Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1404
Views
0
Helpful
3
Replies

design/implement new firewall, VPN, Netranger

drollyson
Level 1
Level 1

‎09-18-2000 04:13 PM - edited ‎02-21-2020 11:14 AM

I have been given the task of implementing a new PIX firewall, VPN and intrusion detection (all Cisco products). I have yet to perform a task such as this and would like to take a conservative approach. I want to begin with a high-level question and will drill down with subsequent posts. The environment is a university with a large user base, both LAN/WAN and remote. I will test the solution in a lab environment first, but my question is this: I've been asked to implement in a phased approach. Should I focus on implementing the PIX first? The VPN first? Makes no difference? Thanks in advance for the help.

Labels:
0 Helpful
3 Replies 3

sajithnair
Level 1
Level 1

‎09-25-2000 03:06 PM

It depends on which product you will be choosing for

VPN.For VPN you can use VPN routers,firewalls

with VPN software, or 3000 series concentrators.

If you have large number of remote users then the

better option would be 3000 series concentrator.

Assuming you go for 3000 series concentrator then

u should concentrate on PIX first.Then afterwards

u can place concentrator in parallel with PIX without

much difficulty

0 Helpful

drollyson
Level 1
Level 1
In response to sajithnair

‎09-27-2000 09:23 AM

Thank you both for your reply - I appreciated it. We will indeed be implementing a 3060 Concentrator. As you suggested (and others), I will focus on the PIX firewall first and phase the concentrator shortly afterwards. I'll keep you posted....

0 Helpful

smalkeric
Level 6
Level 6

‎09-26-2000 08:44 AM

This is how our company would handle a situation like this. We think it's important to have design proposal for every phase of the project. It tends to make things run more smoothly. Start off with a PIX firewall and then setup the VPN to terminate at the PIX. Once you have that done you can implement Intrusion Detection. That is the logical order, but I would suggest talking to a design team before starting a project like this.

0 Helpful
Customers Also Viewed These Support Documents