Hello all. Pretty newbie question here, I know I still have lots of research to do, but I'm fairly new to the security side of things, so looking to get pointed in some direction...
We are running 2 PIX 515's, one as a failover. All the ports are being used, we have one DMZ setup where our websvr and another host sit. We need to setup another host to run various things with Google (ads i believe?), that need to open an in/out tunnel to the internet, so we want to put this on a separate DMZ from the websvr.
Question, what is the best way to go about this? Just upgrade the PIX to add another port and put the 2nd DMZ on that? Are there better...more efficient...less costly ways to do this?
Eventually we are upgrading the PIX to ASA'. If upgrading the PIX is the only solution, is the cost great enough that we should try to wait and upgrade to the ASA's first? Is there a temporary workaround to get by until we upgrade?
Thanks in advance!