Hello - We are considering this firewall to go behind our Cisco 1600 router which handles our T1. We have several public IPs which are mapped to internal NATed addresses, as well as port maps. We basically have a few webservers, an email server, allow ssh to one machine, ftp to another, etc.
I have a few questions before buying the 506e:
Can it do NAT?
Can it handle mapping/portmapping our public IPs to private ones, assuming it can do NAT?
Can I configure this via a web interface, or must I use the CLI (and commands) to do the above config; or can I generate the config via some software program?
Can I have an additional router behind the firewall (which itself is behind the Cisco 1600 router) and assign this new router one of my public IPs, and that router does its own NAT and portmapping?
Does the fact that there are only two interfaces make any of this difficult?
Will it do DHCP?
The reason we are wanting a firewall (aside from being able to control it ourself, and for the other benefits) is to see if we can gain better insight into some network problems we are having (mainly spikes in bandwidth, in and out, and it maxing it out), does the 506e have robust logging, to help determine the source and destination addresses/ports of the problematic traffic?
Do the DDoS and flood thwarting capabilities work?
Would the lower-end 501 be capable of all this? I have heard it is a bit slower in many respects, including VPN encryption/decryption.
Thanks for any info., s7