Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Would like to use Cisco Router IOS feature set  to protect site unwanted traffic coming from Internet

Posted on 2008-06-23
6
Medium Priority
?
312 Views
Last Modified: 2012-05-05
I have several sites that are basically doctor offices that are using Internet Radio for the patient rooms to mask doctor patient conversations. I am also allowing UTube feeds. ALl of this is currently coming across the WAN from the cnetralized Internet connection that is protected by traditional firewalls and a DMZ.

I would like to install Internet at all of the remote sites and pull Internet Radio and UTube locally. I would either install boradband or an internet connection from a more traditional telco. I am installing new 2621 Cisco Routers with the enhahanced IOS that includes the firewall feature set.

I would like opinions on whether I could effectively protect these sites from unwanted viruses (no pun intended) and/or those who would like to try and steal medical information using the Cisco IOS mentioned above.

If not, any suggestions?  I really do not want to have to spend $$$$$ on a big WAN pipe to support Internet Radio and UTube.
0
Comment
Question by:PMcDevitt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 3

Accepted Solution

by:
AugustTen earned 600 total points
ID: 21848461
Hi, you can use the FW feature set as a quite capable firewall, but a better solution would be to use a Cisco ASA dedicated hardware firewall. This will give you the possibility for URL filtering, anti-phishing, anti-spam, antivirus, anti-spyware, and content filtering.
0
 
LVL 13

Assisted Solution

by:kdearing
kdearing earned 600 total points
ID: 21852267
If I were you, I would provision a business-class DSL with some decent bandwidth and use a Cisco ASA 5505 or 5510 like AugustTen suggests.
0
 

Author Comment

by:PMcDevitt
ID: 21874470
Thanks for comments.  I am getting push back because of the admin cost in deploying 25+ firewalls not to mentioned hardware and deployemnt costs. There is also the issue on managing the firewall logs.

I take that neither of the responders would simply use the firewall software included in the router IOS feaure set.
I realize there would still be an issue on log management.
0
Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

 
LVL 13

Assisted Solution

by:kdearing
kdearing earned 600 total points
ID: 21877716
My suggestion was to use the 5500 ASA instead of the 2621 routers.
So your cost will probably be less.
0
 

Author Comment

by:PMcDevitt
ID: 21902314
Actually the driver for the 2621 is not the firewall feature set, it is to replace older Nortel ASN routers. The IOS feature set was always being purchased so I was hoping to use the firewall component instead of buying another device (i.e. 5500 ASA firewall).
0
 
LVL 7

Assisted Solution

by:mabutterfield
mabutterfield earned 300 total points
ID: 21904243
are you getting the 2621 routers used / refurbished?  They haven't made those in a few years.  You'll probably save some money with the 1811 series.  
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question