RE: Replacing my old PIX Classic

[Fei Yang]

Cisco PIX 525 should be fine. It supports up to six Fast Ethernet interface, IPSec for VPN, and Intrusion detection feature. You need to pay attention to the price of the Cisco Secure Policy Manager, which is GUI rather than CLI based, if you want to have a user friendly management tool. I remember it is around $5000USD list price.   Cisco also have standalone IDS and VPN products, if you are concerned with scalability issue in the future. The CSPM can manage all Cisco's security products, including PIX, VPN, firewall router, and IDS.   Hope it is helpful. Fei.   -----Original Message----- From: Rink, Jesse [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 16, 2002 10:31 AM To: '[EMAIL PROTECTED]' Subject: Replacing my old PIX Classic Hello,   I have a PIX Firewall from Cisco that is about 4 or 5 years old. It's so old it doesn't even have a model # and the Cisco techs get confused when I call because most have never heard of this model. No access lists or anything. Anyway, the point here is that it's old. I'm looking to update my Firewall so I can have features like Intrusion Detection, VPNs, etc. Was hoping someone could point me in the rihgt direction of what firewalls to look at. My environment is as follows: 1 WAN interface (connected to a T1 line to our ISP) 2 DMZ interfaces 1 Internal interface We could have up to 700 concurrent users going outbound through the firewall at a given time. I was thinking about looking at newer PIXs, Microsoft ISA, and Checkpoint Firewall. Of course, I'm not sure where to begin. Any recommendations? PS - Where is the best site to read the current msgs to this mailing list?  I don't like them sent to my email, I'd rather read them from a URL that is updated as messages are posted.  I'm new here... J Thanks. Jesse