Thinking of upgrading from a Netscreen NS100 and PIX515e to a ASA5510
Hello everyone. My current environment contains an ancient NS100 (Grey box not blue) doing firewall/NAT duties and a Cisco PIX 515e doing VPN duties. I've looked at the following UTM devices to replace my current setup:
Cisco ASA5510 Juniper SRX240 SonicWall NSA2400
The SonicWall NSA2400 seems compelling but i haven’t had good experiences with sonic walls in the past, my previous employer dumped all there sonic walls for net screen firewalls some 6 years ago and i havent seen or used one since.
I've used juniper products extensively at my previous job so I'm very comfortable with the netscreen products running ScreenOS, but i hear the latest models use the JUNOS which is drastically different than the previous ScreenOS. Also i've seen plenty of complaints on the SRX line in regards to stability.
I would love to have the Cisco but I'm afraid of setup having seeing that making changes on my PIX was a chore since i'm not well versed in the CLI. Also the price point is much higher then the other 2.
What I’m primarily looking to do is the following:
Re: Thinking of upgrading from a Netscreen NS100 and PIX515e to
The service you want can be provided my the ASA. There is an extra SSM card that can provide the IPS/IDS part.
They can provided traffic, shapping, prioritization and policing for QoS also.
As for VPN, tehy more or less support VPN and WebVPN fine. Depending on the number of users you need to check the load on the firewall.
As far as stability the ASAs have been doing very well and I can say they are pretty stable in the latest releases for the vast majority of people. There are boxes that run fine for hundreds of days, and there are no major significantly affecting defects with no workarounds.
Depending on the bandwidth requirement you will need to decide which model is best for you.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...