09-20-2007 01:28 PM - edited 03-11-2019 04:14 AM
Besides the ability for the ASA/PIX to provide stateful inspection in hardware; therefore, the ability to service more connections that a router running IOS firewall feature set......Is there any security advantage? "More hardened technology", or something?
Thanks,
Mike.
09-20-2007 03:15 PM
Obviously you will get better throughput and VPN handiling with the ASA counterpart.
The IOS has a good security feature set , however the ASA/PIX is marketed as a firewall for a reason.
In my opinion it is a better box, as it is designed for a firewall environment. Some of the security features are much harder than the IOS.
Both the ASA and IOS devices support a kind of stateful inspection.
Another benefit is the GUI. The ASA has a much more user friendly interface for handiling firewall and vpn configurations.
The new verson 8 code, is becoming more of a UTM. In a nutsehell , this means you can do multiple things within one box, such as SSL,IPSEC,IPS, Threat Detection,Anti X. The Anti X module is quite impressive as it has a subscription to Trend, which updates regular for new virus, exploit code etc.
The monitoring is far superior on the ASA/PIX.
If security is paramount then you have to opt for Cisco's firewall range.
09-21-2007 06:36 AM
Dedicated team for the asa, means faster fixes better support more features etc...
Not to overly simplify but routers route and firewalls firewall, and do not bring a knife to a gun fight!
I was never hear and you never heard that torpedo hit
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide