From: John Conzone (jkconzone@xxxxxxxx)
Date: Tue Apr 18 2000 - 21:32:10 GMT-3
Thanks all for your responses! That was fast. The consensus is that
the PIX can do "stateful inspection" (I'm not sure I'm fully up with
that term) on the fly and open ports on the fly and do it much faster
than a router with access lists.
Now this is why I asked. I'm setting up a beta extranet demo for a
client, and they have a PIX firewall they want to use, but they are
presently using it to let 5 users and their own AS400 on their 500+
user lan to access an AS400 from a business partner (another
company).
Seem like a waste of horsepower for just 5 folks. The features you
all mention make it perfect for the extranet application. I'm thinking
of putting in a spare 4500 in its place to do the AS400 connectivity
and use the PIX for the extranet lan. Anyone see any down side?
Thanks!
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:14 GMT-3