What Appliance Should I Consider

rbender · ‎12-04-2007

I have 5 (soon to be 8) PowerEdge servers that I want to firewall and have only certain ports (HTML, RDC, FTP) open. Each server has its own IP on the web. Wire comes in, goes to a 3COM switch, then to individual Linksys routers, then to the Servers. I want to eliminate the individual routers and go with a single device for all the servers. What do you recommend keeping in mind that just opening a couple ports is really all we have to do ?

JORGE RODRIGUEZ · ‎12-04-2007

Bob, it all depends what other requirement there may be in future for your network , do you have current baseline of network utilization, I mean how busy are these power edge servers in terms of port and overall utilization? need any other features like device failover capabilities etc.. if just eliminating individual routers you could go with ASA5505 firewall with security plus license to support DMZ, I know you did not mention about DMZ but good to have the capability there, how many subnets needed? as this firewall can support up to 20 vlans using dot1q standard, if you need more vlans the the 5510 would be your next choice,.. refer to link bellow for models.. to see features per model.. I believe 5505 should be good, I currently support a firewalled network within our regular network with 20 heavy duty QA application testers for inbound and outbound connections and I am using a PIX506E not ASA which is much more advanced firewall and I have no complains ..

http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html

HTH

Jorge

Jorge Rodriguez

rbender · ‎12-04-2007

thank you Jorge for your comments. We are very basic here (as is my networking knowledge) and we only need to support HTTP, HTTPS, RDC and SMPT. Future needs don't get much more complicated than that. Just want to scale to perhaps 8 servers in the near future.