Skip to content
Skip to main content

  • Home

rtbsoft's profile
rtbsoft
1st Reply
Expressive Exchange
1st Topic

New problem solver

 • 

20 Messages

Tuesday, November 25th, 2014 11:00 AM

Cisco Gateway Firewall Settings and Best Practice

Hi.

 

We have a single static IP address. We have no other firewall device aside from the Cisco.

 

My initial question is this: what is the meaning of "Disable Firewall for True Static IP Subnet Only"?

 

The "only" wording throws me for a bit of a loop. If we are not using another firewall device, should this be checked?

 

Question

 • 

Updated 

10 years ago

2.2K

5

0

0

rtbsoft

New problem solver

 • 

20 Messages

10 years ago

Hi there. Thank you for the reply. I think it sorta helps. 🙂  I am doing nothing with my static IP other than a single port-forward (via the gateway address). Should I deselect this option then? 

 

To ensure my local IP network is protected, which options should I choose? Is the firewall only relevant for the static IP subnet?

 

My apologies for my somewhat amateur questions..

0

0

VBSSP-RICH

Advocate

 • 

1.4K Messages

10 years ago

Hello rbtsoft and welcome,

 

Disable Firewall for True Static IP Subnet Only is a general FW setting in all Comcast Gateways, similar to Disable Smart Packet Detection. The only pertains to the StaticIP general devices. The actual Static IP devices can be directly controlled within the Advanced.Port Management facility where you can specifically set any individual static IP device using Block all Ports with the Exception to those Specified Below option selection. This is the most secure means to protect any specific Static IP device to make sure ONLY the ports you need open ,like for remote access for security cameras, you can securely control. You can also open ports on specific LAN DHCP devices using the standard Port Forward facility.

 

Hope this helps you out.

0

0

rtbsoft

New problem solver

 • 

20 Messages

10 years ago

Anyone?

0

0

Comcast_Jon

Administrator

 • 

1.5K Messages

10 years ago

Hello rtbsoft,

 

Welcome to the forum.

For network security Firewall's main job is to work as barrier to keep the network isolated from unwanted (i.e. destructive) elements. 

Regardless how a network is setup (static IP or dynamic); it is prudent to have it secured and having a firewall is part of that. 

As to your query; I would recommend contacting an IT to discuss what is best for your network security need.

This is because everyone's network is different.

 

 

Thank you

0

0

rtbsoft

New problem solver

 • 

20 Messages

10 years ago

Hi.

 

I understand the useage and purpose of firewalls; I was formerly using the Cisco ASA 5505. I am trying to understand this particular model to ensure that it meets our needs as I don't want to manage any additional device unnecessarily. It's a quite simplified interface and I just want to make sure I am using the best options.

 

The toggle box "Disable Firewall for True Static IP Subnet Only" is a confusing.  With it checked, I am assuming that the firewall is disabled for the Static IP subnet (like it states). The "only" phrase throws me a bit. If I deselect it, what does it mean?

 

1. Is the firewall completely disabled and we are just depending on NAT for a firewall?

2. Or, is the firewall enabled for my static IP subnet ("only")?

 

Are the other firewall settings for the static IP network, or my private subnet?

 

0

0