pdbernier
asked on
Basic Firewall questions
I would like to upgrade our firewall to one that would have the following abilities:
1. function as a VPN endpoint, so that incoming client connections (from non static IP addresses) can be accepted. I would like to find a VPN appliance that can handle all of the encryption so that I don't have to use one of my windows 2000 servers for this task. I need only about 5-10 VPN tunnels with only a few concurrent connections
2. Have an access control feature that I can block internet access by username or group.
3. Easy to configure and maintain.
4. Be somewhat affordable (we are a small business).
5. Support no more than 50 users.
Someone recommended the Cisco PIX 501. Any thoughts?
Thanks for the input.
1. function as a VPN endpoint, so that incoming client connections (from non static IP addresses) can be accepted. I would like to find a VPN appliance that can handle all of the encryption so that I don't have to use one of my windows 2000 servers for this task. I need only about 5-10 VPN tunnels with only a few concurrent connections
2. Have an access control feature that I can block internet access by username or group.
3. Easy to configure and maintain.
4. Be somewhat affordable (we are a small business).
5. Support no more than 50 users.
Someone recommended the Cisco PIX 501. Any thoughts?
Thanks for the input.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I configure all types, and for corporate environments I mostly deal with Cisco, Symantec and CheckPoint. But, my own experience is that any Cisco product that must be maintained in-house requires Cisco IOS experience. You must be familiar with or learn the Cisco command line. If you do not, then you will be required to hire contractors to help in the event of problems or changes. If you go down the Cisco route, you should be prepared to learn alot. Know, that is not a bad thing, if you have the ability and time to do it, as Cisco IOS is a very valuable skill.
J
J
ASKER
So how do you talk to the cisco 501? Telnet? RS232?
Sorry for the dumb questions, but I'm relatively new to this (as you probably already figured out).
Sorry for the dumb questions, but I'm relatively new to this (as you probably already figured out).
telnet, rs232, either or. There web components as well.
J
J
ASKER