Re: PIX 506E vs NetScreen 5XP/5XT

From: Derek Nash (derek@nashworld.net)
Date: 03/24/03 

From: "Derek Nash" <derek@nashworld.net>
Date: Mon, 24 Mar 2003 12:43:39 -0600

I work for reseller that sells both Cisco and NetScreen. I am certified
under both the PIX and the NetScreen. I prefer the NetScreen products for
the following reasons:

1. Faster Performance (Firewall and VPN Throughput)
2. Better GUI and CLI (In my opinion)
3. Better VPN support, although PIX OS 6.3 is suppose to fix a lot of these
issues.
4. No NAT requirement
5. More secure in my opinion. Both the OS, VPN Client, and ICMP support.
6. Lower learning curve.
7. Support for OSPF/BGP on the 5XT and up
8. Support for AES
9. 5XT supports a Quasi DMZ
10. Better price point.

Some areas where the Cisco Accels:

1. Tough to beat Cisco TAC for support.
2. More extensive IDS features builtin on the PIX.
3. Better price point assuming you don't need 3DES

With all being both are decent products. Hope that helps!

Derek; MCSE, CCSP, NCSA

"D. P. Bullington" <dpbullington@hotmail.com> wrote in message
news:A2sfa.90848$Kc5.3921834@news2.east.cox.net...
> I am looking for recomendation on wheteher to obtain a PIX 506E vs
NetScreen
> 5XP/5XT for our small business w/T1 and some web hosting. I like the PIX
> because its a Cisco and seems solid, but I like the Netscreens because
they
> offer L2 transparent briding modes. With the PIX, the NAT would be the
only
> way to go but we would rather not use NAT and have a transparent firewall
so
> we can public address our inside network. Thoughts would be
appreicated..on
> ease of config, performacne, reliabillity, security, etc.
>
> Thanks,
>
> DPB
>
>

Relevant Pages

  • Re: [fw-wiz] insecurity in internet connection thro cable modems
    ... GlobalPro makes it easier to maintain a fleet of Netscreens. ... Netscreen IPSec with Cisco PIX, Cisco IOS, Checkpoint, Cisco VPN3k, FreeSWAN; ... Support for preshared keys, x509 certs, ldap auth, and securid ...
    (Firewall-Wizards)
  • RE: [fw-wiz] insecurity in internet connection thro cable modems
    ... missed something in the config or docs), I found that I was unable to get it ... I just kind of feel like netscreen is about where the PIX was 2 ... > Netscreen IPSec with Cisco PIX, Cisco IOS, Checkpoint, Cisco VPN3k, ... >> bunch of PIXen than it is to maintain a bunch of netscreens. ...
    (Firewall-Wizards)
  • RE: Server Response 550 5.7.1 Message Rejected even though we auth
    ... I would've never thought to look at the PIX as the problem. ... My brother-in-law works for Cisco and in chatting with him tonight he said ... I cannot log on the SMTP server. ... > Microsoft Online Partner Support ...
    (microsoft.public.exchange2000.admin)
  • Re: Considering Cicso Pix 501 for home firewall---need info
    ... - If you want to use the graphical interface to configure the PIX, ... - If you want support after that time, you would need to obtain a support ... probably not be given the 6.3update: Cisco would instead likely ... with a 10 user license, a 50 user license, or an unlimited license. ...
    (comp.security.firewalls)
  • Re: PIX 506E vs NetScreen 5XP/5XT
    ... the firewall and the VPN client. ... > I work for reseller that sells both Cisco and NetScreen. ... Both the OS, VPN Client, and ICMP support. ... >> because its a Cisco and seems solid, but I like the Netscreens because ...
    (comp.security.firewalls)