The products discussed in this chapter can and should be used to manage your network security policy successfully. Each one has advantages, but it s important to use the correct application for your environment.

The PIX Firewall Manager product is included if you purchase a Cisco PIX Firewall, and you should use it when you have a few PIX Firewalls to manage on your network. Make sure to check the requirements for the software installation on your target server and which PIX Firewall version is compatible with the PFM software. Always configure the inside and outside of your firewall with strong security and use the configured DMZ on a different port for access to your Internet services that need to be accessed from the outside network.

After you are confident that you have a strong protection policy for your network against the outside world, you have to ensure that your policy can protect your critical service and information from internal threats. Using the ACL Manager to configure specific access on your entire network will help to perform internal security. Because the Cisco ACL Manager is a plug-in for the Resource Management Essentials in CiscoWorks 2000, you will need to install both before you install the ACL Manager.

Finally, the Cisco Secure Policy Manager is used for larger networks using multiple Cisco products and is useful in defining the security policies for your enterprise network. It allows for the configuration of your PIX Firewalls and the ACLs on your network to...