hello Airheads,
we have a customer with a 7005 controller used solely for terminating IPSEC tunnels from Instant clusters and traffic goes out onto the internet via local router no problem there. However there are no licences on controller. Now the customer is asking what would be required to make the controller behave as a firewall in order to stop internet sourced traffic getting onto network. So i'm thinking PEF licences and VLAN based ACL's to achieve this. Any comments on this as an idea?