Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Looking for Firewall/VPN advice

I the network engineer for a company with about 150 users at the corp. site and 102 stores nationwide. The stores have at least five computers per location. We are in the process selecting a broadband ISP for DSL services at all 102 stores.

We are also replacing our firewall with a PIX unit.

I can visualize the network, but just wanted to toss some questions out there:

Which VPN concentrator would best fit our organization?

I would like to do site to site VPN's. Will I need PIX 501's at each site or can I use VPN client?

Which Firewall will best fit our organization?

Do I need a 3DES Firewall?

Because we will have multiple T1's (probably 3)at the host site will our existing Cisco 3640 router be suficient?


Re: Looking for Firewall/VPN advice

pix 501s at each site will work great. you do not want to support software vpn clients on all of those machines. That said, what hardware will the broadband ISP be providing for customer premises equipment? If it is a cisco router (even a low end one), with a minor upgrade it may be able to run an IOS with IOS firewall and IPSec support.

For concentrators, you would want to think about redundancy, and how much throughput you will need.

3des is now a free option on PIXen - it is no longer an extra license fee. 3des is a best practice - there is no reason to use DES in a new deployment.

CreatePlease to create content