We use 2 Cisco PIX 501's in front of a couple of our web-servers up at a data-centre (two separate installations on different IP ranges).
Touchwood they're fine but, if we had to replace them – what are our options for an equivalent replacement today? When we bought these I remember the spec saying they would comfortably support 10,000 simultaneous connections. Is the ASA5505 the equivalent today?
[edit] I'm not against other manufacturers – just that the pix is what we have and we know a CCNA(?), albeit certified in 2003, who configures and administers our pixes.
Best Answer
As a rule of thumb, Juniper firewalls tend to be cheaper for the same feature set. I don't have a lot of direct experience with them, though. If you stick with Cisco, then an ASA 5505 would be your best bet for replacement. As far as product line goes, the 5505 is the pix501 equivalent. However, the 5505 is actually closer to spec equivalent with the 515e. That is, the 5505 supports 150Mbps throughput as opposed to the 170(?) for the pix515e. Additionally, with the ‘Security Plus’ option the ASA supports more VLANS (with trunking), H/A, and a few more connections.