Device comparable to PIX 506E?

Unanswered Question
Jul 2nd, 2009

With the end of life of the 506e, I was wondering what device I should move to next to maintain operations here. I currently run site to site traffic with 11 different locations. Each run a PIX. I'm thinking about upgrading to a 2821 series router in the future to run the main hub, but I need a new solution for my remote sites.


Any ideas?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
xcz504d1114 Thu, 07/02/2009 - 09:19

ASA 5505's work nicely, I substitute them for PIX's all the time. Just make sure you get the appropriate licensing, if I remember correctly the least expensive 5505 version only allows 8 concurrent connections.

thotsaphon Thu, 07/02/2009 - 10:09

Michael,

You may think of ASA firewall for doing the same task like Pix. Cisco 2821 router is a good idea if you plan to use this for Hub router. Cisco 2821 router can do site to site vpn as well. You need a particular IOS feature set. But router will do things about encrypt/decrypt in software. ASA is designed to do things like that in hardware. So I'd recommend you to use ASA to do firewall functions. When you want to use a Hub design. let's select a new router to do so.

Aside note: Cisco 2821 router can do firewall functions as well. But I still recommend you to use 2 devices for your design. I'm not a cisco sale by the way.(grin)


ASA is here: http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html



HTH,

Toshi

xcz504d1114 Thu, 07/02/2009 - 10:26

Toshi made a good point, the hub sites don't necessarily need a firewall to do the VPN. Depending on budget, the 1800 series works well also, I use 1811's for my remote users, if you need T1 interfaces you have to use the modular model, the 1841.


Craig

Actions

This Discussion