I hope you are not being serious about '3rd party' firewalls.... I'm not saying you shouldn't study pix if you want the cert....but resume's are much more impressive the more firewalls you have under you belt. Especially firewalls that are more capable than pix.
Of course if your company does not plan on using DCOM or any other proprietery protocols, then pix will be fine.. (although it's still expensive) be careful with your planning though...pix's security strategy is based on NAT....static in from a lower level interface and dynamic out from a higher security interface... (and variances thereof) It does not truly route traffic like other firewalls... A way around this is the use of NAT 0, but then even Cisco tac does not reccomend this configuration for highly utilized interfaces. -Patrick >>> "Brian Zeitz" 02/07/02 11:21AM >>> Netscreen wont help me with the Pix exam, or the cisco VPN exam or the CCNP exams :) I like using Cisco stuff cause it's a standard, you can find information on there site (and groups like this, thanks) when things go bad. I am not big on any 3rd party stuff, because when you go to an interview, its more likely they will have Cisco then any other product for real networking :) Anyway, thanks for the suggestion, but I don't think that will fly by the CTO. -----Original Message----- From: Patrick Ramsey [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 07, 2002 11:03 AM To: [EMAIL PROTECTED]; Brian Zeitz Subject: Re: 3DES [7:34754] ya know... I'm not trying to shoot pix down...but for the small office..I would not even go that route....Go netscreen.... they can do NAT, transparent bridging, and normal firewalling and they are not expensive. (and a snap to set up) Not to mention that they support site to site or site to user vpns out of the box practically...(extremely easy to set up!) $.02 -Patrick for what it's worth we use border manager, severeal netscreens and two pix 535's in failover.. ;) >>> "Brian Zeitz" 02/07/02 10:38AM >>> I have been looking at routers/firewalls. I am thinking of going with the 2611 with a ADSL card, I also want to get a 515. Our office is not that big yet, but I want to plan for the future. I see that the Pix 515R only does DES, but doesn't do 3DES. But when I buy the router, I can get it with 3DES. I am just kinda confused, where is the best place to use 3DES, on the firewall, or on the router? Or it doesn't matter. The way I see it, if I wanted to do 3DES on the firewall with the 515, I would have to buy the 515UR, which is about 10K. I don't really need the thoughput for 100,000 users just yet though. Any suggestions on this? Thanks in advance... Brian Zee MCSE, CCNA, A+ >>>>>>>>>>>>> Confidentiality Disclaimer >>>>>>>>>>>> Confidentiality Disclaimer <<<<<<<<<<<<<<<< This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. ("WellStar") and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. ================================================================ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=34764&t=34754 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
