PIX Firewall Questions

Thanks. I have a small network. I will have two Cisco Aironet AP's serving no more than 12 clients. Probably more likely to be 5 or 6 to start with. This is all for a new in-house  Electronic Medical Records System, so security has to be tight in order to meet all the different associations requirements for patient health information.

So if I am reading correctly if I use the PIX501 then I will not need a seperate switch for the AP's, right?

Would there be any performance benifits over the 506e or 501? The wireless clients will be using terminal services to connect to the new EMR system.

Note: I actually have a PIX506e that handles our T1 traffic, but it is provided by one of our vendors and I don't have access to configure it. I want to keep this seperate anyway.

The PIX501 would be suitable for your needs.  I would recommend buying it with the 50-user license.  And, yes, if you only have two APs, you can use the integrated ethernet hub on the PIX501 thereby eliminating the need for an additional switch.

Thank you for the excellent information.

Note: the PIX501 supports 60Mbps of firewall throughput and 3Mbps 3DES / 4.5Mbps AES VPN throughput -- this is probably sufficient to handle your wireless networking needs.  The PIX506E provides up to 100Mbps firewall throughput and 16Mbps 3DES / 30Mbps AES VPN throughput.  If you are considering using VPN clients on your wireless clients to provide encryption (much better than WEP), the 506E may be a better fit.  However, the 506E does not have an integrated 4-port 10/100 switch like the PIX501 does.