Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Which Cisco Router Should I Use????

Posted on 2009-05-20
Last Modified: 2012-05-07
We are hosting an application on a Windows server that streams Flash Content out - called Adobe Connect - it uses port 1935 RTMP to stream the content and we are looking for the best and easiest CISCO router to act as the firewall at our Co-location in Philadelphia - we have a 100mb connection to the internet and typically use about 10-12MB during a presentation.  We see dropped packets every once in a while and we want to take the router portion out of the picture -
Question by:kova4
  • 2
  • 2
  • 2
  • +1

Author Comment

ID: 24431043
Additional Info - we have ports 80,443,1935,3389, and SQL open to the internet - with SQL only open to our servers at home via ip address authentication.
LVL 18

Expert Comment

by:Don S.
ID: 24431414
Routers are not firewalls.  It's not a good idea to try to use them as such.  A cisco ASA 5520 may be enough depending on how man simultaneous connections you anticipate.  As for any routers needed in front of or behind the firewall, I think the 2821 with it's twin 1 Gbps ethernet ports should suffice.
LVL 16

Expert Comment

ID: 24432566
1 - you almost certainly do NOT need a router, just a firewall, which will do all the routingh you need (minimal) and provide the protection you seek.

2- why Cisco? Cisco make good routers and switches. They're not at the leading edge of Firewall tech at all...

3 - to permit the traffic you seek, block everything else, AND provide sensible levels of DOS, IDP, etc., I would recommend a Sonicwall Pro 1260.


check it can cope with your anticipated level of throughput - see the charts on


And if you go for anything else, this is STILL your biggest question once you're sure it's secure enough.

Hint - Cisco firewalls still don't do deep packet inspection last I looked so the Sonic IDP is going to be way better.

Hint2 - the cheapest way to get the Pro 1260 and all the toys you might need is to buy the "Total Secure" bundle.
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.


Expert Comment

ID: 24441459
I would recommend going either with the Cisco 5520 with AIP Module, or using a Fortinet Unit. I have used both extensively and can say that they are both excellent units in terms of protection, throughput, VPN accessibility, etc... I would say that if you are looking more towards a complete protection scenario, that the Fortinet has the edge. With Network based anti-virus, continually updated IDS signatures, and advanced content filtering, it is a difficult unit to beat. You would be looking at probably something in the 100 to 200 series.

Author Comment

ID: 24443804
Security is not that impotant - I am not too worried that people are trying to break into the firewall - I need the fastest thruput to the server due to webcasting - processing the packets in a timely manner seems to be the biggest issue - am I incorrect? or is the bottleneck going to be the internet itself and I am way below the bandwidth max of the router processing -

Accepted Solution

fritz5150 earned 250 total points
ID: 24444806
To do what you are asking, you would be looking towards a 7200 series at least. 2Mpps rate. It can support full 100Mbps line speed. Even the 3800 Series only supports up to T3 at wire speed.
LVL 16

Assisted Solution

ccomley earned 250 total points
ID: 24448895
Fast packet processing is indeed the clue for throughput.

Most modern firewalls will be fast enough if all yuo are doing is stateful inspection.

But if you need better protection, these days, you have to do deep packet inspection. And Sonicwall are way out in front here, with their reassembly-free DPI logic.

WhatEVER firewall you choose, check it's rated throughput is either (a) at least as fast as your internet connection or (b) fast enough for the intended throughput, when doing the type of inspection you need. (The Sonicwall URL I gave you has all those figures for the Sonicwall range. If the PRO series doesn't go fast enough, check the NSA series.)

Featured Post

Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Firewall report connections 8 93
Cable suggestions 5 72
Network Switches 3 24
can't ssh to external IP 9 19
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question