Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Best Low cost Firewall for Web Hosting

Posted on 2004-10-22
Medium Priority
Last Modified: 2013-11-16
I am starting a web hosting company. We are starting with 2 servers co-located in a data center. I need a switch and a Firewall and I am not sure what to go with. The server set me back so I am trying to find the best but cost effective solution. What do you recommend to meet our needs and a reasonable budget?
Question by:HighSecured
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 12386377
You didn't mention your exact budget, but I'm a big fan of the Cisco PIX 515E.  It's very economical and allows you to add-on later as your needs change (adding fail-over, memory, and additional interfaces for example).  We have 2 of these (with stateful failover configuration) these at all of our sites.  We also uses these for site-to-site and client VPN which works very nicely.


However, as I'm not sure what price range you're looking in it's hard to tell if this would be "too much" for you.  Maybe overkill, maybe not :)

Author Comment

ID: 12387387
I was looking for what I can get by with I have looked at the Cisco 506 and 506e on eBay they seem reasonable I am not sure the difference though? I was looking to get the switch and firewall for around $800 total
LVL 79

Accepted Solution

lrmoore earned 2000 total points
ID: 12388564
The PIX 506 should be adequate for you. Difference between 506 and 506e - the "E" stands for "Enhanced" VPN capabilities. It also has capability of 10/100 on both interfaces, the 506 (discontinued model) was 10Mb only.

The PIX just has so many more capabilities than most of the other products that I would not recommend anything else (could just be my narrow experience base with other products).

You can use any switch to get you going. Get a 8 port 10/100/1000 switch for $200

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!


Author Comment

ID: 12388694
Ok almost done I found a CISCO CATALYST 2900 Model 2916-XL This will work for what i am trying to do then?
LVL 79

Expert Comment

ID: 12388739
That should be mighty fine for what you need to get started.. but it's a very old model and updating the code will be difficult for you.

I would suggest getting something new with warranty...
Like this Linksys http://www.linksys.com/products/product.asp?grid=35&scid=42&prid=559


Author Comment

ID: 12388750
The CISCO PIX 501 is a firewall and a switch but the Cisco rep said it was not enough for what I need what do you guys think?
LVL 79

Expert Comment

ID: 12388782
The 501 is the littlest guy in the lineup. It's just not designed for any serious traffic like web hosting, and does not have enough horsepower. It might get you started if you don't have much traffic, but I wouldn't bet my hosting business on it. You would have to completely replace it if you outgrew it.


Expert Comment

ID: 12392807
How much data are you looking to pass?

The PIX is nice, but you need to learn the interface, which probably means you will be posting here a lot more.

Look at the SonicWall. The TZ170 has a five port Switch built in and can handle light loads, probably good enough to start with.  Get it with the Enhanced OS. It will give you a lot more options.

If you need more horsepower and don't want to reinvest in six months, a year, get a 3060 or 4060. It wil be much more than you need right now.

If you start with the TZ170 and go to something bigger, you can easily eport your settings and then reimport them.

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question