I am considering watchguard x1000 or an equivalent Netscreen for a datacenter environment. Number of VPN connections is not that important however banwidth and thruput are most important. I will have around 6-8 web/app servers in DMZ ( combinations of redhat, solaris, w2k ). I have had bad experiences with sonicwall and will stay away from them. Iam also open to cisco pix but don't have much experience with cisco except lower end router configuration. I need to be able to support 800-1000 connections simultaneously among the webservers. The outbound is 1MBPS dedicated circuit ( I will get it upgraded soon). I can get my bosses to invest atmost $4K-5K. I have been maintaining ipfilters on su boxes and ip tables on redhat and find it very diffcult to maintain the rules constantly. Please suggest your exp with watchguard x1000 seriens or netscreen -25/50.