PIX Questions
in [Cisco]
|
From: bobneworleans on 10 Jun 2010 12:39 I'm looking at buying a PIX 506E from eBay. Will it be possible to put it under SmartNet? One of the units I'm considering has a restricted license (see list of features below). What does this mean? My boss would like to buy a firewall that has two WAN ports (Ethernet) so if the primary link dies, the backup link will be used. Is there a PIX that supports this scenario? Licensed Features: Failover: Disabled VPN-DES: Enabled VPN-3DES-AES: Enabled Maximum Physical Interfaces: 2 Maximum Interfaces: 4 Cut-through Proxy: Enabled Guards: Enabled URL-filtering: Enabled Inside Hosts: Unlimited Throughput: Unlimited IKE peers: Unlimited This PIX has a Restricted (R) license.
From: Doug McIntyre on 10 Jun 2010 13:39 "bobneworleans(a)yahoo.com" <bobneworleans(a)yahoo.com> writes: >I'm looking at buying a PIX 506E from eBay. Will it be possible to >put it under SmartNet? No. All PIX's are end-of-lifed. No licenses upgrades or smartnet is available for them. The ASA's have been out for quite some years, thats the currently supported hardware. >One of the units I'm considering has a restricted license (see list of >features below). What does this mean? Restricted as in you don't get all the features, like no HA failover. On this particular one, it looks like unique hosts are unlimited, but other models could be restricted to 10 inside hosts, or 50 inside hosts. >My boss would like to buy a firewall that has two WAN ports (Ethernet) >so if the primary link dies, the backup link will be used. Is there a >PIX that supports this scenario? You could add-on interfaces to a 515 and up. But all PIX hardware went EOS two years ago. The ASA5505 is the current replacement, and you can easily find better deals with online stores than what eBay has. (and for used gear, most certainly find better deal from hardware resellers even on ancient EOL'd hardware than on eBay as well). Lots of other vendors give you alot more bang for the buck than Cisco on firewalls though, with Enterprise level reliability. I'd look first at FortiGate for firewalls, and then Juniper. Both have products that fill in quite alot between the ASA5505 and ASA5510 of Cisco and offer a lot more features. If you are looking near the low end, the FortiGate 50B has dual WAN, can handle full wirespeed (100Mbps) firewall, and if you want to pay for some more of the subscriptions, has IPS, antivirus, antispam, etc. You can also setup HA by just buying another without additional licenses.
From: Gary on 10 Jun 2010 16:56 You may also want to look at Peplink's products for multi-WAN load balancing for inbound and/or outbound traffic. -Gary
|
Pages: 1 Prev: I AM BUYING THE BELOW CISCO AND MORE. Next: AV Security Suite virus removal instructions |