>> Hello, >> >> I have a PIX Firewall from Cisco that is about 4 or 5 years >> old. It's so old it doesn't even have a model # and the Cisco techs get >> confused when I call because most have never heard of this model. No access lists or >> anything. Anyway, the point here is that it's old. >> >> I'm looking to update my Firewall so I can have features >> like Intrusion Detection, VPNs, etc. Was hoping someone could point me in the rihgt >> direction of what firewalls to look at. >> >> My environment is as follows: >> 1 WAN interface (connected to a T1 line to our ISP) >> 2 DMZ interfaces >> 1 Internal interface >> >> We could have up to 700 concurrent users going outbound through the >> firewall at a given time. >> >> I was thinking about looking at newer PIXs, Microsoft ISA, and >> Checkpoint >> Firewall. Of course, I'm not sure where to begin. Any >> recommendations?
First I don't think we can compare FW1 with ISA, please !!! and FW1 is not an application/proxy firewall but a statefull firewall ... If you need an application/proxy firewall you may look the axent/raptor firewall (now symantec enterprise firewall). If you want a software statefull firewall, FW1 is the best choice ... I think For hardware firewall, you may look at netscreen, best firewalling and VPN performance and interresting features (traffic shaping, VPN 3DES/AES + NATT, HA (start NS50), attack protection ...). It's not the only one on the market but look at it. No PC to buy, don't depend on well known OS layer, no user restriction ... FT _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
