Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Pre-purchase Question about PIX 515E

Reply
Thread Tools

Pre-purchase Question about PIX 515E

 
 
Cityexplorer
Guest
Posts: n/a
 
      07-20-2006
Cisco ASA 5500 Series Enterprise Editions
Cisco ASA 5500 Series Firewall Edition for the Enterprise
Cisco ASA 5500 Series Anti-X Edition for the Enterprise
Cisco ASA 5500 Series IPS Edition for the Enterprise
Cisco ASA 5500 Series VPN Edition for the Enterprise

Hmm ...so many version.. I need firewall/VPN peer/site to site VPN...

when I check their parts # ASA5510-BUN-K9 is available for both vpn and
firewall edition..

Are they actually the same ?

Dave

Peter Simons wrote:
> X-No-Archive: yes
>
> Cityexplorer wrote:
> > (E-Mail Removed) wrote:
> >
> >>Yes. Don't buy one. Get the ASA 5500. A 5510 would be comparable.

> >
> >
> >
> > too bad that it's out of our budget..
> >
> > Yes means it will fit our needs?
> >
> > Dave
> >

> Your sure
> http://www.s2s.ltd.uk/product/cisco/...sme_firewalls/
> PIX-515E-R-DMZ-BUN Cisco PIX 515E Chassis including Restricted software
> and 3 Fast Ethernet Ports. 1,420.00
>
> http://www.s2s.ltd.uk/product/cisco/...ries_solution/
>
> ASA5510-BUN-K9 ASA 5510 Appliance w/ SW, 50 VPN Peers, 3 FE, 3DES/AES
> 1310.00
>
>
>
> I know their uk prices but for similar products they are similar price.
> If their is no legacy reasons to go Pix I would go ASA
>
> (And recently have bought one to )


 
Reply With Quote
 
 
 
 
www.BradReese.Com
Guest
Posts: n/a
 
      07-20-2006
Hi Dave,

You may wish to investigate the Refurbished Cisco PIX Firewall Guide:

http://www.bradreese.com/refurbished...-firewalls.htm

As well as List Pricing and Availability of Refurbished Cisco PIX
Firewalls:

http://www.bradreese.com/cisco-inventory-search.htm

Sincerely,

Brad Reese
BradReese.Com - Cisco Repair
http://www.bradreese.com/cisco-big-iron-repair.htm
1293 Hendersonville Road, Suite 17
Asheville, North Carolina USA 28803
USA & Canada: 877-549-2680
International: 828-277-7272
Fax: 775-254-3558
AIM: R2MGrant
BradReese.Com - Cisco Technical Forums
http://www.bradreese.com/cisco-technical-newsgroups.htm

 
Reply With Quote
 
 
 
 
J
Guest
Posts: n/a
 
      07-20-2006
Cityexplorer wrote:
> Thanks for your precious information. Price in Canada is about $3235CDN
> which is cheaper than the 515E.
>
> Before I look into the details doc, what is the major advantage of
> ASA5500 over 515E?


The ASA product line is the replacement for the Pix 500 series product
line. The replacement for the 506 and 501 was introduced a week or so
ago (ASA 5505), as was the replacement for the 535 (ASA 5550). I would
expect Cisco to announce the EoL/EoS for the remaining 500 series
products in the next 6 months.

The ASAs have more encrypted and non-encrypted throughput. The ASA has
feature cards that can do virus filtering, spam filtering, phising and
other content filtering, IPS, and all sorts of other useful stuff.

Go through Cisco's website and compare the two products:

http://www.cisco.com/en/US/products/ps6120/index.html
http://www.cisco.com/en/US/products/...030/index.html

The Pix 500 series isn't listed on the main page under Security
anymore. You have to dig deeper to find any mention of them.

You could buy a Pix but it will cost you more and give you less. It
would be comparable to buying that really nice quad-PIII server you've
wanted for years for $10k when you could buy a quad-dual-core Xeon for
a couple grand less. Go with the ASA.

J

 
Reply With Quote
 
RC
Guest
Posts: n/a
 
      07-20-2006
One thing to remember is the PIX won't route between VPN tunnels. That is,
if remote-site-1 is connected to HQ and remote-site-2 is also connected to
HQ, then the two remote sights can't reach each other. The same is true for
VPN clients. They will access HQ fine but can't access the networks at
either remote site or each other. The simple fix for the remote sites is to
have a tunnel between them. As for the clients....well they don't usually
need to reach the other clients and really should be connecting to the site
they need to reach anyway.

Does the ASA 5500 series have this same "Feature"?


"www.BradReese.Com" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> Hi Dave,
>
> You may wish to investigate the Refurbished Cisco PIX Firewall Guide:
>
> http://www.bradreese.com/refurbished...-firewalls.htm
>
> As well as List Pricing and Availability of Refurbished Cisco PIX
> Firewalls:
>
> http://www.bradreese.com/cisco-inventory-search.htm
>
> Sincerely,
>
> Brad Reese
> BradReese.Com - Cisco Repair
> http://www.bradreese.com/cisco-big-iron-repair.htm
> 1293 Hendersonville Road, Suite 17
> Asheville, North Carolina USA 28803
> USA & Canada: 877-549-2680
> International: 828-277-7272
> Fax: 775-254-3558
> AIM: R2MGrant
> BradReese.Com - Cisco Technical Forums
> http://www.bradreese.com/cisco-technical-newsgroups.htm
>




--
Posted via a free Usenet account from http://www.teranews.com

 
Reply With Quote
 
Walter Roberson
Guest
Posts: n/a
 
      07-20-2006
In article <44bfad39$0$2203$(E-Mail Removed)>,
RC <rcohen _ "at" _ cominc _ "dot" _ net remove all _ and spaces> wrote:
>One thing to remember is the PIX won't route between VPN tunnels.


It will in 7.x (if so configured), which is the version PIX 515E are
sold with now.

 
Reply With Quote
 
Peter Simons
Guest
Posts: n/a
 
      07-20-2006
X-No-Archive: yes

Walter Roberson wrote:

>
> At that point, you are into cost/risk analysis. Historically there
> have been ways to "vlan hop", to trick routers or switches to
> deliver packets sourced in one vlan over into a different vlan.
> There haven't been any recent issues about that (at least not on
> reputable equipment), so it becomes a matter of risk: what is the
> probability that someone will develop a -new- vlan hopping attack,
> and what is the probability that someone will be able to (and choose to)
> exploit that attack against your network; and is the probability
> of success over a given time interval worth the extra cost?


Reasons Do not always have to be technicail they can be management Etc.

The firm may have a policy that the DMZ is on a separate interface.
Could just be the MD's bee in the bonnet. It could be its a small
organisation with the person resonsible not confident at setting up
Vlans securly.

Peter
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Move PIX 515e IOS7x config from one PIX to another? Scott Townsend Cisco 4 02-14-2007 05:49 PM
PIX 515 to PIX 515e not passing traffic Scott Townsend Cisco 6 05-25-2006 11:03 AM
Cisco System PIX 515E - Memory and PIX OS upgrade Speed3ple Cisco 0 04-04-2006 10:24 AM
Cisco PIX 6.1 (4) - Model PIX 515E Romeo Cisco 1 03-20-2006 03:26 PM
Replacing a PIX 515E with a PIX 515 Dustin Cisco 3 11-08-2005 11:06 PM



Advertisments