PIX Questions

I'm looking at buying a PIX 506E from eBay. Will it be possible to put it under SmartNet?

One of the units I'm considering has a restricted license (see list of features below). What does this mean?

My boss would like to buy a firewall that has two WAN ports (Ethernet) so if the primary link dies, the backup link will be used. Is there a PIX that supports this scenario?

Licensed Features: Failover: Disabled VPN-DES: Enabled VPN-3DES-AES: Enabled Maximum Physical Interfaces: 2 Maximum Interfaces: 4 Cut-through Proxy: Enabled Guards: Enabled URL-filtering: Enabled Inside Hosts: Unlimited Throughput: Unlimited IKE peers: Unlimited

This PIX has a Restricted (R) license.

Reply to
Loading thread data ...

No. All PIX's are end-of-lifed. No licenses upgrades or smartnet is available for them. The ASA's have been out for quite some years, thats the currently supported hardware.

Restricted as in you don't get all the features, like no HA failover. On this particular one, it looks like unique hosts are unlimited, but other models could be restricted to 10 inside hosts, or

50 inside hosts.

You could add-on interfaces to a 515 and up. But all PIX hardware went EOS two years ago.

The ASA5505 is the current replacement, and you can easily find better deals with online stores than what eBay has. (and for used gear, most certainly find better deal from hardware resellers even on ancient EOL'd hardware than on eBay as well).

Lots of other vendors give you alot more bang for the buck than Cisco on firewalls though, with Enterprise level reliability.

I'd look first at FortiGate for firewalls, and then Juniper. Both have products that fill in quite alot between the ASA5505 and ASA5510 of Cisco and offer a lot more features.

If you are looking near the low end, the FortiGate 50B has dual WAN, can handle full wirespeed (100Mbps) firewall, and if you want to pay for some more of the subscriptions, has IPS, antivirus, antispam, etc. You can also setup HA by just buying another without additional licenses.

Reply to
Doug McIntyre

You may also want to look at Peplink's products for multi-WAN load balancing for inbound and/or outbound traffic.


Reply to

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.