Cisco vs the world of firewalls

Posted on 2004-11-17
Medium Priority
Last Modified: 2013-11-16
Our engineers have a fair amount of experience with SonicWall, a small amount with Cisco PIX, and a large amount with WatchGuard.  We are fairly new to the Cisco, but felt we needed to go there due to market demands and having end to end solutions.  However, I'm hearing over and over again that the Cisco is MUCH harder to configure to do the same thing as a WatchGuard, and sometimes misses functionality that we've taken for granted in a WG.  Are these feelings simply a matter of not having the proper experience/training yet in Cisco, or is this simply the way it is?  If it's just the way it is, why does Cisco have the market share that it does?
Question by:Chuck Brown
LVL 79

Accepted Solution

lrmoore earned 150 total points
ID: 12611593
I personally don't find the PIX all that complicated, but that comes with experience. It only takes a few minutes to get up and running with a basic config. The new GUI takes some getting used to, but it does have some good wizards to help out.
There are some things the PIX won't do, but I don't know what specifically you are talking about. The PIX is designed ground-up to be one thing - a great firewall. It won't do web filtering or email filtering, or inline anti-virus.
What features are you worried about that you have taken for granted?

Author Comment

by:Chuck Brown
ID: 12614188
One example:  We have a customer that has 5 remote sites.  We put in a 515 at the head end and 501's at each remote, and set up site to site vpn's.  We are putting in SurfControl at the main branch, and wanted to force all of the remotes to go through the main site to be filtered;  yes, this is a redundant use of bandwidth, but since the sites are very small (1-2 workstations at each one), and their net browsing should be minimal, isn't a big deal.  Unfortunately, according to Cisco, this requires a router at the head end, because the pix's are designed to route the traffic back out the same port it came in... With a WatchGuard, this would have been trivial.  With a PIX, it's an extra $$$.
LVL 12

Expert Comment

ID: 12620406
Hello clbrownjr,
I am pretty much in the same boat as you. I have setup many watchguards, Pixes, sonicwalls, and netscreens. I can tell you will 1000% certaintly, netscreens are the best.
Not only to they do much much more than any of the others, but some of the features make them the killer choice... example traffic shaping and garanteed bandwidth... Apps being sufficated? assign the app policies as high priority, browsing and other crap...low... end of story.  Not only are they even more simple to understand than Watchguard, they offer better protrections, and dont require apps or PC logging stations.. They are also 100% rock solid, never bug out or fail, like watchguard. JMO.


Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month16 days, 7 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question