I'm looking to replace my company's firewall with something more up-to-date. We're currently using something built by a consultant from various pieces he kludged together (Linux, ip tables, etc.) and we're looking for something more robust, maintainable, and with vendor support.
I'm considering either a Cisco ASA 5510 or a Juniper SSG 140. We have people in house familiar with both the PIX/ASA and Netscreen, so that's not a factor in the decision.
Our network environment is a fractional T3 feeding two DMZ zones (one for public servers and one for a wireless LAN), and about 35 users on a
100 Mbps LAN behind a Nortel managed switch.We don't currently have VPN capabilities, but would like to add this to support access to our network by employees working from home or on the road.
Which of these two choices will provide better firewall performance, VPN support, and overall value over the next 3-4 years?
Anyone have any opinions regarding Cisco vs. Juniper firewalls in general? Horror stories, etc?