I have a potential customer to whom I am trying to pitch using IOS for their network firewall. I have found out that I am up against WatchGuard FireBox and Lucent VPN Brick. Does anyone have any experience of these, and what are your experiences? If anyone knows of any good "magic bullets" I can use against these products, it would be greatly appreciated.
Consider a PIX model as it is an appliance, similar in features and performance to Firebox. Review of Firewalls in Network News. PIX gets well received although Cisco submitted late so the Netscreen won!
Thanks for the URL, Lee. It made for useful reading.
My problem, however, is that FireBox and PIX are very similar in terms of functionality, whilst Lucent's kit seems to beat the two of them. The advantage over Lucent is clearly a case of "Lucent who? Do they make firewalls?", whilst the advantage of using IOS is cost - the customer already has a Cisco routed network that I can use IOS over. If I can show that IOS gives a comparable level of protection, then it should be a breeze.
This brings us into the Dedicated Firewall v Router with Filtering argument. There are a couple of other threads on this forum regarding this, but nothing more than personal opinion seems to indicate that IOS is as good as a separate firewall unit. Then I would be home and dry, but this is not as simple as at seems, given the other suppliers have already pitched this argument with a reasonable degree of success.
If you have ANY ammo that I could use against the WatchGuard and Lucent firewalls, then it will at least give me a way into the argument. Or anything more than anecdotal evidence that IOS can beat a standalone dedicated firewall... please!
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :