Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Small business firewall solution?

I am setting up the routing end of the installation for the first time for a small company. The ASA 5505 seems to fit the bill and the budget but I see there are several different packages available.

I guess my most urgent question is do I need to get the Cisco ASA 5505 Security Plus Firewall Edition Bundle with DMZ support to be able to setup a perimeter network configuration in the future?

The main features I need are VPN accessibility, and obviously a firewall setup. I have plans in the future to expand to a perimeter network setup when the budget allows.

2 ACCEPTED SOLUTIONS

Accepted Solutions
Silver

Re: Small business firewall solution?

Hi,

dmz support will only be needed if you have TWO segments on lan side which need to communicate with each other as well as internet.

without dmz support,you would be able to setup two zones on lan side but if you let them both access internet,they would not be able to talk to each other.

sh version

command output confirms

if you see

dmz restricted

in the output,

then the above holds true.

If in " sh ver ",you see " dmz unrestricted ",then there are no constraints in the communication.

Do rate if helpful.

Regards,

Sushil

Cisco Employee

Re: Small business firewall solution?

Kyle,

Based on your description of the "To Be Network", I would recommend that you go with Cisco ASA 5505 Security Plus Firewall Edition Bundle with DMZ which is "ASA5505-SEC-BUN-K9" License. You can find more information from the below URL:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html

Now, the reason I recommend the above license is because of your future requirements that might lead to a DMZ Network. From the above URL you can see that the only license on the ASA where you can create DMZ network is by using the above license.

I understand that you are trying to make a good business decision by purchasing the right Hardware and Software License and if you are already comfortable with the information listed on ASA5505 Data Sheet, then I would go ASA5505-SEC-BUN-K9 license.

Regards,

Arul

*Pls rate if it helps*

4 REPLIES
Silver

Re: Small business firewall solution?

Hi,

dmz support will only be needed if you have TWO segments on lan side which need to communicate with each other as well as internet.

without dmz support,you would be able to setup two zones on lan side but if you let them both access internet,they would not be able to talk to each other.

sh version

command output confirms

if you see

dmz restricted

in the output,

then the above holds true.

If in " sh ver ",you see " dmz unrestricted ",then there are no constraints in the communication.

Do rate if helpful.

Regards,

Sushil

New Member

Re: Small business firewall solution?

I don't have any equipment yet to run any of the commands on, I am currently trying to determine what is necessary.

What exactly do you mean by network segments? Are we talking subnets or like main office/branch office type of setup?

again, I'm not even to the point of being entry level in routing so you may need to explain it to me like I'm 4.

Thanks

Mac

Cisco Employee

Re: Small business firewall solution?

Kyle,

Based on your description of the "To Be Network", I would recommend that you go with Cisco ASA 5505 Security Plus Firewall Edition Bundle with DMZ which is "ASA5505-SEC-BUN-K9" License. You can find more information from the below URL:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html

Now, the reason I recommend the above license is because of your future requirements that might lead to a DMZ Network. From the above URL you can see that the only license on the ASA where you can create DMZ network is by using the above license.

I understand that you are trying to make a good business decision by purchasing the right Hardware and Software License and if you are already comfortable with the information listed on ASA5505 Data Sheet, then I would go ASA5505-SEC-BUN-K9 license.

Regards,

Arul

*Pls rate if it helps*

New Member

Re: Small business firewall solution?

Thanks for the help guys.

233
Views
0
Helpful
4
Replies