Would like to use Cisco Router IOS feature set to protect site unwanted traffic coming from Internet

I have several sites that are basically doctor offices that are using Internet Radio for the patient rooms to mask doctor patient conversations. I am also allowing UTube feeds. ALl of this is currently coming across the WAN from the cnetralized Internet connection that is protected by traditional firewalls and a DMZ.

I would like to install Internet at all of the remote sites and pull Internet Radio and UTube locally. I would either install boradband or an internet connection from a more traditional telco. I am installing new 2621 Cisco Routers with the enhahanced IOS that includes the firewall feature set.

I would like opinions on whether I could effectively protect these sites from unwanted viruses (no pun intended) and/or those who would like to try and steal medical information using the Cisco IOS mentioned above.

If not, any suggestions?  I really do not want to have to spend $$$$$ on a big WAN pipe to support Internet Radio and UTube.
PMcDevittAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
AugustTenConnect With a Mentor Commented:
Hi, you can use the FW feature set as a quite capable firewall, but a better solution would be to use a Cisco ASA dedicated hardware firewall. This will give you the possibility for URL filtering, anti-phishing, anti-spam, antivirus, anti-spyware, and content filtering.
0
 
kdearingConnect With a Mentor Commented:
If I were you, I would provision a business-class DSL with some decent bandwidth and use a Cisco ASA 5505 or 5510 like AugustTen suggests.
0
 
PMcDevittAuthor Commented:
Thanks for comments.  I am getting push back because of the admin cost in deploying 25+ firewalls not to mentioned hardware and deployemnt costs. There is also the issue on managing the firewall logs.

I take that neither of the responders would simply use the firewall software included in the router IOS feaure set.
I realize there would still be an issue on log management.
0
Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

 
kdearingConnect With a Mentor Commented:
My suggestion was to use the 5500 ASA instead of the 2621 routers.
So your cost will probably be less.
0
 
PMcDevittAuthor Commented:
Actually the driver for the 2621 is not the firewall feature set, it is to replace older Nortel ASN routers. The IOS feature set was always being purchased so I was hoping to use the firewall component instead of buying another device (i.e. 5500 ASA firewall).
0
 
mabutterfieldConnect With a Mentor Commented:
are you getting the 2621 routers used / refurbished?  They haven't made those in a few years.  You'll probably save some money with the 1811 series.  
0
All Courses

From novice to tech pro — start learning today.