anyone can be attack on trusted network therefore it SL 0 to avoid to enter in trusted network or attack on our private network

Ethernet1 Security Level

It is also called inside by default in Pix firewall it Security level is 100 because avoid to attack outside network on our trusted or inside network therefore set 100 SL of inside network.

Ethernet2 and other Security Levels

Other interface of the Pix firewall security level by default not set it can be change it only then change when need to add other side with this firewall these are can be call DMZ1 DMZ2 and depend on the interface capacity of firewall

 Network Security Threads

Network security is the most important factor in market, how to safe our Network from the internal and external hacker because it have most important database which can be loose by any little mistake.

There are four big Network Security Thread which might be create big problem in future by any small mistakes

1) UN-Structured Threads

This thread is the un-plain which might be comes anywhere which is not discuses during make plain to establish the Network it can be accidentally which become create lot of problem because it can’t handle suddenly therefore, always pre-plain all basic and little and so little matters in your conversation or meeting and also pre-plain an emergency solution like that ambulance.

2) Structured Threads  

These threads can be legal or in-legal because occurs between of the competitive companies or in country to countries which may destroyed or hacks all Networks it mostly attach on main Database Servers to achieve Privacy document and most important file which can be company progress database

It can be legal some country or companies higher brilliants and skilled person which called hacker and hack against or competitive companies also may be other countries database. So always ready for any this type attack and have power to face these UN-structured threads

3) External Threads

            This type of attack also may lose database these attack done only those black hat hackers which don’t like see growth of company it always attack on the company personal database.

It can be DOS (deny of services) attack when a hacker attack on database server by using of DOS attack software (port fuck) It attack on server public IP address and which can be server stack or deny all the running time services.

So always see around and face these attacks by carefully secure server database which is too much important for your company growth and also your job that can maintain your jobs.

4) Internal Threads

            The most dangers attack which may create big problem for all company because it attack always done between of the company and company servants which some issues which create problem for anyone person or servant which can be upset only his one person and also his job which have already so much worries in domestic or other commercial as well as economically then he become ready to done this job for some other company to get handsome income to release his all worries.

This work only company servant because it have all database username and password which he can be implement on database. So always love company servants and exchange his worries between them which can be may increase his reliable with you.

Introduction

The PIX is a hard wear equipment according to a solidified, specifically built os, PIX OS, reducing possible OS-specific protection slots. The PIX has obtained ICSA Firewall program and IPsec documentation as well as Common Requirements EAL4 assessment position.

It can be avail in market soft wear type but that not good and secure method to protection of Network from un-trusted Networks.

Pix firewall has by default two Ethernet interface which by default named ethernet0 and ethernet1.

Ethernet0 è Outside it also called Public Network or un-trusted Network

Its SL (security level) by default 0

Ethernet1 è Inside it also called Private Network or trusted Network and its SL is 100

Usage Properties

PIX fire walls provide a variety of protection and marketing alternatives including:

• System Deal with Interpretation (NAT) or Slot Deal with Interpretation (PAT)
• content filtration (Java/ActiveX)
• URL filtering
• IPsec VPN
• assistance for major X.509 PKI solutions
• DHCP client and server
• PPPoE support
• innovative protection alternatives for multimedia system programs and methods such as Speech over IP (VoIP), H.323, SIP, Thin and Ms NetMeeting
• AAA (RADIUS/TACACS+) integration

PIX can be graphically handled using the incorporated Web-based control program known as the PIX Program Administrator (PDM) or by the Protected Policy Administrator 2.3f and 3.0f (not to be puzzled with CSPM 2.3.3i which is for attack recognition system management).  The PDM is a PIX-specific device setting and control tool whereas CSPM is generally used as part of a larger protection control facilities and allows one to link business protection guidelines with a PIX settings. Management connections include command-line program (CLI), telnet, Protected Spend (SSH 1.5), gaming system port and SNMP.

Here some Models of Pix