[Dshield] Cisco Router/Firewall - which is the best for me?
chris.meidinger at badenit.de
Tue Oct 5 15:23:05 GMT 2004
i administer several cisco firewalls, and they are great. I also administer
some Netscreens. In your place, i would consider a Netscreen NS-5XT. They
are similar to a cisco 501e, but about half of the price.
Advantage: great function, great price
Disadvantage: not cisco
If you want to learn cisco syntax, get the pix 501e. If you want a good
firewall that will do the job, as well as is *very* compatible with other
devices for vpn and whatnot, i'd get the netscreen.
> -----Original Message-----
> From: list-bounces at lists.dshield.org
> [mailto:list-bounces at lists.dshield.org] On Behalf Of Benjamin Koch
> Sent: Sunday, October 03, 2004 15:30
> To: General DShield Discussion List
> Subject: [Dshield] Cisco Router/Firewall - which is the best for me?
> Hello list
> i have some general questions about some cisco products.
> First of all, i'm a cisco newbie :)
> I have an linux iptables router/gateway for my home/SOHO
> network (5 Hosts) but the wattage of this box is a bit high...
> I thought it would be better using a HW Router/Firewall.
> The standard customer HW Routers are not that configurable as i want.
> I like the total control like iptables does. Packets must
> match some criteria like:
> -Input Interface
> -Source IP
> -Source Port
> -Output Interface
> -Destination IP
> -Destination Port
> and some other stuff to get accepted - or denied.
> Then i remembered Cisco Systems - one of the top Network Companies.
> I found some products like
> Cisco 1712/1710 Security Router
> Cisco 831 4xRJ45 10MBit
> and the Cosco PIX 501
> All three are having a Firewall but i don`t know which one is
> matching my needs.
> Here are my wishes:
> connect a DSL modem (RJ45)
> connect a LAN (RJ45 - 1Port is enough -> Switch) Routing
> ability (Internet Connection Sharing and FTP/Remote Admin.
> NAT) Firewall (Features shown above) Traffic Shaping
> (Bandwith limiting for some explicit given Hosts) IDS (i must
> configure and maintain it by myself?) URL/IP blacklist ability
> CSA - maybe - i should first know what this Cisco Security
> Agend is doing ;) Easy configure would be nice at the
> beginning... *Cisco newbie*
> It should be as cheap as possible. Max 600EUR - ok 800EUR
> will be ok too but it must have the most of the requested features.
> I don't know which is the right product for me and i don't
> know who to ask...
> Not everybody has a Cisco Router/Firewall at home :) So i ask
> you and all the versed admins in this list.
> I hope you can help me
> Best regards,
> Benjamin mailto:BK-D at gmx.de
> DShield and the Internet Storm Center are sponsored by the
> SANS Institute.
> To learn more about current SANS training, see http://www.sans.org .
> send all posts to list at lists.dshield.org To change your
> subscription options (or unsubscribe), see:
More information about the list