Firewall Wizards mailing list archives

PIX firewall licensing and beyond (newbie)

From: Vahid Pazirandeh <vpaziran () yahoo com>
Date: Mon, 5 Sep 2005 20:40:44 -0700 (PDT)

Hello everyone,

I come from a linux admin background and have an assignment to setup a pix
firewall.  This is new territory and will be my first time playing with pix os
instead of iptables.  Please excuse my newb questions, but we all start
somewhere. :-)

1. Which model?  Our servers are in a co-location with a 100mbit drop.  Would
that make the 515E the right choice if we actually want to make use of our
bandwith?  The pix becomes the bottleneck?

2. I'm a little uneasy about the licensing.  What are the typical features I
should make sure that are included (e.g., 3DES)?  What should I watch out for.

3. I read somewhere that vlan support is only in pix os 6.3.  Is vlan support
also based on which model I'm using, or do all pix firewall models have this
feature?

4. How many physical ports do the pix firewalls typically come with?  It seems
like it's 2: one uplink, one downlink.  I can already think of 3 security
levels that I want my servers separated into.  Does that mean I have to buy
expansion slots?  Or should I use VLANs instead?

5. Any recommendations on a location to order the pix firewall and licensing
from?  Good deals, good support, etc.

6. Any recommendations on some online reading that will help with implementing
the pix firewall?  It would help to see some example network layouts to get a
better idea of how the components should be pieced together.

Here are a few places that I've already scoped out:
http://www.netcraftsmen.net/welcher/papers/pix01.html   (also:
pix02-pix04.html)
http://www.examcram2.com/articles/article.asp?p=101741&seqNum=1

Your guidance would be very helpful.  Thanks for a great mail list!

A PIX student in training,
-Vahid

=============================================
 "Make it better before you make it faster."
=============================================


        
                
______________________________________________________
Click here to donate to the Hurricane Katrina relief effort.
http://store.yahoo.com/redcross-donate3/
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

PIX firewall licensing and beyond (newbie) Vahid Pazirandeh (Sep 07)
- Re: PIX firewall licensing and beyond (newbie) Ryan Steinmetz (Sep 07)
- Re: PIX firewall licensing and beyond (newbie) Victor Williams (Sep 07)
  - Re: PIX firewall licensing and beyond (newbie) David Lang (Sep 07)
- RE: PIX firewall licensing and beyond (newbie) Paul Melson (Sep 07)