Re: Firewall Products

[Lee Weers <weersl () CENTRAL EDU>]

I have a similar situation in that we have a 515 classic that we have
out grown.  Limited budget (actually no budget until July).  I will be
looking at pricing of the Sidewinder from Secure computing next week
with a vendor.  It sounds like a great appliance, but I am nervous about
the cost. 

-----Original Message-----
From: Flagg, Martin D. [mailto:FlaggMD () HIRAM EDU] 
Sent: Friday, February 03, 2006 8:24 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Firewall Products

 I am a long time user of the PIX.  Currently we have out grown our PIX.
My first thought was to replace it with another PIX.  I am having
seconds thoughts and am looking for opinions and advice.  The products
we have considered, so far, are PIX(or ASA line from Cisco), Fortigate
and the Astaro.  I like both the Fortigate and the Astaro but am
reluctant since I do not know anyone else using these products.

I am a little confused about where Cisco is going with its IDSM-2, FWSM
(PIX blade for 6500) and its ASA line.


My scenario is as follows

Limited budget, I can afford a Firewall but not a Firewall and a Web
Proxy/Web Antivirus product

Currently we have nothing protecting HTTP/HTTPs from virus's

I need to get nice reports and probably need a new syslog product/report
product, I have hardware already for this.

We currently have AntiSpam that we are happy with, a VPN that we are
happy with, A Cisco IDSM-2 that I am not happy with (not dynamic enough
and too much time spent tuning) and Email anti-virus that is OK.


Any help on or offline is appreciated.

Martin D. Flagg
Network Engineer/Administrator
Hiram College