Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Please advise PIX or ASA

Hi

Could I have your thoughts on what is the best option as a firewall/VPN appliance. The network I'm looking to deploy the appliance on has a Webserver and a Mail server with Outlook Web access that require outside access. There are a few servers that have a requirement for remote access also, so I was thinking of using 3DES IPSec VPN tunnels for users to access the LAN.

I have used and configured PIX 515 firewalls before on networks using Cisco VPN Client software to access the LAN remotely, so I am to a degree familliar with this technology. But I'm not however familliar with the ASA appliances and was hoping for an opinion on what is the most cost effective, straight forward and easiest to deploy?

Many thanks

Mark

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Please advise PIX or ASA

Mark,

I would definately recomend that you integrate the new ASA product versus the PIX, as you may already be aware that PIX platforms have reached End Of Life. If you were in a scenario where you were utilizing PIX515 and were looking into additional features that PIX 6.3.5 code does not provide then it would be feasable to upgrade code to 7.x-8.x on 515 for example to take advantage of much reacher features in code 7.x and above. But it seems this is not the case, if you are looking to implement a new security applience look into ASA5500 series.

If you are familiar with PIX you will be fine, of course, there are new features to learn and totally new architecture but the basic concept of firewalling and traffic control remains the same. All your requirements such as L2L VPNs, RA VPNS can be accomplish in addition to other great features you would never see in code 6.3.5.

The most important point is to integrate a new platform, not one that has reach end of life, that is my personal opinion.

ASA Platforms

http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html

Rgds

Jorge

3 REPLIES

Re: Please advise PIX or ASA

Mark,

I would definately recomend that you integrate the new ASA product versus the PIX, as you may already be aware that PIX platforms have reached End Of Life. If you were in a scenario where you were utilizing PIX515 and were looking into additional features that PIX 6.3.5 code does not provide then it would be feasable to upgrade code to 7.x-8.x on 515 for example to take advantage of much reacher features in code 7.x and above. But it seems this is not the case, if you are looking to implement a new security applience look into ASA5500 series.

If you are familiar with PIX you will be fine, of course, there are new features to learn and totally new architecture but the basic concept of firewalling and traffic control remains the same. All your requirements such as L2L VPNs, RA VPNS can be accomplish in addition to other great features you would never see in code 6.3.5.

The most important point is to integrate a new platform, not one that has reach end of life, that is my personal opinion.

ASA Platforms

http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html

Rgds

Jorge

New Member

Re: Please advise PIX or ASA

Hi Jorge

Thanks for the advise, makes perfect sense!

Regards

Mark

Re: Please advise PIX or ASA

Mark, you are very welcome.

Rgds

Jorge

111
Views
0
Helpful
3
Replies
CreatePlease to create content