Cisco vs the world of firewalls

Posted on 2004-11-17
Last Modified: 2013-11-16
Our engineers have a fair amount of experience with SonicWall, a small amount with Cisco PIX, and a large amount with WatchGuard.  We are fairly new to the Cisco, but felt we needed to go there due to market demands and having end to end solutions.  However, I'm hearing over and over again that the Cisco is MUCH harder to configure to do the same thing as a WatchGuard, and sometimes misses functionality that we've taken for granted in a WG.  Are these feelings simply a matter of not having the proper experience/training yet in Cisco, or is this simply the way it is?  If it's just the way it is, why does Cisco have the market share that it does?
Question by:Chuck Brown
    LVL 79

    Accepted Solution

    I personally don't find the PIX all that complicated, but that comes with experience. It only takes a few minutes to get up and running with a basic config. The new GUI takes some getting used to, but it does have some good wizards to help out.
    There are some things the PIX won't do, but I don't know what specifically you are talking about. The PIX is designed ground-up to be one thing - a great firewall. It won't do web filtering or email filtering, or inline anti-virus.
    What features are you worried about that you have taken for granted?

    Author Comment

    by:Chuck Brown
    One example:  We have a customer that has 5 remote sites.  We put in a 515 at the head end and 501's at each remote, and set up site to site vpn's.  We are putting in SurfControl at the main branch, and wanted to force all of the remotes to go through the main site to be filtered;  yes, this is a redundant use of bandwidth, but since the sites are very small (1-2 workstations at each one), and their net browsing should be minimal, isn't a big deal.  Unfortunately, according to Cisco, this requires a router at the head end, because the pix's are designed to route the traffic back out the same port it came in... With a WatchGuard, this would have been trivial.  With a PIX, it's an extra $$$.
    LVL 12

    Expert Comment

    Hello clbrownjr,
    I am pretty much in the same boat as you. I have setup many watchguards, Pixes, sonicwalls, and netscreens. I can tell you will 1000% certaintly, netscreens are the best.
    Not only to they do much much more than any of the others, but some of the features make them the killer choice... example traffic shaping and garanteed bandwidth... Apps being sufficated? assign the app policies as high priority, browsing and other crap...low... end of story.  Not only are they even more simple to understand than Watchguard, they offer better protrections, and dont require apps or PC logging stations.. They are also 100% rock solid, never bug out or fail, like watchguard. JMO.


    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
    Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now