Cisco Firewall/VPN recomendation

Posted on 2004-03-23
Last Modified: 2013-11-16
Hi, my companies ISP manages all packets that are sent in/out of our network using a router and firewall which they have configured and manage themselves.

We have decided to manage all our packets ourselves, so that our ISP sends all packets to us and we decide what happens to them.

I have been looking at some cisco products.
What we are mainly concerned about is security and we need VPN.

1. Would a Cisco PIX Firewall do the job.
2. Do i need a router (Im pretty sure I do)
3. Can I configure VPN using the PIX firewall or do I configure this in a router only.
4. Are the Cisco Routers with built-in firewalls anygood eg CISCO1720-VPN-M/K9.

Any other suggestions that may be helpfull would greatly be appreciated.

Apologies for the amount of points for this question, it should have more. I have the max that I have left :)

Thanks in advance
Question by:anil_u
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 18

Accepted Solution

chicagoan earned 130 total points
ID: 10657897
>1. Would a Cisco PIX Firewall do the job.
Undoubtedly, although a log analysis tool would be a crucial component.

>2. Do i need a router (Im pretty sure I do)
I'm pretty sure you do, too.

>3. Can I configure VPN using the PIX firewall or do I configure this in a router only.
Yes, the PIX would be preferable asb a VPN endpoint for clients; a fix site-to-site via your router would be OK though.

>4. Are the Cisco Routers with built-in firewalls anygood eg CISCO1720-VPN-M/K9.
It's better than nothing, routers are good at packet filtering, firewalls are better at statefull inspection - a combination is optimal.

Author Comment

ID: 10658015
hi chicagoan, thanks for your extremly quick responce :)

regarding question 4, I have seen the word stateful used when looking up these cisco product, what exactly does that mean?  configurable maybe

Author Comment

ID: 10658230
Thanks found it on the net

Incase anyone else is interested

Stateful inspection firewalls determine whether packets can get through the firewall based on the protocol, port, and source and destination addresses. For every request that is allowed by the strategy, stateful inspection firewalls open up a limited time window to allow response packets, but ONLY from the same host. Also, by maintaining information about previous packets, stateful inspection firewalls can quickly verify that packets meet the criteria for authorized traffic. This makes them inherently fast.

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Application of a group policy 11 72
IT pictures and movies to alert the staff 11 68
Antivirus software for Exchange Mail servers 13 80
Windows 10 14 38
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
A hard and fast method for reducing Active Directory Administrators members.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question