Re: Difference--- firewall and routers

pankajs · ‎10-15-2005

Its a very general question, i want to know the difference between a general firewall and Cisco routers. If I am correct then most of the security features are available on Cisco routers.

jackko · ‎10-15-2005

i prefer a pix whenever possible as it is specially designed for security; whereas firewall feature set is an add-on for the routers. e.g. a remote branch with a single internet link establishing a vpn back to the central site. i would choose a pix as there is not much routing involved.

from my personal experience, pix just handles vpn better than router in terms of stability and flexibility.

e.g. when modifying the acl for no-nat, with pix you can add the new line and then delete the old line; whereas with routers, you need to delete the existing ip translation, un-apply the route-map and then modify the no-nat acl.

regarding the firewalling, pix is very simple as you only need 6 basic commands to secure your network; whereas with router, just by reading the cisco forum, you will be surprised how many issues you may have with cbac feature.

joaquimlopes · ‎10-24-2005

hi,

i guess the main reason is that pix as special kind of hardware and stripped down software, improved for speed using some security algorithms with dedicated asics like when using Des and is limited and therefor probably more stable than a general use router that has to do all kind of functions