Options
Object oriented or not
At work we have just upgraded our ASA from 8.0 to 9.1 via change of hardware, which involved migrating the existing configuration.
The question that has come up is whether or not we are to create all access-list with objects or to use just host statements. I have already been outvoted in this ( I wanted to go object for everything ).
But with the old configuration all using hosts statements I agreed that conversion would be difficult for the current access-lists.
I just wanted to throw it out there and ask whether or not it is "Best practise" to have everything referenced in objects or not?
The question that has come up is whether or not we are to create all access-list with objects or to use just host statements. I have already been outvoted in this ( I wanted to go object for everything ).
But with the old configuration all using hosts statements I agreed that conversion would be difficult for the current access-lists.
I just wanted to throw it out there and ask whether or not it is "Best practise" to have everything referenced in objects or not?
Comments
-
OptionsSteveO86 Member Posts: 1,423Depends on the deployment but I usually lean in the way of objects, since the objects can be re-used in other ACLs if need be. Just means less work in the end.My Networking blog
Latest blog post: Let's review EIGRP Named Mode
Currently Studying: CCNP: Wireless - IUWMS