Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Basic Firewall questions

Posted on 2004-08-12
6
Medium Priority
?
220 Views
Last Modified: 2010-04-14
I would like to upgrade our firewall to one that would have the following abilities:
1. function as a VPN endpoint, so that incoming client connections (from non static IP addresses) can be accepted.  I would like to find a VPN appliance that can handle all of the encryption so that I don't have to use one of my windows 2000 servers for this task.  I need only about 5-10 VPN tunnels with only a few concurrent connections
2. Have an access control feature that I can block internet access by username or group.
3. Easy to configure and maintain.
4. Be somewhat affordable (we are a small business).
5. Support no more than 50 users.

Someone recommended the Cisco PIX 501.  Any thoughts?

Thanks for the input.

0
Comment
Question by:pdbernier
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 9

Assisted Solution

by:jdeclue
jdeclue earned 500 total points
ID: 11786599
The PIX might be a bit difficult with regards to configuration. I would reccomend you take a look at the Netscreen products. They offer VPN, nice web interface and good pricing. Many small and medium companies use these products.

http://www.nscreensales.com/products/ns5xp.html
0
 
LVL 11

Accepted Solution

by:
NetoMeter Screencasts earned 500 total points
ID: 11787313
Hi!
Cisco 501 seems really to be the best choice for you.
It covers all the requirements that you have, gives you the ability to connect remotely to that office by using the cisco VPN client besides in the future if you want to connect this office to other offices you can create a Site-to-Site VPN.

As for the configuration - I can post you a sample configuration which covers all your needs and which works fine for many of my clients. You do not have to be a genius in order to replace the sample IP addresses with the real one's and to put the correct subnet masks.


NetoMeter
<removed by CS>
0
 

Author Comment

by:pdbernier
ID: 11787844
From the mfg. web sites, it looks like one distict difference is the Netscreen unit has a web interface, where the Cisco does not.  Is that correct and if so, how do you configure the Cisco 501?
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 9

Expert Comment

by:jdeclue
ID: 11787881
I configure all types, and for corporate environments I mostly deal with Cisco, Symantec and CheckPoint. But, my own experience is that any Cisco product that must be maintained in-house requires Cisco IOS experience. You must be familiar with or learn the Cisco command line. If you do not, then you will be required to hire contractors to help in the event of problems or changes. If you go down the Cisco route, you should be prepared to learn alot. Know, that is not a bad thing, if you have the ability and time to do it, as Cisco IOS is a very valuable skill.

J
0
 

Author Comment

by:pdbernier
ID: 11787907
So how do you talk to the cisco 501?  Telnet? RS232?
Sorry for the dumb questions, but I'm relatively new to this (as you probably already figured out).
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11787935
telnet, rs232, either or. There web components as well.

J
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question