09-23-2002 02:15 AM - edited 03-09-2019 12:25 AM
We are looking to set up Site to Site VPN solution to connect a few (~5) small sites to our WAN. Our service provider has proposed a solution based on 1700 routers with VPN modules (at both ends). At the head end they have also given us the option of a separate firewall between the Internet and the VPN router.
What are the additional security risks (if any) of not having the Firewall (it more than doubles the cost)? Does anyone know of any white papers etc detailling the pros and cons. I have looked at the Cisco SAFE documents.
09-23-2002 02:57 PM
Hi,
Cisco SAFE documents should have details on these already, but for the most part Firewalls can provide you with layered Security, so even if the Routers could have been vunerable to a well organised attack, it will be almost impossible to make one happen with a Firewall and Access-lists applied on a Router, both implemented together to complement each other.
Hope this helps,
Regards,
Aamir
-=-=-
09-24-2002 02:13 PM
Just one question? What are the deferens of use sing a 505 firewall and 1720 with IOS firewall (IP/FW/#DES). I mine in this setup it sounds like overkill to use both.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: