Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 566
  • Last Modified:

PIX or ASA - Small Business

Hello Cisco Experts,

As a small business consultant I finally have to learn Cisco. Just enough to do the basic setup/configure (open/close ports, vpn site-site, port forwarding, etc) for small businesses. I've done alot of research the last few days between the PIX and ASA and I'm just not 100% sure which I should learn. I figure the best way for me to learn is to just get a book and some kind of virtual software CD etc... Here are my questions though:

1. For small businesses what version should I learn, PIX or ASA?

2. If I learn PIX, will I be able to walk into a client and configure ASA as well, and vice versa? (I read something about IOS 7.X on a PIX is the ASA version???)

3. Can someone please point me in the right direction on this confusing road I'm on? :)

I dont want to purchase training material and spend valuable hours learning PIX or ASA just to find out I should have chosen the other.

I have networking experience and can configure 3rd party firewalls and have some experience with ISA 2004 so I'm not a nebie in networking just a total newbie Cisco wise.

Any training material you have found to be valuable please let know.

Thanks for your support and feedback!!!
0
tolinrome
Asked:
tolinrome
  • 4
  • 4
  • 3
1 Solution
 
Jan SpringerCommented:
I've configured PIX v4, v5, v6 and v7 and Cisco IOS Firewall Feature set.  

I would think that if you learn ASA or PIX v7, you should be able to apply the concepts from one to the other.
0
 
Keith AlabasterEnterprise ArchitectCommented:
ASA would be the product of choice.

Firstly PIX is heading towards end of sale so soon you will have to change anyway.
Secondly, ASA provides far more functionality to your business.
Thirdly, ASA is not the new toy it once was - it is a proven and reliable paltform and is the recommended product of most professional groups these days.

Flip side
Firstly, Pix is still the best hardware-based firewall on the planet

No offence - I do ISA server and Cisco and they are not the same..... Concepts are similar but that is about all....
The smaller PIX such as the 501 and the 506 do not support version 7, they stopped at 6.3(5) and there are no plans to deploy it.
However, PIX and ASA have a graphical user interface (GUI) that can be used to configure them.

Keith


0
 
Jan SpringerCommented:
Booo to the GUI :)

He won't learn from that.

If this is a personal expenditure, it might be cheaper to find a PIX that supports v7 to start with.

There's nothing like hands on experience.  Then, he could find/buy documentation regarding the configuration of the ASA appliance.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
Keith AlabasterEnterprise ArchitectCommented:
We all have our own view lol
0
 
tolinromeAuthor Commented:
Thanks guys.
So I guess ASA would be the way to go then. I definitely wouldnt want to learn from the GUI to start with at least.

So, If I buy a used PIX that supports version 7.X it will technically be using the ASA? Is that what you suggest?

ebay here I come...
0
 
tolinromeAuthor Commented:
btw - is having the knowledge of a ccna kind of required to learn all of this?
0
 
Keith AlabasterEnterprise ArchitectCommented:
ccna covers the basics of netowking including basic routing protocols, interconnecting devices etc. It is the basis that all other switching/routing exams etc are based on for the Cisco track but is relevant everywhere really. It is not a must but IS a great asset to CV and to knowledge.

No, I don't think the PIX is the same as ASA at all but as stated, this is just my view.
0
 
tolinromeAuthor Commented:
man im confused...
0
 
Jan SpringerCommented:
I don't have any cisco certifications.  You don't need them if you start with the basic concepts and application and go from there.

It's help to have an appliance to play with.

The PIX != The ASA
0
 
tolinromeAuthor Commented:
ok, can you guide me in which pix firewall applicance I should purchase and what version and if you know of any good book/cd's to go along with it ????

0
 
Jan SpringerCommented:
The pix 525 supports v7 and I would recommend ebay.

Make sure that they have the latest v7 code on it because code downloads from Cisco require a SmartNet contract.

If you can't get the latest code, check into the cost of SmartNet for software only -- the 525 and SmartNet may be less than an ASA.

Cisco has many firewall books.  I started out with www.cisco.com and www.google.com and used them for a long time before I purchased any books.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

  • 4
  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now