Firewall Wizards mailing list archives
Re: Cisco firewall appliance choice
From: Dan <method () b astral ro>
Date: Sun, 25 Nov 2007 22:21:30 +0200
Brian Loe wrote:
If you had a customer with their mind set on replacing their limited PIX 505 with another Cisco device, for good or evil, which would you go with? I'm not all that well versed with the ASA devices and the software restrictions that come with them. In short, unless the price difference is huge - and that doesn't appear to be the case - then I see no benefit of any ASA over the various 500 series PIXen and an unrestricted license (not to include some of the addons that appear to be available with the ASAs like AV and IPS). Anyone here have an opinion? The customer is a small office: 50 desktops, 15-20 servers, will be using SIP, many peer-to-peer VPNs with customers, uses their PIX for remote access for employees. _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Hi , Differences between PIX and ASA is that ASA has some security modules : AIP SSM (Advanced Inspection and Prevention) ans CSC (Content Security and Control), that PIX doesnt have. The capabilities for the PIX hardware are : Connection capabilities for the PIX 515E are as follows: ? Maximum clear-text throughput188 Mbps ? Maximum throughput (3DES)63 Mbps with VAC ? Maximum throughput (3DES)140 Mbps with VAC+ ? Maximum throughput (AES-128)135 Mbps with VAC+ ? Maximum throughput (AES-256)140 Mbps with VAC+ ? Maximum concurrent connections130,000 ? Maximum concurrent VPN peers2000 Connection capabilities for the PIX 525 are as follows: ? Maximum clear-text throughput330 Mbps ? Maximum throughput (3DES)72 Mbps with VAC ? Maximum throughput (3DES)155 Mbps with VAC+ ? Maximum throughput (AES-128)165 Mbps with VAC+ ? Maximum throughput (AES-256)170 Mbps with VAC+ ? Maximum concurrent connections280,000 ? Maximum concurrent VPN peers2000 I think that a 515E could be ok. _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Cisco firewall appliance choice Brian Loe (Nov 25)
- Re: Cisco firewall appliance choice Dan (Nov 25)