RE: [fw-wiz] Home Environment Cisco
From: Jason Ostrom (justiceguy_at_pobox.com)
Date: 05/30/03
- Previous message: Bill Royds: "Re: [fw-wiz] Benefit of firewall over NAT-only 'protected' network"
- In reply to: Noonan, Wesley: "RE: [fw-wiz] Home Environment Cisco"
- Next in thread: clark shishido: "Re: [fw-wiz] Home Environment Cisco"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: firewall-wizards@honor.icsalabs.com Date: 29 May 2003 18:33:00 -0500
I'm unclear on what this Cisco product is being used for. Is the Layer
1 connectivity already established to your Dad's ISP via Cable Modem,
DSL, or some other dedicated circuit? Are you proposing to put the
router/firewall on the outside and connect it directly to your ISP, or
do you have a device already in place and then want to place a
Firewall/router in between this and the Internal network?
First, think about how you want to Internetwork these devices together.
And second, you mentioned you want to get good with "cisco." Would you
rather get adept at the PIX OS or Cisco IOS? It's a subtle difference,
but something to consider.
If you want a firewall and you want to get good with Cisco, Wesley
suggested the PIX 501, which is a good choice. Keep in mind that you
may not be able to connect it directly to your ISP, given the supported
hardware interfaces on the PIX.
If you want to get good with Cisco software in general (Cisco IOS), I
would suggest the 1600 or 1700 series. You can use it to learn NAT, VPN
tunnels, IP QoS, ACLs. These are the traditional SOHO access routers
that you could use to Interconnect to your ISP, depending on Layer 1
topology, and still provide some Security functionality. Also, don't
get the 2500, as suggested, not if you plan on using a Cisco support
contract to learn. The 2500 is end-of-life / not supported. It's cheap
on eBay, but you pay a price in that you wouldn't get support through
traditional means such as Cisco.
Jason Ostrom
On Thu, 2003-05-29 at 15:14, Noonan, Wesley wrote:
> I would get a PIX501. The command set isn't that much different from IOS and
> it better fits the bill of what I at least think you need - a SOHO firewall.
> HTH
>
> Wes Noonan, MCSE/CCNA/CCDA/NNCSS/Security+
> Senior QA Rep.
> BMC Software, Inc.
> (713) 918-2412
> wnoonan@bmc.com
> http://www.bmc.com
>
>
> > -----Original Message-----
> > From: Paul Robertson [mailto:proberts@patriot.net]
> > Sent: Thursday, May 29, 2003 14:30
> > To: Nathan
> > Cc: firewall-wizards@honor.icsalabs.com
> > Subject: Re: [fw-wiz] Home Environment Cisco
> >
> > On Thu, 29 May 2003, Nathan wrote:
> >
> > > List members,
> > >
> > > I seek your advice regarding which Cisco router to choose, if any. I
> > know
> > > this is a firewall list, but many of you have experience with Cisco
> > > products. So here goes...I was talking with my dad and he wants me to
> > set up
> > > a network for him at home. I have networking experience, just not with
> > any
> > > cisco products. I recommended he get just a 50 dollar router from
> > Bestbuy or
> > > something but his company is going to give him a lot of money to
> > subsidise
> > > his working from home and he wants something expensive, I think just to
> > > spend their money but who cares. I see this as an opportunity to learn
> > cisco
> > > and help my dad. He has a Solaris ultra 60, and two win98 workstations
> > at
> > > home he wants to be able to communicate, as well as have access to the
> > > internet (NAT). I can worry about the details of the internal network,
> > so my
> > > question is, which cisco router should I get for this purpose. I really
> > know
> > > nothing about Cisco, and don't feel like searching through all the
> > different
> > > models and prices if someone know the "base" cisco router. Any
> > suggestions
> > > would be nice, I can do the homework from there, I just need some model
> > > numbers to look at.
> >
> > Anything that'll do VoIP would be my choice, if it's got modules, then you
> > can pick interfaces. Cisco's site is one of the better ones out there,
> > and it's worth spending some time on.
> >
> > Paul
> > --------------------------------------------------------------------------
> > ---
> > Paul D. Robertson "My statements in this message are personal
> > opinions
> > proberts@patriot.net which may have no basis whatsoever in fact."
> > probertson@trusecure.com Director of Risk Assessment TruSecure Corporation
> >
> > _______________________________________________
> > firewall-wizards mailing list
> > firewall-wizards@honor.icsalabs.com
> > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
-- Jason Ostrom <justiceguy@pobox.com> _______________________________________________ firewall-wizards mailing list firewall-wizards@honor.icsalabs.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Bill Royds: "Re: [fw-wiz] Benefit of firewall over NAT-only 'protected' network"
- In reply to: Noonan, Wesley: "RE: [fw-wiz] Home Environment Cisco"
- Next in thread: clark shishido: "Re: [fw-wiz] Home Environment Cisco"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
