Device comparable to PIX 506E?

m-jankowski · ‎07-02-2009

With the end of life of the 506e, I was wondering what device I should move to next to maintain operations here. I currently run site to site traffic with 11 different locations. Each run a PIX. I'm thinking about upgrading to a 2821 series router in the future to run the main hub, but I need a new solution for my remote sites.

Any ideas?

xcz504d1114 · ‎07-02-2009

ASA 5505's work nicely, I substitute them for PIX's all the time. Just make sure you get the appropriate licensing, if I remember correctly the least expensive 5505 version only allows 8 concurrent connections.

Thotsaphon Lueangwattanaphong · ‎07-02-2009

Michael,

You may think of ASA firewall for doing the same task like Pix. Cisco 2821 router is a good idea if you plan to use this for Hub router. Cisco 2821 router can do site to site vpn as well. You need a particular IOS feature set. But router will do things about encrypt/decrypt in software. ASA is designed to do things like that in hardware. So I'd recommend you to use ASA to do firewall functions. When you want to use a Hub design. let's select a new router to do so.

Aside note: Cisco 2821 router can do firewall functions as well. But I still recommend you to use 2 devices for your design. I'm not a cisco sale by the way.(grin)

ASA is here: http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html

HTH,

Toshi

xcz504d1114 · ‎07-02-2009

Toshi made a good point, the hub sites don't necessarily need a firewall to do the VPN. Depending on budget, the 1800 series works well also, I use 1811's for my remote users, if you need T1 interfaces you have to use the modular model, the 1841.

Craig