rtrunk Sun, 09/09/2007 - 15:41


You don't give any specifics, so it's hard to make a strong recommendation. But in general the ASA has more features and can do more packet inspection that the PIX. But if you just want a basic firewall, they are about the same.

You should also consider that the PIX is on its way out. All new features will be developed for the ASA first, as Cisco will put all their efforts on that platform. So it might make more sense from a business standpoint to go with an ASA.

On the other hand, if you're trying to save money, you could pick up a used PIX pretty cheap.



This Discussion