Solved

Cisco Firewall/VPN recomendation

Posted on 2004-03-23
3
874 Views
Last Modified: 2013-11-16
Hi, my companies ISP manages all packets that are sent in/out of our network using a router and firewall which they have configured and manage themselves.

We have decided to manage all our packets ourselves, so that our ISP sends all packets to us and we decide what happens to them.

I have been looking at some cisco products.
What we are mainly concerned about is security and we need VPN.

1. Would a Cisco PIX Firewall do the job.
2. Do i need a router (Im pretty sure I do)
3. Can I configure VPN using the PIX firewall or do I configure this in a router only.
4. Are the Cisco Routers with built-in firewalls anygood eg CISCO1720-VPN-M/K9.

Any other suggestions that may be helpfull would greatly be appreciated.

Apologies for the amount of points for this question, it should have more. I have the max that I have left :)

Thanks in advance
0
Comment
Question by:anil_u
  • 2
3 Comments
 
LVL 18

Accepted Solution

by:
chicagoan earned 130 total points
ID: 10657897
>1. Would a Cisco PIX Firewall do the job.
Undoubtedly, although a log analysis tool would be a crucial component.

>2. Do i need a router (Im pretty sure I do)
I'm pretty sure you do, too.

>3. Can I configure VPN using the PIX firewall or do I configure this in a router only.
Yes, the PIX would be preferable asb a VPN endpoint for clients; a fix site-to-site via your router would be OK though.

>4. Are the Cisco Routers with built-in firewalls anygood eg CISCO1720-VPN-M/K9.
It's better than nothing, routers are good at packet filtering, firewalls are better at statefull inspection - a combination is optimal.
0
 
LVL 8

Author Comment

by:anil_u
ID: 10658015
hi chicagoan, thanks for your extremly quick responce :)

regarding question 4, I have seen the word stateful used when looking up these cisco product, what exactly does that mean?  configurable maybe
0
 
LVL 8

Author Comment

by:anil_u
ID: 10658230
Thanks found it on the net

Incase anyone else is interested

Stateful inspection firewalls determine whether packets can get through the firewall based on the protocol, port, and source and destination addresses. For every request that is allowed by the strategy, stateful inspection firewalls open up a limited time window to allow response packets, but ONLY from the same host. Also, by maintaining information about previous packets, stateful inspection firewalls can quickly verify that packets meet the criteria for authorized traffic. This makes them inherently fast.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Ensuring effective and secure communication in the age of healthcare BYOD.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question