Solved

Cisco Firewall/VPN recomendation

Posted on 2004-03-23
3
877 Views
Last Modified: 2013-11-16
Hi, my companies ISP manages all packets that are sent in/out of our network using a router and firewall which they have configured and manage themselves.

We have decided to manage all our packets ourselves, so that our ISP sends all packets to us and we decide what happens to them.

I have been looking at some cisco products.
What we are mainly concerned about is security and we need VPN.

1. Would a Cisco PIX Firewall do the job.
2. Do i need a router (Im pretty sure I do)
3. Can I configure VPN using the PIX firewall or do I configure this in a router only.
4. Are the Cisco Routers with built-in firewalls anygood eg CISCO1720-VPN-M/K9.

Any other suggestions that may be helpfull would greatly be appreciated.

Apologies for the amount of points for this question, it should have more. I have the max that I have left :)

Thanks in advance
0
Comment
Question by:anil_u
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 18

Accepted Solution

by:
chicagoan earned 130 total points
ID: 10657897
>1. Would a Cisco PIX Firewall do the job.
Undoubtedly, although a log analysis tool would be a crucial component.

>2. Do i need a router (Im pretty sure I do)
I'm pretty sure you do, too.

>3. Can I configure VPN using the PIX firewall or do I configure this in a router only.
Yes, the PIX would be preferable asb a VPN endpoint for clients; a fix site-to-site via your router would be OK though.

>4. Are the Cisco Routers with built-in firewalls anygood eg CISCO1720-VPN-M/K9.
It's better than nothing, routers are good at packet filtering, firewalls are better at statefull inspection - a combination is optimal.
0
 
LVL 8

Author Comment

by:anil_u
ID: 10658015
hi chicagoan, thanks for your extremly quick responce :)

regarding question 4, I have seen the word stateful used when looking up these cisco product, what exactly does that mean?  configurable maybe
0
 
LVL 8

Author Comment

by:anil_u
ID: 10658230
Thanks found it on the net

Incase anyone else is interested

Stateful inspection firewalls determine whether packets can get through the firewall based on the protocol, port, and source and destination addresses. For every request that is allowed by the strategy, stateful inspection firewalls open up a limited time window to allow response packets, but ONLY from the same host. Also, by maintaining information about previous packets, stateful inspection firewalls can quickly verify that packets meet the criteria for authorized traffic. This makes them inherently fast.
0

Featured Post

Enroll in July's Course of the Month

July's Course of the Month is now available! Enroll to learn HTML5 and prepare for certification. It's free for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question