In this guide, we will walk through steps for configuring your brand new pix at network edge.

This guide is written for user who has no knowledge of PIX firewall. As such, it is not a treatise on network security, but a quick, by-the numbers guide to configuring a PIX firewall with as little jargon as possible.

We are assuming that you have an internet connection with at least one static IP address. While PIX can easily handle a dynamic IP address (that is default configuration), you won’t be able to easily configure remote access, VPNs, Mail, or web servers without a static IP address.

Your PIX should have come with an AC adapter, a yellow CAT 5 cable, an orange CAT5 cable and a flat, (typically) baby blue cable with a 9-pin serial connector on one end and an RJ-45 plug on other.

The yellow CAT5 cable is a standard Ethernet cable and is used to connect your pc or server to 4-port Ethernet switch built into PIX.

The Orange CAT5 cable is a cross-over cable and may be required to connect outside interface of PIX to your ISP’s router (if your PC’s or workstations are plugged into a Cisco switch inside network, you will also require a cross-over cable for connecting to one of switch ports on PIX).

What we are going to use for our configuration is baby blue rollover cable. Insert serial jack into one of serial ports on back of PC or laptop you will be using to configure PIX. Then, insert RJ-45 plug into port on back of PIX labeled “console.”

Windows has a built in application that is used for (among other things) configuring serial devices. Using start menu, go to Start > Programs > Accessories > Communications > Hyper Terminal.

Choose Hyper Terminal application. You may get a dialog box asking if you’d like to make Hyper Terminal your default telnet application. Unless you have a preference, go ahead and choose yes.

Then you will be asked for area code from which you are dialing, although it isn’t applicable here, program still wants to know, so fill it in and click ‘next’ or ‘ok.’

You can call connection anything you’d like; in this example we’ll use PIX. Click ‘ok’ to move on.

Next, we’ll be asked to enter details for phone number we’d like to dial. Since we aren't dialing a phone number, use drop-down selector at bottom of box to choose COM1 or COM2 (whichever is applicable). If you have no idea which one is which, you may need to try it both ways.

Now, you will be expected to tell application some specifics about port settings so that it can effectively communicate with PIX.

Luckily, it isn’t too complex, just remember 9600, 8, none, and 1. Enter these settings into drop down selectors of box on your screen.

Now we are ready to set up PIX. Insert power cable and you will be greeted with startup monologue (it’s not a dialog in this case, it’s just informing you of what is occurring).

Then, you will be greeted with a screen that asks if you’d like to program PIX using interactive prompts. For purpose of this exercise, type no and click ‘enter’.

You will now get a prompt that looks like this: pixfirewall> Type word ‘enable’ (no quotes), when prompted for password, just click ‘enter’ as default is no password.

The prompt has changed to a hash mark: Pixfirewall# Type phrase ‘configure terminal’ (no quotes); you are telling PIX that you want to enter global configuration mode and you will be doing your configuration via terminal window.

Your prompt will now look like this: pixfirewall(config)#

The first thing we want to do is give your pix a host name. The PIX command syntax is: Variable name

Thus, to set hostname we will enter: pixfirewall(config)# hostname mypix

Now, domain name; it’s alright if you don’t have a domain set up on your network, you can call it whatever you like. However, give some thought to whether a domain might be a possibility at some point and plan your naming scheme appropriately. pixfirewall(config)# domain-name mydomain.com

The other side of data loss is psychological and emotional turmoil it can cause to IT managers and business owners. Despair, panic, and knowledge that whole organization might be at risk are involved. In a sense, that's only fair, since human error is one of two largest contributing factors in data loss. Together with mechanical failure, it accounts for almost 75 per cent of all incidents. (Software corruption, computer viruses and physical disasters such as fire and water damage make up rest.)

Disk drives today are typically reliable. Human beings, it turns out, are not. A Strategic Research Corp. study done in 2000 found that approximately 15 per cent of all unplanned downtime occurred due to human error. A significant proportion of that happened because users failed to implement adequate backup procedures, either having trouble with their backups, or having no backup at all.

How does it happen that skilled, high-level users put their systems - and their businesses - at such risk?

In many cases, problem starts long before precipitating system error is made, that is, when users place their faith in out-of-box solutions that may not, in fact, fit their organization's needs. Instead of assessing their business and technology requirements, then going to an appropriate engineered solution, even experienced IT professionals at large corporations will often simply buy what they're sold. In this case, faith in technology can be an vice instead of a virtue.

But human intervention itself can sometimes be straw that breaks technology's back. When office of a Venezuelan civil engineering firm was devastated by floods, its owners sent 17 soaked, mud-coated disks from three RAID arrays to us in plastic bags. A tough enough salvage job was made even more complex by fact that someone had frozen drives before shipping them. As disks thawed, yet more damage was done. (After eight weeks of painstaking directory-by-directory recovery, all data from remaining fifteen disks was retrieved.)

Sometimes, underlying cause of a data loss event is simply shoddy housekeeping. The more arduous required backup routine, less likely it will be done on a regular basis. A state ambulance monitoring system suffered a serious disk failure, only to discover that its automated backup hadn't run for fourteen months. A tape had jammed in drive, but no-one had noticed.

When disaster strikes, normal human reaction is panic. Because loss of data signifies critical consequences, even most competent IT staff can jump to conclusions, and take inappropriate action. A blank screen at a critical time can lead to a series of naive decisions, each one compounding preceding error. Wrong buttons get pushed, and disaster only gets worse. Sometimes pressure to correct system failure speedily can result in an attempt to reconfigure an entire RAID array. IT specialists are typically not equipped to deal with crisis modes or data recovery techniques. Just as a good physician is trained to prolong life, skilled IT specialist is trained to keep system running. When a patient dies, physician turns to others, such as nurses or counselors to manage situation. When significant data loss occurs, IT specialist turns to data recovery professional.