ACL Firewall for a CISCO 2610 Border Router - Firewalls

This is a discussion on ACL Firewall for a CISCO 2610 Border Router - Firewalls ; I'm doing some research on firewalls. Does CISCO recommend any particular (commercial) firewall for a small organization that uses a single 2610 for Internet connectivity? Thaks....

+ Reply to Thread
Results 1 to 2 of 2

Thread: ACL Firewall for a CISCO 2610 Border Router

  1. ACL Firewall for a CISCO 2610 Border Router

    I'm doing some research on firewalls. Does CISCO recommend any
    particular (commercial) firewall for a small organization that uses a
    single 2610 for Internet connectivity?

    Thaks.


  2. Re: ACL Firewall for a CISCO 2610 Border Router

    In article <1171823124.535381.98770@t69g2000cwt.googlegroups.c om>,
    wrote:
    >I'm doing some research on firewalls. Does CISCO recommend any
    >particular (commercial) firewall for a small organization that uses a
    >single 2610 for Internet connectivity?


    Urrr -- Cisco would probably recommend their own firewalls ;-)
    There is the Cisco PIX series http://www.cisco.com/go/pix
    and the newer Cisco ASA series http://www.cisco.com/go/asa

    A 2610 could in theory keep a 10 megabit full duplex port
    completely busy, if the traffic patterns were right, but
    it wouldn't stretch much beyond that. A 2610 would, if I recall,
    be aimed at about the 1 x T1 to 2 x T1 market. Is the organization
    using VOIP or channelized T1?

    Any of the PIX 500 models (that are still sold) can handle
    10 megabits/s plaintext; the PIX 501 would be a bit tight if you
    wanted to do VPNs at T1 or higher, but the result of the PIX 500
    (that are still sold) should be able to handle VPNs at those rates.

    The choice of PIX model would depend on the number of internal users
    you have; an entry PIX 501 is restricted to 10 users, with a
    50 license available (that is usable up to about 20-ish active users
    before you start hitting memory problems if your config is large).
    The other PIX models do not have per-user limits, so if you have
    more than 10 users then it often makes more sense to go for a 506E
    than a PIX 501 + extended license.

    The choice of ASA models depends upon load and upon features that
    you want. THe ASA 5505 is pretty much like the PIX 506E in
    capabilities; the ASA 5510 and upwards start adding additional
    facilities not available in any PIX.


    These days I couldn't recommend getting a PIX 501 or 506E except for
    home users or SOHO, as effectively software development has stopped
    for those models. The 515E, 525, and 535 are still under ful software
    development. I haven't had an opportunity to work with the ASA series.

+ Reply to Thread