[ale] OT: Firewall purchase
Chris Fowler
cfowler at outpostsentinel.com
Wed Jul 7 12:25:40 EDT 2004
How does a DMZ port work with only one public IP? Do you NAT everything
to the DMZ host?
On Wed, 2004-07-07 at 11:40, Jonathan Rickman wrote:
> > -----Original Message-----
> > From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On
> > Behalf Of David Hamm
> > Sent: Tuesday, July 06, 2004 7:32 PM
> > To: Atlanta Linux Enthusiasts
> > Subject: Re: [ale] OT: Firewall purchase
> >
> > Sure, the network be hind the firewall is Frame-Relay, all
> > the remotes come back through the firewall for internet
> > access. I chose ospf since there were version conflicts with
> > RIP. Now that OSPF is up and running I've found I like it.
> > Its faster and more flexible.
>
> Do you need a DMZ port?
> How much total throughput do you need?
> 3DES or DES?
> VPN Throughput?
> Number of clients?
> Number of remote VPN sessions?
>
> A Cisco PIX will take care of your needs handily and you'd be surprised at
> how robust the entry level units are. A lot of folks shy away from the PIX
> because of percieved expenses. PIX solutions start in the $400 range. Many
> folks skim right past the 501 and 506 because they can't believe that that
> itty bitty wittle box can handle their big manly network. :) Sure, pricing
> is high from the 515 on up, but the entry models fit the bill nicely for
> some pretty big networks. In my opinion, if the network you are describing
> is so big/busy that a PIX 501 or 506 can't handle it, then you can afford to
> come off the dime. Of course, this does mean that user licensing comes into
> play, but it is not really that bad overall. If you can answer those
> questions definitively, I'll give you the exact model number and price.
>
> --
> Jonathan
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list