Getting a new firewall

My home office firewall just died and looks like never coming back

I'm running off a UK broadband cable connection. I've just bought a Dlink DI-604 just to make sure I can get back on the net ASAP

I can get one of the following:

CISCO PIX 501 3DES Bundle (Chassis, SW, 10 Users, 3DES)

I thought I could put the DI-604 onto the cable modem and then untrusted users onto the DI-604, and isolate the development computers with the CISCO firewall for added security, so the WAN on the CISCO will plug into the LAN on the Dlink, and the WAN on the dlink into the broadband modem.

1. Any reason why this setup wouldn't work ?
2. Any reasons not to use a CISCO PIX in this configuration ?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

1. No.

2. No.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Most people will use the "firewall" (i.e., NAT) capabilities of the D-link to provide security.     You are unique, given that you're actually purchasing a Cisco firewall product for your private network.   Impressive.

It sounds like you're planning on putting the "good" users behind the PIX, and everyone else in a DMZ.   This should work fine, so long as you understand the network subnets and such.        The PIX line of firewalls is one of the most stable and secure that I know of.    I don't think you'
ll have any problems.
plqAuthor Commented:
Thanks very much for the feedback

I know the cisco inside the network is a bit extreme but I have computers the kids use, and I have sales people coming in now and again with all sorts of cr*p on their laptops. In addition if one or the other goes phut again I have a backup. Furthermore we VPN into clients networks quite a bit, so that can have a dedicated PC outside the cisco too.

One thing, I think the dlink will be a 192.168 address, does that cause any problems if the cisco people are on 10. and the dlinks on 192. ?.

Also more questions,
3. will the cisco act as a dhcp server and
4. would I need to put an windows server domain controller box inside the network.

Sorry for being so dumb at networking ! 500 points is a lot of beer money though !
Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

No problem at all, the cisco will only route the traffic...

3: yes, the cisco act as a DHCP server..
4: and no, you do not have to install a windows server at all. the PIX is completly stand alone, and can act as a vpn device, and a dhcp server..
plqAuthor Commented:
Marvellous. Thanks for your help. Splitting points..
plqAuthor Commented:
And now its all working... didn't even need to RTFM !! thanks
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.