Scenario III is probably the most recommended. It is incorrect to say that the VPN Concentrator does not have filtering capabilities. It generally only allows traffic in its public interface necessary for VPN connections, so it is not any more inherently insecure as a PIX. It does not have all of the capabilities of the PIX however, so if you need a true firewall I'd go with a firewall (not necessarily a PIX, I personally think they suck, go with a Check Point).
Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -----Original Message----- From: Mr piyush shah [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2003 7:08 AM To: [EMAIL PROTECTED] Subject: Re: Difference between Cisco VPN and PIX Firewall [7:75235] Hello all Can I know what is the Cisco PIX and that of a Cisco VPN 3000 in terms of performance? As I am planning to implement VPN with either VPN Concentrator or PIX,however I was told that if you implement only VPN Concentrator instead of PIX ,then you may get VPN connectivity but you will not be able to implement the filtering functionalities which are required .In case of PIX I may get both VPN as well as as filtering of unwanted traffic thereby changes of hacking sessions are less. Is this true. I am confised .Kindly help me. Also which one should consider to be the best scenario for implementation ? I am giving the 3 scenario below.If there is any scenario better than this pls get me know ewith the pros and cons of that one.Also equest you to know me the pros and cons of this scenarios also. aThnaks in advance. Scenario I Scenario II Scenario Internet Internet Internet | | | VPN Concentrator Firewall Firewall--VPN | | | Concntrtr | | | | LAN VPN LAN _____| Concentrator ________________________________________________________________________ Yahoo! India Matrimony: Find your partner online. Go to http://yahoo.shaadi.com **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75244&t=75235 -------------------------------------------------- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
