You should be fine, the firewall, NAT etc will continue to operate, you just lose the extra features - like VPN capabilities (same as you get before you register it).
Hardware Firewall
- Thread starter Twirlywoos
- Start date
You should be fine, the firewall, NAT etc will continue to operate, you just lose the extra features - like VPN capabilities (same as you get before you register it).
I currently run a 5510 with anyconnect vpn. Its plugged into a BT open reach modem supplying FTCC. For me its great as I'm playing with the same kit I work with everyday at work. This allows me to try and test new things. This means I have a guest WiFi, DMZ and home network.
I am at currently planning to put the IPS module in. Why? Because I can.
Who ever says the asdm is crape needs to try it again. Its a wonderful tool and makes managing mass NAT and ACLs easy.
As what to buy the 5505 is a great beginners choice.
I am at currently planning to put the IPS module in. Why? Because I can.
Who ever says the asdm is crape needs to try it again. Its a wonderful tool and makes managing mass NAT and ACLs easy.
As what to buy the 5505 is a great beginners choice.
ASDM is no doubt easier than using the CLI for managing large sets of rules, but as a GUI it's as bad as anything else Cisco have done. Other firewall vendors manage to present similar information but without needing a Java application to do it.
Make a build thread please, because I'm very interested in seeing what you do as I'm looking into building a pfsense box myself.
Oh I agree with that, but again to me UTM is different yet again to a Firewall
UTMs, next gen firewalls and IPS device to me will indeed do the traffic scanning stuff, and depending what the device is some are more effective than others
- Joined
- 8 Jan 2010
- Posts
- 10,263
- Location
- UK
I have a firewall enabled on the Opeanreach Huwaei modem, Asus Router and then MS Firewall on my Windows PC. I would like one device to manage the entire network at home and if possible be 1U size to fit in my cabinet. Protecting my home server is important even if content is backed by RAID arrays.
Oh I agree with that, but again to me UTM is different yet again to a Firewall
UTMs, next gen firewalls and IPS device to me will indeed do the traffic scanning stuff, and depending what the device is some are more effective than others
I see UTM as the new word for firewall really. When people talk of buying a firewall then generally they are after something a bit more capable than blocking or allowing traffic.
I see UTM more in the smaller business/branch office space as they are generally jack of all (security/network) trades, tends to have some 'extra' stuff in there over a next gen firewall/IPS such as antivirus, email anti-spam, web filtering, maybe even things like DLP although a some of the NGFW and NGIPS can do this to a point as well.
But agree nowadays when people say Firewall it's rather more than what they were back in the day.
Definitely see it in RFPs from customers with some of the stuff they want in a product, UTM like capability, forensics, anti-malware etc.
Sometimes though do wonder what customers think they are able to get out of buying just the one box, and for the prices they want to pay, moon on a stick comes to mind!
Here I am again with my little trumpet. Mikrotik make some reasonable hardware, although not a "dedicated" firewall and they are more routers or switches with the functionality. We have deployed a few to some small businesses.
I use one at home and have VPN functionality. The firewall is very good, incredibly flexible and I use it to split out the guest network.
I've just deployed one as a VPN end point so have made a heavy use of the built in firewall as it is keeping 3 separate networks from getting to each other whilst giving the VPN access to route from one network to another.
Brilliant kit IMO
I use one at home and have VPN functionality. The firewall is very good, incredibly flexible and I use it to split out the guest network.
I've just deployed one as a VPN end point so have made a heavy use of the built in firewall as it is keeping 3 separate networks from getting to each other whilst giving the VPN access to route from one network to another.
Brilliant kit IMO
Basically it depends on the person you are talking to and the vendor terminology
I see inspection of SSL traffic being offered by boxes targeted at 20-person companies and have a good laugh though.
Yup! Everyone has their own terminology, most of it means the same things one way or another
Is it Cyberoam that we're offering that a while ago if I remember, was ages ago I looked at them though.
I also love when you see UTM/NGFW device specs and see what the performance is when you actually start switching everything on
Last edited: