I need some help on selection of the firewall. My situation is like this: I have one Web Application Server and a Database Server (which supports the web server). Now I need a firewall hardware to have the following features:
1)switch: so that I can connect both the web server and the database server to it;
2)DMZ: so that I can plug in a caching server.
3)VPN: so that I can use my PC remotely access the web and database servers. (My PC will be installed the VPN CLient software).
Which firewall product(s) should I choose?
As for the DMZ, do I need to purchase the additional/external card to plug into the firewall equipment OR it has already built it in?
Personally from a security point of view, I would buy a Pix or ASA depending on your budget. Your setup would consist of 3 interfaces, an outside, inside and dmz. Your VPN would terminate on the outside.
The DMZ interface should not have the database server directly attached, as it only is required for back end communication with the webserver, so a back end swicth would be best, altho you could go cheap and use a crossover if you have no need for expansion and have the spare nics.
So you could get away with a simple Pix506 if you just wanted outside/DMZ, but if you want an inside interface as well then a Pix515 with extra nic card would suffice.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :