A Smoothwall Product.
At some point our internet is being upgraded from 10Mb to 100Mb.
Our PIX only supports 10Mb it's at least 6 years old.
So I need a replacement.
I do not know how to configure the current PIX at all so if I need changes I have to get an outside company to help.
This used to be the case with all our switches but the move to HP Procurve enabled me to be able to set them up myself (due to the nice litte text menu).
So I'm looking for something I can configure or at least make changes to myself.
A Smoothwall Product.
Have you changed your name Tom?
I already have ISA. I'm wanting a hardware solution.
I'm thinking either:
I feel eventually there will be more than two people wanting VPN access so SIMS, pretty much the only reason I'm looking at the first option there.
Smoothwall do appliances as well and any smoothwall product is a hardware firewall.
@mrforgetful: Seems like a lot of money for something that ISA will comfortably do for you already.
Does seem a little overkill - the first one is pretty though
I'm not sure I trust ISA to be my sole Firewall solution to be honest!
Plus there's alots of stuff already set up that I don't want to break by having to reconfigure everything so would so I'd rather get something I can set up (which I can both of those above) and then swap over quickly.
As for Cisco vs Smoothwall...which will look better on my CV?
Would definitely recommend the ASA 5510 if you were buying a new cisco firewall. Although the PIX is still available, the ASA uses the same OS as the current PIX family for it's firewall functinality (PIX OS 7) which has among other improvements tab completion to make it more similar to cisco's IOS.Originally Posted by mrforgetful
What the ASA has is an advantage as a multi-function security appliance. Capable of IPS, anti-spyware or VPN acceleration with additional hardware modules.
With PIX OS version 8 the PIX and ASA will no longer share the same OS base. So the ASA will be going in a different direction, and is the product Cisco would rather sell you.
But at the moment you're comment about not knowing the current PIX hardware/OS (e.g 515E and PIX OS 7) doesn't make much sense as you'd have pretty much identical learning curve issues with the ASA aswell as it uses the same firewall OS. Although how you configure SSL VPN functionality is different to the PIX and and the ASA adds seperate IPS and Spyware functions as i've mentioned.
You could always configure the ASA via the gui (security device manager) but what would be the fun in that ?
Plus, selfish as it sounds, Cisco PIX/ASA on your CV is infinitely more valuable than 'smoothwall' or even ISA if you're looking at purely security for mid-sized or large orgs.
All mid-sized companies will use a hardware fw solution - either checkpoint or Cisco (most of the time a combination of both in diffent parts of the org).
ISA is perfectly good in a proxy farm for a mid-sized org but checkpoint or cisco prevail for permiter security.
Hmmm I'm likeing the School Guardian now I've read a bit more about it lol.
I like the filtering and obscene picture stuff especially. The trouble is we currently have filtering through our LEA but it's pretty crap so I would like to bring it in house more.
How much is the SchoolGuardian and is it better to have then one of the Corporate things?
You would have talk to smoothwall for a price depends on how many licences you want etc. I am currently trialing corporate guardian as we didnt really need a firewall.
School guardian incorporates a firewall, corporate guardian is a single nic proxy/filter solution.
Corporate firewall is a multi nic firewall appliance.
ISA is also available as an appliance so that could be something to look into as well. As for not trusting the isa as firewall, then you fallen prey to the usuall mumbo jumbo that HW firewall admins usually mutters out.
But you can't deny it's always good practise to have more than one thing to hack, and even better if they're different manufacturers.
Checkpoint stuff seems to be the most popular with corporate places that are upgrading at the moment. http://www.checkpoint.com/ never used it before but it does look comprehensive.
There are currently 1 users browsing this thread. (0 members and 1 guests)